You are currently offline, waiting for your internet to reconnect

MS07-042: Vulnerability in Microsoft XML Core Services could allow remote code execution

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Office 2003 has ended

Microsoft ended support for Office 2003 on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
INTRODUCTION
Microsoft has released security bulletin MS07-042. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
MORE INFORMATION

Service pack information

The problem that is addressed by this security update is now corrected in Microsoft Office 2003 Service Pack 3 (SP3).

For more information about how to obtain the latest service pack for Microsoft Office 2003, click the following article number to view the article in the Microsoft Knowledge Base:
870924How to obtain the latest service pack for Office 2003

Known issue with this security update

941833 An update is available that improves the compatibility and the reliability of Microsoft XML Core Services 4.0 Service Pack 2 on a Windows Vista-based computer

Additional packages for this security update

The security update packages for this release use the update that is associated with this Microsoft Knowledge Base article (936227) and the updates that are associated with the following Knowledge Base article numbers:
933579 MS07-042: Description of the security update for Microsoft XML Core Services 6.0: August 14, 2007
936021 MS07-042: Description of the security update for Microsoft XML Core Services 3.0: August 14, 2007
936181 MS07-042: Description of the security update for Microsoft XML Core Services 4.0: August 14, 2007
936048 MS07-042: Description of the security update for Office 2003: August 14, 2007
936960 MS07-042: Description of the security update for the 2007 Microsoft Office system: August 14, 2007
936056 MS07-042: Description of the security update for 2007 Microsoft Office system servers: August 14, 2007
The 936227 security update packages for this release set the "kill bit" on supported Microsoft Windows 2000 systems for the MSXML 2.6 CLSIDs that are listed in the following table.
GUID Symbolic name
f5078f22-c551-11d3-89b9-0000f81fe221 CLSID_XMLDocument26
f5078f1b-c551-11d3-89b9-0000f81fe221 CLSID_DOMDocument26
f5078f1c-c551-11d3-89b9-0000f81fe221 CLSID_FreeThreadedDOMDocument26
f5078f1d-c551-11d3-89b9-0000f81fe221 CLSID_XMLSchemaCache26
f5078f1e-c551-11d3-89b9-0000f81fe221 CLSID_XMLHTTP26
f5078f21-c551-11d3-89b9-0000f81fe221 CLSID_XSLTemplate26
f5078f1f-c551-11d3-89b9-0000f81fe221 CLSID_DSOControl26
f5078f20-c551-11d3-89b9-0000f81fe221 CLSID_XMLParser26
f5078f28-c551-11d3-89b9-0000f81fe221 CLSID_Viewer26
f5078f29-c551-11d3-89b9-0000f81fe221 CLSID_BufferedMoniker26
f5078f26-c551-11d3-89b9-0000f81fe221 CLSID_XSLPatternFactory26
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000
Properties

Article ID: 936227 - Last Review: 09/30/2011 01:44:00 - Revision: 4.0

Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Web Server 2008, Windows Vista Service Pack 1, Windows Vista Business, Windows Vista Enterprise, Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Ultimate, Windows Vista Starter, Windows Vista Enterprise 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows Server 2003, Standard x64 Edition, Microsoft Windows Server 2003, Enterprise x64 Edition, Microsoft Windows Server 2003, Datacenter x64 Edition, Microsoft Windows XP Professional x64 Edition, Microsoft Windows XP Service Pack 3, Microsoft Office SharePoint Server 2007, Microsoft Office Basic 2007, Microsoft Office Home and Student 2007, Microsoft Office Professional 2007, Microsoft Office Professional Plus 2007, Microsoft Office Small Business 2007, Microsoft Office Standard 2007, Microsoft Office Ultimate 2007, Microsoft Office 2003 Service Pack 2, Microsoft Office Word Viewer 2003

  • atdownload kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix KB936227
Feedback
body>