Details on recent Microsoft vulnerabilities

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Windows Media Player, Office, Office for Mac, XML Core Services, Visual Basic, Virtual PC, and Virtual Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

• Microsoft Security Bulletin – Summary for August 2007
• US-CERT Technical Cyber Security Alert – Microsoft Updates for Multiple Vulnerabilities (TA07-226A)

Vulnerability information:

1) Microsoft Internet Explorer substringData() Heap Overflow Vulnerability

2) Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability

3) Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting Vulnerability

4) Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability

5) Microsoft Internet Explorer VGX.DLL Compressed Content Heap Overflow Vulnerability

6) Microsoft Windows Metafile AttemptWrite Heap Overflow