length:  00:19:34

joined by Craig Schmugar

MS07-055: Kodak image Viewer – remote exec

No public info so far

Drive by capability

MS07-056 Outlook express

Malformed NNTP – event using full outlook there is a risk…

MS07-060 Word Could Allow Remote Code Execution

Bunch of IE vulnerabilities – allow crafted UR that is more difficult for users to detect.. one of them was public knowledge.

Apparently the MS word one is publicly exploited, however McAfee have not seen any sample yt – it is believe that this vulnerability has been used for targeted attack.

Many of M$ word vulnerabilities are use in VERY targeted attacks.