Cisco Response to Microsoft Security Bulletin for July 2007

July 10, 2007

Microsoft released the July Security Update on July 10, 2007. Six bulletins were released that address 11 individual vulnerabilities. Microsoft rated three bulletins as Critical. These bulletins address vulnerabilities in Windows Active Directory, Excel, and the .NET framework. One of the vulnerabilities in Active Directory may allow a remote attacker to execute arbitrary code. Microsoft also released an Important bulletin to correct a vulnerability in Publisher that could also allow for code execution. Attackers must rely on user interaction to exploit the arbitrary code execution vulnerabilities in Excel, .NET, or Publisher. This factor reduces the potential for exploitation. Lower impact vulnerabilities, which are rated Moderate and Important, exist in Active Directory, Internet Information Services, Windows Vista Firewall, and ASP.NET.

Cisco Applied Mitigation Bulletin

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Control Plane Policing, and firewall rules are among the techniques discussed in the bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin for July 2007

Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures associated with this Microsoft update:

Microsoft Security Bulletin	Affected Product	Cisco IntelliShield Alert	CVE ID	Cisco IPS Signature	CVSS Base Score
Microsoft Security Bulletin MS07-036 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution	Microsoft Excel Microsoft Excel Viewer Microsoft Excel Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats	Microsoft Excel Malformed File Code Execution Vulnerability	CVE-2007-1756	–	8.0
		Microsoft Excel Active Worksheet Validation Error Vulnerability	CVE-2007-3029	–	8.0
		Microsoft Excel Workspace Memory Corruption Vulnerability	CVE-2007-3030	–	8.0
Microsoft Security Bulletin MS07-037 Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution	Microsoft Publisher	Microsoft Office Publisher 2007 Memory Corruption Vulnerability	CVE-2007-1754	–	8.0
Microsoft Security Bulletin MS07-038 Vulnerability in Windows Vista Firewall Could Allow Information Disclosure	Microsoft Windows Vista	Microsoft Windows Vista Firewall Information Disclosure Vulnerability	CVE-2007-3038	–	1.9
Microsoft Security Bulletin MS07-039 Vulnerability in Windows Active Directory Could Allow Remote Code Execution	Microsoft Windows Server	Microsoft Windows Active Directory LDAP Request Parsing Vulnerability	CVE-2007-0040	–	10.0
	Microsoft Windows Server	Microsoft Active Directory LDAP Request Parsing Denial of Service Vulnerability	CVE-2007-3028	–	2.3
Microsoft Security Bulletin MS07-040 Vulnerabilities in .NET Framework Could Allow Remote Code Execution	Microsoft .NET Framework	Microsoft .NET Framework PE Loader Unchecked Buffer Vulnerability	CVE-2007-0041	–	8.0
		Microsoft ASP.NET Null Byte Termination Vulnerability	CVE-2007-0042	5170/0 5170/1 5664/0	1.9
		Microsoft .NET JIT Compiler Unchecked Buffer Vulnerability	CVE-2007-0043	–	8.0
Microsoft Security Bulletin MS07-041 Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution	Microsoft Windows XP Professional	Microsoft Internet Information Services URL Request Handling Memory Corruption Vulnerability	CVE-2005-4360	5723/0	8.0

Return to Cisco Security Center