Home / bulletins MS07-033 - Critical: Cumulative Security Update for Internet Explorer (933566) - Version:1.2
Posted on 27 June 2007
CriticalSeverity Rating: Critical - Revision Note: Registry Key Verification corrected for Internet Explorer 6 Service Pack 1 on all supported editions of Microsoft Windows 2000 Service Pack 4; Removed duplicate text in Workarounds for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 and Workarounds for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751Summary: This critical security update resolves five newly privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction.
