Microsoft issues five patches, one affecting Vista

Microsoft has released its April 2007 security bulletin, which includes five updates: Four are listed as critical, and one is listed as important. Four of the patches affect Microsoft Windows, with one critical patch including Windows Vista. One of the patches affects Microsoft Client Management Server. None of the patches this month include Microsoft Office. To keep your Windows XP SP1 system secure, update to Windows XP SP2 today. All Microsoft security patches for Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.

MS07-018: Critical
Entitled "Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)," this bulletin affects users of Microsoft Content Management Server 2001 and 2002, and addresses the vulnerabilities detailed in CVE-2007-0938 and CVE-2007-0939. Successful exploitation could lead to remote code execution.

MS07-019: Critical
Entitled "Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)," this bulletin affects users of Microsoft Windows XP Service Pack 2 and x64, but does not affect Windows 2000 SP4, Windows Server 2003, or Windows Vista, and addresses the vulnerability detailed in CVE-2007-1204. Successful exploitation could lead to remote code execution.

MS07-020: Critical
Entitled "Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)," this bulletin affects users of Windows 2000 (SP4), Windows XP (SP2 and x64), and Windows Server 2003 (SP1 and x64), but does not affect Windows Vista, and addresses the vulnerability detailed in CVE-2007-1215. Successful exploitation could lead to remote code execution.

MS07-021: Critical
Entitled "Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)," this bulletin affects users of Windows 2000 (SP4), Windows XP (SP2 and x64), Windows Server 2003 (SP1 and x64), and Windows Vista, and addresses the vulnerabilities detailed in CVE-2006-6696, CVE-2006-6797, CVE-2007-1209. Successful exploitation could lead to remote code execution.

MS07-022: Important
Entitled "Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)," this bulletin affects users of Windows 2000 (SP4), Windows XP (SP2 ), Windows Server 2003 (SP1), but not Windows XP x64, Windows Server 2003 x64, and Windows Vista, , and addresses the vulnerability detailed in CVE-2007-1206. Successful exploitation could lead to remote code execution.
 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

CNET's giving away a 3D printer

Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.