Interesting, MS has issued an out-of-band update for IE7, but the original KB
has no reference to any update or changes. Anyone have any more details?
Searching the MS download center for 938127 turns this up:
http://www.microsoft.com/downloads/results.aspx?pocId=7&freetext=938127
Only the first hit has a 2008 date, and none of the older KBs or SecBulls
mentions the update.
------- Included Stuff Follows -------
Security Update for Internet Explorer 7 for Windows XP (KB938127)
A security issue has been identified in the way Vector Markup Language
(VML) is handled that could allow an attacker to compromise a computer
running Microsoft Windows and gain control over it. You can help protect
your computer by installing this update from Microsoft.
Quick Details
File Name: IE7-WindowsXP-KB938127-v2-x86-ENU.exe
Version: 938127
Security Bulletins: MS07-050
Knowledge Base (KB) Articles: KB938127
Date Published: 8/25/2008
--------- Included Stuff Ends ---------
Updated patch here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=9f5da816-194c-478e-
8a96-9421a0c52c9f&DisplayLang=en
or here if the above wraps unusably: http://preview.tinyurl.com/2yeozr
More here:
Original KB938127 and security bulletin articles here:
MS07-050: Vulnerability in Vector Markup Language could allow remote code
execution
http://support.microsoft.com/kb/938127
Microsoft Security Bulletin MS07-050 - Critical: Vulnerability in
Vector Markup Language Could Allow Remote Code Execution (938127)
http://www.microsoft.com/technet/security/bulletin/ms07-050.mspx
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
