Home / bulletins MS07-042 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227) - Version:2.0
Posted on 28 September 2007
There is an newer version: MS07-042 - Version: 4.0
CriticalSeverity Rating: Critical - Revision Note: Bulletin Updated: Added Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats and Microsoft Expression Web as affected products. The Bulletin has also been updated to inform customers that a potential reliability issue exists in applications that have installed Microsoft XML Core Services 4.0 on Windows Vista, which can be addressed by applying the download available in Microsoft Knowledge Base Article 941833.Summary: This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS07-042 - Version: 1.0
- MS07-042 - Version: 1.1
- MS07-042 - Version: 2.0
- MS07-042 - Version: 3.0
- MS07-042 - Version: 4.0
