Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

McAfee Fights MSFT Vulnerabilities

SANTA CLARA, Calif. -- McAfee, Inc. (NYSE: MFE), announced that it provides coverage for the 19 security vulnerabilities disclosed by Microsoft Corporation today. These vulnerabilities have been reviewed by McAfee Avert Labs, and based on their findings, McAfee recommends that users confirm the Microsoft product versioning outlined in the bulletins and update as recommended by Microsoft and McAfee. This includes deploying solutions to ensure protection against the vulnerabilities outlined in this advisory.

"Of particular concern is the large number of Microsoft Office, Word, Excel and Internet Explorer vulnerabilities being patched today," said Dave Marcus, security research and communications manager, McAfee Avert Labs.
"These applications are the most frequently targeted applications by malware writers, so we recommend that all customers evaluate their security coverage and policies to insure they have adequate protection in place."

Microsoft Vulnerabilities Overview:

  • MS07-023 - Vulnerabilities in Microsoft Excel Could Allow Remote
    Code Execution
  • MS07-024 - Vulnerabilities in Microsoft Word Could Allow Remote
    Code Execution
  • MS07-025 - Vulnerability in Microsoft Office Could Allow Remote Code
    Execution
  • MS07-026 - Vulnerabilities in Microsoft Exchange Could Allow Remote
    Code Execution
  • MS07-027 - Cumulative Security Update for Internet Explorer
  • MS07-028 - Vulnerability in CAPICOM Could Allow Remote Code
    Execution
  • MS07-029 - Vulnerability in Windows DNS RPC Interface Could Allow
    Remote Code Execution

Scope of Potential Compromise

Today's seven security bulletins cover a total of 19 vulnerabilities. Among the vulnerabilities, fifteen are rated critical by Microsoft due to their potential for remote code execution while the remaining four vulnerabilities have been rated important. McAfee Avert Labs worked with Microsoft to responsibly disclose and patch the MS07-024 (CVE 2007 - 0870) vulnerability in Word.

For additional information on today's vulnerabilities as well as information on current threats, visit McAfee's Threat Center at http://www.mcafee.com/us/threat_center/default.asp where you will find blogs http://www.avertlabs.com/research/blog/ from McAfee Avert Labs researchers.
More information on the vulnerabilities can also be found at http://www.microsoft.com/technet/security/current.aspx.

McAfee Inc. (NYSE: MFE)