Microsoft KB Archive/921503

= MS07-043: Vulnerability in OLE Automation could allow remote code execution =

Article ID: 921503

Article Last Modified on 10/11/2007

-

APPLIES TO

 Microsoft Windows Server 2003, Standard x64 Edition Microsoft Windows Server 2003, Enterprise x64 Edition Microsoft Windows Server 2003, Datacenter x64 Edition Microsoft Windows Server 2003 SP1, when used with:  Microsoft Windows Server 2003, Standard Edition (32-bit x86)

 Microsoft Windows Server 2003, Enterprise Edition

 Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Web Edition</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems</li></ul>

 Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems</li></ul> </li> Microsoft Windows Server 2003 Service Pack 2, when used with:  Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition</li></ul>

 Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul>

 <li>Microsoft Windows Server 2003, Web Edition</li></ul>

<ul> <li>Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems</li></ul>

<ul> <li>Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems</li></ul>

<ul> <li>Microsoft Windows Server 2003, Datacenter x64 Edition</li></ul>

<ul> <li>Microsoft Windows Server 2003, Enterprise x64 Edition</li></ul>

<ul> <li>Microsoft Windows Server 2003, Standard x64 Edition</li></ul> </li> <li>Microsoft Windows XP Professional x64 Edition</li> <li>Microsoft Windows XP Service Pack 2, when used with: <ul> <li>Microsoft Windows XP Professional</li></ul>

<ul> <li>Microsoft Windows XP Home Edition</li></ul>

<ul> <li>Microsoft Windows XP Professional x64 Edition</li></ul> </li> <li>Microsoft Windows 2000 Service Pack 4, when used with: <ul> <li>Microsoft Windows 2000 Datacenter Server</li></ul>

<ul> <li>Microsoft Windows 2000 Advanced Server</li></ul>

<ul> <li>Microsoft Windows 2000 Server</li></ul>

<ul> <li>Microsoft Windows 2000 Professional Edition</li></ul> </li> <li>Microsoft Office 2004 for Mac Professional Edition</li> <li>Microsoft Office 2004 for Mac Standard Edition</li> <li>Microsoft Office 2004 for Mac Student and Teacher Edition</li> <li>Microsoft Visual Studio 6.0 Service Pack 6</li></ul>

-

<div class="summary_section">

INTRODUCTION
Microsoft has released security bulletin MS07-043. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites: <ul> <li>Home users:

http://www.microsoft.com/protect/computer/updates/bulletins/200708.mspx

</li> <li>IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms07-043.mspx

</li></ul>

Known issues
In versions of Microsoft Visual Basic 6.0 later than Visual Basic 6.0 Service Pack 6 (SP6), the Visual Basic Package and Deployment Wizard obtains the Oleaut32.dll file from the following location:

\Wizards\PDWizard\Redist\

This folder contains a single copy of the Oleaut32.dll file. Software vendors and software developers can use this file for all operating systems that are supported by Visual Basic 6.0.

This security update contains multiple operating-system-specific versions of the Oleaut32.dll file. This security update creates new folders under the original Redist folder.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

924053 MS07-043: Description of security update for the Visual Basic 6.0 redistributable

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Keywords: kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbsecbulletin kbpubtypekc kbwin2000presp5fix kbexpertiseinter kbexpertisebeginner KB921503

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.