Microsoft Releases 4 Critical Security Bulletins

There are a total of 6 Security Bulletins for October. Four of them are ranked as Critical by Microsoft, and the other two are deemed Important. The Critical vulnerabilities affect Internet Explorer, Outlook Express, Windows Mail, Microsoft Word, and the Kodak Image Viewer, while the Important ones relate to an RPC denial-of-service (DoS), and potential privilege elevation in Sharepoint. The Microsoft Word vulnerability is already being exploited (Symantec has a more detailed explanation of a Word for Mac document causing Word to crash on Windows systems), and the Internet Explorer and Sharepoint flaws have exploit code available publicly. For organizations that rely on Sharepoint, particularly those that leverage Sharepoint for managing sensitive or confidential data, the Sharepoint vulnerability may be more urgent than just Important. For complete details and links to download the necessary patches or updates, read October 2007 Microsoft Security Bulletins.