34 KBMicrosoft Security Bulletins
November 2007
Prior Updates:
2009
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2008
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2007
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2006
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2005
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2004
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)
November 2007
Microsoft Security Bulletin MS07-061
Vulnerability in Windows URI Handling could allow RCE (943460)
Severity: CriticalVulnerabilities:
- Windows URI Handling Vulnerability - CVE-2007-3896
A remote code execution vulnerability exists in the way that the Windows shell handles specifically crafted URIs that are passed to it. An attacker could exploit this vulnerability by including a specifically crafted URI in an application or attachment, which could potentially allow remote code execution.
Microsoft Security Bulletin MS07-062
Vulnerability in DNS Could Allow Spoofing (941672)
Severity: ImportantVulnerabilities:
- DNS Spoofing Attack Vulnerability – CVE-2007-3898
A spoofing vulnerability exists in Windows DNS Servers. The vulnerability could allow non-privileged users to send malicious responses to DNS requests, thereby "spoofing" or redirecting Internet traffic from legitimate locations.
