Microsoft Monthly Updates
-
Re: Microsoft Monthly Updates
Microsoft Security Bulletins for September 2006
Download the September security updates for Microsoft Windows and Microsoft Office.
Posted on Tue, 12 Sep 2006
http://www.microsoft.com/technet/sec.../ms06-Sep.mspx
-
Microsoft Offers Early Fix for Critical IE Bug
Microsoft Security Bulletin MS06-055
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
Published: September 26, 2006
Mounting problem forces software giant to release VML patch ahead of its monthly security update.
http://www.microsoft.com/technet/sec.../MS06-055.mspx
http://www.pcworld.com/article/id,12...y/article.html
-
Below are the new bulletins released by Microsoft today:
6 Critical:
Microsoft Security Bulletin MS06-057 - Vulnerability in Windows Shell Could Allow Remote Code Execution (923191)
Microsoft Security Bulletin MS06-058 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)
Microsoft Security Bulletin MS06-059 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
Microsoft Security Bulletin MS06-060 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
Microsoft Security Bulletin MS06-061 - Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)
Microsoft Security Bulletin MS06-062 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
1 Important:
Microsoft Security Bulletin MS06-063 - Vulnerability in Server Service Could Allow Denial of Service (923414)
2 Moderate:
Microsoft Security Bulletin MS06-056 - Vulnerability in ASP.NET Could Allow Information Disclosure (922770)
Microsoft Security Bulletin MS06-065 - Vulnerability In Windows Object Packager Could Allow Remote Code Execution (924496)
1 Low:
Microsoft Security Bulletin MS06-064 - Vulnerabilities in TCP/IP Could Allow Denial of Service (922819)
Please read the details on the above at http://www.microsoft.com/technet/sec.../ms06-oct.mspx
Note that there may be some delays in receiving these today, as MSRC has reported network issues in getting all the servers loaded for "Patch Tuesday".
-
Microsoft released the following security bulletins today:
Important:
MS06-066 - Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution (923980)
Critical:
MS06-067 - Cumulative Security Update for Internet Explorer (922760)
MS06-068 - Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)
MS06-069 - Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)
MS06-070 - Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)
MS06-071 - Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (928088)
The Security Bulletin Summary at http://www.microsoft.com/technet/sec.../ms06-nov.mspx
-
Microsoft Security Bulletin Summary for December, 2006
As part of Microsoft's routine, monthly security update cycle, they've released the following updates:
3 Critical:
MS06-072 - Cumulative Security Update for Internet Explorer (925454)
MS06-073 - Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
MS06-078 - Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
4 Important:
MS06-074 - Vulnerability in SNMP Could Allow Remote Code Execution (926247)
MS06-075 - Vulnerability in Windows Could Allow Elevation of Privilege (926255)
MS06-076 - Cumulative Security Update for Outlook Express (923694)
MS06-077 - Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)
The Microsoft Security Bulletin Summary for December, 2006 is at http://www.microsoft.com/technet/sec.../ms06-dec.mspx
-
Microsoft Security Bulletin Summary for January, 2007
http://www.microsoft.com/technet/sec.../ms07-jan.mspx
As part of Microsoft's routine, monthly security update cycle, they've released the following updates affecting Microsoft Windows and Microsoft Office:
Critical
MS07-002 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
MS07-003 - Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)
MS07-004 - Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
Important
MS07-001 - Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)
-
The Microsoft Security Bulletins for February 2007 has been released.
6 Critical Security Updates:
MS07-008 - Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)
MS07-009 - Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution(927779)
MS07-010 - Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135)
MS07-014 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434)
MS07-015 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554)
MS07-016 - Cumulative Security Update for Internet Explorer (928090)
6 Important Security Updates:
MS07-005 - Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723)
MS07-006 - Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)
MS07-007 - Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)
MS07-011 - Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)
MS07-012 - Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)
MS07-013 - Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)
The Microsoft Security Bulletin Summary for February, 2007 is at http://www.microsoft.com/technet/sec.../ms07-feb.mspx
-
Title: Microsoft Security Bulletin Summary for March 2007
Issued: March 13, 2007
Version Number: 1.0
Bulletin Summary: http://www.microsoft.com/technet/sec.../ms07-mar.mspx
Summary:
========
Microsoft has NOT released any security bulletins on March 13, 2007.
Non-Security, High-Priority Updates on MU, WU, WSUS and SUS:
Microsoft has released two non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
Microsoft has released four non-security, high-priority updates for Windows on Windows Update (WU) and Software Update Services (SUS).
Microsoft Windows Malicious Software Removal Tool
Microsoft has released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
-
Microsoft Security Bulletins, April 2007
Microsoft has released the following security bulletins today:
MS07-017 - Vulnerabilities in GDI Could Allow Remote Code Execution (925902)
http://www.microsoft.com/technet/sec.../MS07-017.mspx
MS07-018 - Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)
http://www.microsoft.com/technet/sec.../MS07-018.mspx
MS07-019 - Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)
http://www.microsoft.com/technet/sec.../MS07-019.mspx
MS07-020 - Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)
http://www.microsoft.com/technet/sec.../MS07-020.mspx
MS07-021 - Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)
http://www.microsoft.com/technet/sec.../MS07-021.mspx
MS07-022 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)
http://www.microsoft.com/technet/sec.../MS07-022.mspx
References:
MS Security Bulletins for end-users: http://www.microsoft.com/athome/secu...ns/200704.mspx
MS Security Bulletins for IT Pro: http://www.microsoft.com/technet/sec.../ms07-apr.mspx
MS Response Center Blog: http://blogs.technet.com/msrc/default.aspx
Notes:
Microsoft NEVER send security updates via e-mail. Download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
-
Microsoft security updates for May 2007
Microsoft has released the following security bulletins today:
NOTE: All 7 security bulletins below are rated CRITICAL
MS07-023 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
-- Affected Software: Office 2000, Excel 2000, Office XP, Excel 2002, Office 2003, Excel 2003, Excel Viewer 2003, Office System 2007, Excel 2007, Office 2004 for Macintosh
MS07-024 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)
-- Affected Software: Office 2000, Word 2000, Office XP, Word 2002, Office 2003, Word 2003, Word Viewer 2003, Office 2004 for Macintosh, Works 2004, Works 2005, Works 2006
MS07-025 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)
-- Affected Software: Office 2000, Excel 2000, FrontPage 2000, Publisher 2000, Office XP, Excel 2002, FrontPage 2002, Publisher 2002, Office 2003, Excel 2003, FrontPage 2003, Publisher 2003, Excel Viewer 2003, Office System 2007, Excel 2007, Publisher2007, SharePoint Designer 2007, Expression Web, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats , Office 2004 for Macintosh
MS07-026 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)
-- Affected Software: Exchange 2000 Server, Exchange Server 2003, Exchange Server 2007
MS07-027 - Cumulative Security Update for Internet Explorer (931768)
-- Affected Software: Windows 2000 Server, Windows 2000 Professional, Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Internet Explorer 5.01, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows Vista, Windows Vista x64, Internet Explorer 6.0, Internet Explorer 6.0 for Windows XP Service Pack 2, Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Internet Explorer 7.0 for Windows XP Service Pack 2 , Internet Explorer 7.0 For Windows 2003, Internet Explorer 7 for Windows 2003 for Itanium, Internet Explorer 7 for Windows 2003 x64 Edition, Internet Explorer 7.0 for Windows Vista, Internet Explorer 7.0 for Windows Vista x64
MS07-028 - Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)
-- Affected Software: CAPICOM, Platform SDK Redistrubutable: CAPICOM, BizTalk Server 2004
MS07-029 - Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966)
-- Affected Software: Windows 2000 Server, Windows 2000 Professional, Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition
¨*·.¸ «.·°·..·°·.» ¸.·*¨
