McAfee, Inc. announced that it provides coverage for the 19 security vulnerabilities disclosed by Microsoft Corp. These vulnerabilities have been reviewed by McAfee Avert Labs, and based on their findings, the vendor recommends that users confirm the Microsoft product versioning outlined in the bulletins and update as recommended by Microsoft and McAfee. This includes deploying solutions to ensure protection against the vulnerabilities outlined in this advisory.
Dave Marcus, security research and communications manager, McAfee Avert Labs, said of particular concern is the large number of Microsoft Office, Word, Excel and Internet Explorer vulnerabilities being patched. These applications are the most frequently targeted applications by malware writers, so we recommend that all customers evaluate their security coverage and policies to insure they have adequate protection in place.
The vulnerabilities are: MS07-023 – vulnerabilities in Microsoft Excel could allow remote code execution, MS07-024 – vulnerabilities in Microsoft Word could allow remote code execution, MS07-025 – vulnerability in Microsoft Office could allow remote code execution, MS07-026 – vulnerabilities in Microsoft Exchange could allow remote code execution, MS07-027 – cumulative security update for Internet Explorer, MS07-028 – vulnerability in CAPICOM could allow remote code execution, and MS07-029 – vulnerability in Windows DNS RPC interface could allow remote code execution.