Microsoft released four security updates for September, rating one of them as critical. Here's a brief description of each update; for more information, go to
MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution
The attack vector for this exploit is a specially crafted URL that targets Microsoft Agent on computers running Windows 2000 SP4
Applies to: Windows 2000 SP4.
Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. Given that the affected component is Microsoft Agent, it's likely that nefarious third parties will be working hard to develop an exploit for this vulnerability. Prioritize testing of this update and deploy it on an accelerated schedule if your organization is using this OS version.
MS07-052: Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution
The attack vector for this exploit is a specially crafted Crystal Reports (.rpt) file. If the file is opened on a system, the system will be vulnerable to a remote code execution attack. Such an attack can be executed with the full rights and privileges of the currently logged on user.
Applies to: Editions of Visual Studio that include Crystal Reports. These are the Enterprise Architect, Enterprise Developer, and Professional editions of Visual Studio .NET 2002 SP1 and Visual Studio .NET 2003 (including SP1); and the Professional, Team Edition for Software Architects, Team Edition for Software Developers, Team Suite, and Team Edition for Software Testers editions of Visual Studio 2005 (including SP1).
Recommendation: Remind users to not open files from untrusted users. This vulnerability has been publicly disclosed. If your organization uses the targeted software, you should rigorously test the update and deploy it as a part of your organization's normal patch management cycle.
MS07-053: Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege
The attack vector for this exploit is a specially crafted binary file that can be used to elevate privileges on a computer running the affected software.
Applies to: Windows Services for UNIX 3.0, Windows Services for UNIX 3.5, and Subsystem for UNIX-based Applications.
Recommendation: This exploit has been publicly disclosed, but cannot be remotely exploited. If your organization uses the software that the exploit targets, you should remind users not to run files from untrusted sources, rigorously test the update, and deploy it as a part of your organization's normal patch management cycle.
MS07-054: Vulnerability in MSN Messenger and Windows Live Messenger could allow Remote Code Execution
The attack vector for this exploit is an incoming video chat request made to an MSN Messenger or Windows Live Messenger client. If unpatched, a successful exploit of this vulnerability could allow an attacker to gain control of a target system with the full rights and privileges of the currently logged on user.
Applies to: All versions of MSN Messenger (except MSN Messenger 7.0.0820 on Windows 2000 SP4) and all versions of Windows Live Messenger (except Windows Live Messenger 8.1).
Recommendation: This exploit has been publicly disclosed, and it's likely that with the release of this bulletin, nefarious third parties will be working hard to develop an exploit. If clients in your organization use MSN Messenger or Windows Live Messenger, prioritize testing of this update and deploy on an accelerated schedule.