Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
Microsoft has released security bulletin MS07-042. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
The problem that is addressed by this security update is now corrected in Microsoft Office 2003 Service Pack 3 (SP3).
For more information about how to obtain the latest service pack for Microsoft Office 2003, click the following article number to view the article in the Microsoft Knowledge Base:
870924How to obtain the latest service pack for Office 2003
Known issue with this security update
941833 An update is available that improves the compatibility and the reliability of Microsoft XML Core Services 4.0 Service Pack 2 on a Windows Vista-based computer
Additional packages for this security update
The security update packages for this release use the update that is associated with this Microsoft Knowledge Base article (936227) and the updates that are associated with the following Knowledge Base article numbers:
933579 MS07-042: Description of the security update for Microsoft XML Core Services 6.0: August 14, 2007
936021 MS07-042: Description of the security update for Microsoft XML Core Services 3.0: August 14, 2007
936181 MS07-042: Description of the security update for Microsoft XML Core Services 4.0: August 14, 2007
936048 MS07-042: Description of the security update for Office 2003: August 14, 2007
936960 MS07-042: Description of the security update for the 2007 Microsoft Office system: August 14, 2007
936056 MS07-042: Description of the security update for 2007 Microsoft Office system servers: August 14, 2007
The 936227 security update packages for this release set the "kill bit" on supported Microsoft Windows 2000 systems for the MSXML 2.6 CLSIDs that are listed in the following table.
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000