Thursday, April 5, 2007

Microsoft releases patches for several GDI vulnerabilities including the new ANI vulnerability

This update is outside Microsoft's standard security update cycle thus clearly sends a message of the seriousness of these issues.

Customer using Windows should do Windows Update and/or read this article http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx where you can find more information about the patches available.

This KB article updates the following exploits/vulnerabilities:
1. GDI Local Elevation of Privilege Vulnerability
2. WMF Denial of Service Vulnerability
3. EMF Elevation of Privilege Vulnerability
4. GDI Invalid Window Size Elevation of Privilege Vulnerability
5. Windows Animated Cursor Remote Code Execution Vulnerability
6. GDI Incorrect Parameter Local Elevation of Privilege Vulnerability
7. Font Rasterizer Vulnerability

No comments: