A closer look at the security vulnerability reveals that is is rated critical for all 32-bit and 64-bit Windows client operating systems from Windows XP to Windows 7. The same vulnerability is rated as important for all server based operating systems.

The second vulnerability, MS11-001, has a maximum severity rating of important. It fixes a vulnerability in the Windows Backup Manager that could allow remote code execution. The vulnerability affects only the Windows Vista operating system.

• MS11-002 – Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910) – This security update resolves two privately reported vulnerabilities in Microsoft Data Access Components. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS11-001 – Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935) – This security update resolves a publicly disclosed vulnerability in Windows Backup Manager. The vulnerability could allow remote code execution if a user opens a legitimate Windows Backup Manager file that is located in the same network directory as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open the legitimate file from that location, which in turn could cause Windows Backup Manager to load the specially crafted library file.

Severity and Exploitability Index

Bulletin Deployment Priority

The images have been taken from the Technet announcement which offers further information about the vulnerabilities and patch deployment.

Windows users are advised to apply the patches as soon as possible to protect their system from possible exploits. The patches can be applied directly via Windows Update or directly from Microsoft Download.

A total of eleven security bulletins have been released that update the Windows operating system as well as other Microsoft software like Microsoft Office.

The updates fix security vulnerabilities in Microsoft applications and it is generally recommended to update the operating systems and applications as soon as possible to close the security holes and protect the systems from malicious attacks exploiting these vulnerabilities.

Five of the vulnerabilities have received a critical rating, the highest and most severe rating that vulnerabilities can get.

• MS10-019 – Vulnerabilities in Windows Could Allow Remote Code Execution (981210) – This security update resolves two privately reported vulnerabilities in Windows Authenticode Verification that could allow remote code execution. An attacker who successfully exploited either vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
• MS10-020 – Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) – This security update resolves one publicly disclosed and several privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server.
• MS10-025 – Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) – This security update resolves a privately reported vulnerability in Windows Media Services running on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted transport information packet to a Microsoft Windows 2000 Server system running Windows Media Services. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. On Microsoft Windows 2000 Server, Windows Media Services is an optional component and is not installed by default.
• MS10-026 – Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) –
  This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file containing an MPEG Layer-3 audio stream. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-027 – Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402) – This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-021 – Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) – This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.
• MS10-022 – Vulnerability in VBScript Could Allow Remote Code Execution (981169) – This security update resolves a publicly disclosed vulnerability in VBScript on Microsoft Windows that could allow remote code execution. This security update is rated Important for Microsoft Windows 2000, Windows XP, and Windows Server 2003. On Windows Server 2008, Windows Vista, Windows 7, and Windows Server 2008 R2, the vulnerable code is not exploitable, however, as the code is present, this update is provided as a defense-in-depth measure and has no severity rating.

  The vulnerability could allow remote code execution if a malicious Web site displayed a specially crafted dialog box on a Web page and a user pressed the F1 key, causing the Windows Help System to be started with a Windows Help File provided by the attacker. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

• MS10-023 – Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160) – This security update resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-024 – Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) – This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Exchange and Windows SMTP Service. The more severe of these vulnerabilities could allow denial of service if an attacker sent a specially crafted DNS response to a computer running the SMTP service. By default, the SMTP component is not installed on Windows Server 2003, Windows Server 2003 x64 Edition, or Windows XP Professional x64 Edition.
• MS10-028 – Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) – This security update resolves two privately reported vulnerabilities in Microsoft Office Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-029 – Vulnerabilities in Windows ISATAP Component Could Allow Spoofing (978338) – This security update resolves one privately reported vulnerability in Microsoft Windows. This security update is rated Moderate for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Windows 7 and Windows Server 2008 R2 are not vulnerable because these operating systems include the feature deployed by this security update.

  This vulnerability could allow an attacker to spoof an IPv4 address so that it may bypass filtering devices that rely on the source IPv4 address. The security update addresses the vulnerability by changing the manner in which the Windows TCP/IP stack checks the source IPv6 address in a tunneled ISATAP packet.

The security updates can be downloaded by following the links listed above or by launching Windows Update or Microsoft Update to download and install them automatically on the computer system.

The easiest way to install the patches is by downloading and installing the security patches at Windows Update which provides access to all security updates even for users who run a non legit version of Windows.

Microsoft did also release a new version of the Windows Malicious Software Removal Tool which is now able to detect two new families of malware (Win32/FakeXPA and Win32/Yektel)

• MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) which is rated “Critical”
• MS08-071: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) which is rated “Critical”
• MS08-072: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) which is rated “Critical”
• MS08-073: Cumulative Security Update for Internet Explorer (958215) which is rated “Critical”
• MS08-074: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) which is rated “Critical”
• MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) which is rated “Critical”
• MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) which is rated “Important”
• MS08-077: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) which is rated “Important”

Windows users should install the updates as soon as possible to secure their computer system.

Two of the vulnerabilities allow remote code execution if the user opens a specially prepared file while the the other two make it possible with specially crafted mailto links and websites. It should be noted that not only Office 2000, Office 2003 and Office 2007
are affected but also Office for Mac, to be price Office 2004 and 2008 for Mac.

You can use the Microsoft Baseline Analyzer [link] to find out if your system is affected. My suggestion is to simply download the four patches and see if they install. You would get an error message if your system would not be affected.

I decided to list all patches with links to their downloads at the Microsoft website to make it easier to install all those patches if you do not want to use Windows Update. Remember that those patches fix serious vulnerabilities and should be installed immediately:

Installing those patches manually will take some time. Below are links that display a page listing the affected softwares and links to the patches.

• Microsoft Security Bulletin MS07-042 (critical) – This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS07-043 (critical) – This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page. The vulnerability could be exploited through attacks on Object Linking and Embedding (OLE). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS07-044 (critical) – This security update resolves a privately reported vulnerability in addition to other security issues identified during the course of the investigation. These vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS07-045 (critical) –

  This critical security update resolves three privately reported vulnerabilities. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Microsoft Security Bulletin MS07-046 (critical) – This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the Graphics Rendering Engine in the way that it handles specially crafted images. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
• Microsoft Security Bulletin MS07-050 (critical) – This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS07-047 (important) – This important security update resolves two privately reported vulnerabilities. These vulnerabilities could allow code execution if a user viewed a specially crafted file in Windows Media Player. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS07-048 (important) – This important security update resolves two privately reported vulnerabilities in addition to other vulnerabilities identified during the course of the investigation. These vulnerabilities could allow an anonymous remote attacker to run code with the privileges of the logged on user. If a user subscribed to a malicious RSS feed in the Feed Headlines Gadget or added a malicious contacts file in the Contacts Gadget or a user clicked on a malicious link in the Weather Gadget an attacker could potentially run code on the system. In all attack vectors, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS07-049 (important) – This important security update resolves one privately reported vulnerability. This is an elevation of privilege vulnerability. The vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating systems. Only guest operating system users who are granted administrative permissions to the guest operating system would be able to exploit this vulnerability. Guest operating system users not granted administrative permissions to the guest operating system would be unable to exploit this vulnerability.