Cumulative Security Update of ActiveX Kill Bits (MS08-032)
11 Jun. 2008
This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes a kill bit for software produced by BackWeb.
The security update is rated Moderate for Microsoft Windows 2000 Service Pack 4; all supported editions of Windows XP; and all editions of the original release version of Windows Vista. However, the kill bit deployment also includes Windows Vista Service Pack 1.
For all other supported versions of Windows, this security update is rated Low. For more information, see the subsection, Affected and Non-Affected Software, in this section.
*For supported editions of Windows Server 2008, the same severity rating applies whether or not installed using the Server Core installation option. For more information on this installation option, see Server Core. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008; see Compare Server Core Installation Options.
Note for Affected Software Microsoft does not rate the severity of third party controls for which this update sets a kill bit. However, the kill bit will be deployed across all platforms, including a platform which is not affected by a vulnerability in Microsoft software. See also the subsection, Third Party Kill Bits, in this section.
Speech API Vulnerability - CVE-2007-0675
A remote code execution vulnerability exists in the Speech Components sapi.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. The user must have the Speech Recognition feature in Windows enabled. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.
This control was never intended to be instantiated in Internet Explorer.