The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.
MS08-024 – Critical
http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx
Executive Summary
This security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The security update is rated Critical for all supported releases of Internet Explorer. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The update removes the vulnerability by modifying the way that Internet Explorer processes data streams. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information.
Recommendation. Microsoft recommends that customers apply the update immediately.
Known Issues. Microsoft Knowledge Base Article 947864 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.
MS07-040 – Critical
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
Executive Summary
This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update addresses two vulnerabilities by modifying the way .NET Framework addresses buffer allocation. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Recommendation: Microsoft recommends that customers apply the update immediately.
Known Issues: Microsoft Knowledge Base Article 931212 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.
