Sourcefire Delivers Protection for Today's Microsoft Vulnerabilities

Sourcefire announces that the Sourcefire Vulnerability Research Team has delivered rules to protect Sourcefire customers and Snort users from seven Microsoft vulnerabilities announced earlier today. These vulnerabilities impact Microsoft Windows, Internet Explorer, Office for Mac, Visual Basic, and XML Core Services.

Within hours of Microsoft's latest disclosure, the Sourcefire VRT created, tested and delivered Snort rules to help protect users from the Microsoft vulnerabilities listed below. These new rules are designed to detect attacks targeting these vulnerabilities and are included in the latest Sourcefire Security Enhancement Update released today.

- Microsoft Security Bulletin MS07-042 — Critical Microsoft Windows vulnerability could be exploited through attacks on Microsoft XML Core Services, potentially allowing for remote code execution.
- Microsoft Security Bulletin MS07-043 — Critical Microsoft Windows, Visual Basic and Office for Mac vulnerabilities could be exploited through attacks on Object Linking and Embedding (OLE), potentially allowing for remote code execution.
- Microsoft Security Bulletin MS07-044 — Critical Microsoft Office vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Excel file.
- Microsoft Security Bulletin MS07-045 — Critical Microsoft Windows vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer.
- Microsoft Security Bulletin MS07-046 — Critical remote code execution vulnerability exists in the Graphics Rendering Engine in the way that it handles specially crafted images. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
- Microsoft Security Bulletin MS07-047 — Important Microsoft Windows vulnerabilities could allow code execution if a user viewed a specially crafted file in Windows Media Player.
- Microsoft Security Bulletin MS07-050 — Critical vulnerability in the Vector Markup Language implementation in Microsoft Windows. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer.
posted on Sunday, August 19, 2007 6:15 AM by isnaini

Comments