MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)

How to?

Support

Download

Website

Forums

Live Demo

Patch Management Software

Desktop Central helps administrators to automate patch deployment of both Microsoft and Non-Microsoft Applications from a central point.

MS07-061 Bulletin Details

Microsoft Security Bulletins

Bulletin ID:	MS07-061
Title	Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)
Summary:	A remote code execution vulnerability exists in the way that the Windows shell handles specially crafted URIs that are passed to it. If the Windows shell did not sufficiently validate these URIs, an attacker could exploit this vulnerability and execute arbitrary code. Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7. However, the vulnerability exists in a Windows file, Shell32.dll, which is included in all supported editions of Windows XP and Windows Server 2003.
Knowledgebase:	943460

List of Patches

S.No	Patch Name	Severity
1.	WindowsServer2003-KB943460-x86-ENU.exe	Critical
2.	WindowsServer2003-sp2-KB943460-x86-ENU.exe	Critical
3.	WindowsXP-KB943460-x86-ENU.exe	Critical
4.	WindowsXP-KB943460-x64-ENU.exe	Critical

Patch Mgmt Features

Desktop Mgmt Features

Forums

Disclaimer: This webpage is intended to provide you information about patch announcements for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors' websites. You can get more information by clicking the links to visit the relevant pages on the vendors' websites. Desktop Central is NOT endorsed by the vendors of the software products.