MS07-048: Vulnerability in Windows Gadgets could allow remote code execution

This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released security bulletin MS07-048. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

Known issues with this security update

After you install Windows Gadgets security update 938123, you may experience the following issues in the RSS Feeds Gadget.
  • Text in the RSS Feed Gadget's headline does not change from bold text to plain text until the next refresh occurs in Gadget.
  • RSS Feed Gadget's headline is truncated and is shown as one line with ellipses. A new line is present in the title.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
941099 The headline of the RSS Feed Gadget in Windows Vista is displayed incorrectly after you install security update 938123
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Article ID: 938123 - Last Review: 01/16/2015 09:39:47 - Revision: 2.0

  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Starter
  • Windows Vista Ultimate
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • kbnosurvey kbarchive kbvistasp1fix kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix KB938123