Microsoft Security Updates planned for May 2007

Zazula · 05-05-2007, 04:33 AM

On Tuesday 8 May 2007 Microsoft is planning to release:

Security Updates

. Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

. Three Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

. One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

. One Microsoft Security Bulletin affecting CAPICOM and BizTalk. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.

Microsoft Windows Malicious Software Removal Tool

. Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

. Microsoft will release 1 NON-SECURITY High-Priority Update for Windows on Windows Update (WU) and Software Update Services (SUS).

. Microsoft will release 6 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Microsoft will host a webcast next week to address customer questions on these bulletins. For more information on this webcast please see below:
. TechNet Webcast: Information about Microsoft's Security Bulletins (Level 100)
. Wednesday, 9 May 2007 11:00 AM (GMT-08:00) Pacific Time (US & Canada) http://msevents.microsoft.com/CUI/We...CountryCode=US

At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 8 May 2007.

chauffeur2 · 05-05-2007, 04:40 AM

Thanks for this update Zaz.

Kind Regards,

Mrs. Blaileen · 05-05-2007, 05:58 PM

Do you know if any of those security updates, and/or any future updates will address the spoofed-Microsoft trojan "updates" that some of us have mistakenly let into our computers?

Thanks.

Zazula · 05-05-2007, 09:37 PM

Mrs. Blaileen, have you followed the suggestion I gave you in your original thread Anyone Else Download Bogus Microsoft Patches/Updates/Hotfixes?

Zazula · 05-08-2007, 10:42 PM

********************************************************************
Title: Microsoft Security Bulletin Summary for May 2007
Issued: May 8, 2007
Version Number: 1.0
Bulletin Summary: http://www.microsoft.com/technet/sec.../ms07-may.mspx
********************************************************************

Summary:
========
This Bulletin Summary contains information about all security updates released this month. Their security bulletins, in order of severity, are as follows:

Critical Security Bulletins
===========================

MS07-023 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
Affected Software:
- Excel 2000 Service Pack 3
- Excel 2002 Service Pack 3
- Excel 2003 Service Pack 2
- Excel 2003 Viewer
- Office Excel 2007
- Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
- Microsoft Office 2004 for Mac
Impact: Remote Code Execution
Version Number: 1.0

MS07-024 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)
Affected Software:
- Word 2000 Service Pack 3
- Word 2002 Service Pack 3
- Word 2003 Service Pack 2
- Word Viewer 2003
- Microsoft Office 2004 for Mac
- Microsoft Works Suite 2004
- Microsoft Works Suite 2005
- Microsoft Works Suite 2006
Impact: Remote Code Execution
Version Number: 1.0

MS07-025 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)
Affected Software:
- Office 2000 Service Pack 3
- Office XP Service Pack 3
- Office 2003 Service Pack 2
- 2007 Microsoft Office System
- Microsoft Office 2004 for Mac
Impact: Remote Code Execution
Version Number: 1.0

MS07-026 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)
Affected Software:
- Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup
- Microsoft Exchange Server 2003 Service Pack 1
- Microsoft Exchange Server 2003 Service Pack 2
- Microsoft Exchange Server 2007
Impact: Remote Code Execution
Version Number: 1.0

MS07-027 - Cumulative Security Update for Internet Explorer (931768)
Affected Software:
- Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4
- Internet Explorer 6 Service Pack 1 when installed on Windows 2000 Service Pack 4
- Internet Explorer 6 for Windows XP Service Pack 2
- Internet Explorer 6 for Windows XP Professional x64 Edition
- Internet Explorer 6 for Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 6 for Windows Server 2003 x64 Edition Service Pack 1 and Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 7 for Windows XP Service Pack 2
- Internet Explorer 7 for Windows XP Professional x64 Edition
- Internet Explorer 7 for Windows XP Professional x64 Edition Service Pack 2
- Windows Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 for Windows Server 2003 x64 Edition Service Pack 1 and Windows Server 2003 x64 Edition Service Pack 2
- Windows Internet Explorer 7 in Windows Vista
- Windows Internet Explorer 7 in Windows Vista x64 Edition
Impact: Remote Code Execution
Version Number: 1.0

MS07-028 - Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)
Affected Software:
- CAPICOM
- Platform SDK Redistributable: CAPICOM
- BizTalk Server 2004 Service Pack 1
- BizTalk Server 2004 Service Pack 2
Impact: Remote Code Execution
Version Number: 1.0

MS07-029 - Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution (935966)
Affected Software:
- Windows 2000 Server Service Pack 4
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2003 x64 Edition Service Pack 1
- Windows Server 2003 x64 Edition Service Pack 2
Impact: Remote Code Execution
Version Number: 1.0

Update Availability:
===================
Updates are available to address these issues. For additional information, including Technical Details, Workarounds, answers to Frequently Asked Questions, and Update Deployment Information please read the Microsoft Security Bulletin Summary for this month at: http://go.microsoft.com/fwlink/?LinkId=89795

05-05-2007, 04:33 AM	#1 (permalink)
Zazula Manager Emeritus, I'm blond, James Blond Join Date: Apr 2006 Location: Athens, Greece Posts: 7,667 OS: Win XP Pro SP2	Microsoft Security Updates planned for May 2007 On Tuesday 8 May 2007 Microsoft is planning to release: Security Updates . Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer. . Three Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer. . One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer. . One Microsoft Security Bulletin affecting CAPICOM and BizTalk. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Microsoft Windows Malicious Software Removal Tool . Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Non-security High Priority updates on MU, WU, WSUS and SUS . Microsoft will release 1 NON-SECURITY High-Priority Update for Windows on Windows Update (WU) and Software Update Services (SUS). . Microsoft will release 6 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS). Microsoft will host a webcast next week to address customer questions on these bulletins. For more information on this webcast please see below: . TechNet Webcast: Information about Microsoft's Security Bulletins (Level 100) . Wednesday, 9 May 2007 11:00 AM (GMT-08:00) Pacific Time (US & Canada) http://msevents.microsoft.com/CUI/We...CountryCode=US At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 8 May 2007. __________________ "Time is the wisest because it discovers everything" Thales of Miletus (ca.624BC-ca.546BC) "Everything flows, nothing stands still." Heraclitus of Ephesus (ca.535BC-475BC) "One thing I know, that I know nothing" Socrates of Athens (ca.470BC–399BC)

05-05-2007, 04:40 AM	#2 (permalink)
chauffeur2 Manager Emeritus Join Date: Feb 2006 Location: Adelaide, South Australia Posts: 10,180 OS: Xp Sp3 with all updates + Vista™ Ultimate SP1. My System	Re: Microsoft Security Updates planned for May 2007 Thanks for this update Zaz. Kind Regards, __________________ Dave T. Submit New Articles If it works, Don't fix it! Especially if Bill Gates had anything to do with it!!

05-05-2007, 05:58 PM	#3 (permalink)
Mrs. Blaileen Registered User Join Date: Jan 2007 Posts: 30 OS: Linux, Ubuntu 7.04	Re: Microsoft Security Updates planned for May 2007 Do you know if any of those security updates, and/or any future updates will address the spoofed-Microsoft trojan "updates" that some of us have mistakenly let into our computers? Thanks.

05-05-2007, 09:37 PM	#4 (permalink)
Zazula Manager Emeritus, I'm blond, James Blond Join Date: Apr 2006 Location: Athens, Greece Posts: 7,667 OS: Win XP Pro SP2	Re: Microsoft Security Updates planned for May 2007 Mrs. Blaileen, have you followed the suggestion I gave you in your original thread Anyone Else Download Bogus Microsoft Patches/Updates/Hotfixes? __________________ "Time is the wisest because it discovers everything" Thales of Miletus (ca.624BC-ca.546BC) "Everything flows, nothing stands still." Heraclitus of Ephesus (ca.535BC-475BC) "One thing I know, that I know nothing" Socrates of Athens (ca.470BC–399BC)

05-08-2007, 10:42 PM	#5 (permalink)
Zazula Manager Emeritus, I'm blond, James Blond Join Date: Apr 2006 Location: Athens, Greece Posts: 7,667 OS: Win XP Pro SP2	Re: Microsoft Security Updates planned for May 2007 ****************************************************************** Title: Microsoft Security Bulletin Summary for May 2007 Issued: May 8, 2007 Version Number: 1.0 Bulletin Summary: http://www.microsoft.com/technet/sec.../ms07-may.mspx **************************************************************** Summary: ======== This Bulletin Summary contains information about all security updates released this month. Their security bulletins, in order of severity, are as follows: Critical Security Bulletins =========================== MS07-023 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233) Affected Software: - Excel 2000 Service Pack 3 - Excel 2002 Service Pack 3 - Excel 2003 Service Pack 2 - Excel 2003 Viewer - Office Excel 2007 - Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats - Microsoft Office 2004 for Mac Impact: Remote Code Execution Version Number: 1.0 MS07-024 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232) Affected Software: - Word 2000 Service Pack 3 - Word 2002 Service Pack 3 - Word 2003 Service Pack 2 - Word Viewer 2003 - Microsoft Office 2004 for Mac - Microsoft Works Suite 2004 - Microsoft Works Suite 2005 - Microsoft Works Suite 2006 Impact: Remote Code Execution Version Number: 1.0 MS07-025 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873) Affected Software: - Office 2000 Service Pack 3 - Office XP Service Pack 3 - Office 2003 Service Pack 2 - 2007 Microsoft Office System - Microsoft Office 2004 for Mac Impact: Remote Code Execution Version Number: 1.0 MS07-026 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832) Affected Software: - Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup - Microsoft Exchange Server 2003 Service Pack 1 - Microsoft Exchange Server 2003 Service Pack 2 - Microsoft Exchange Server 2007 Impact: Remote Code Execution Version Number: 1.0 MS07-027 - Cumulative Security Update for Internet Explorer (931768) Affected Software: - Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 - Internet Explorer 6 Service Pack 1 when installed on Windows 2000 Service Pack 4 - Internet Explorer 6 for Windows XP Service Pack 2 - Internet Explorer 6 for Windows XP Professional x64 Edition - Internet Explorer 6 for Windows XP Professional x64 Edition Service Pack 2 - Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 - Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems - Internet Explorer 6 for Windows Server 2003 x64 Edition Service Pack 1 and Windows Server 2003 x64 Edition Service Pack 2 - Internet Explorer 7 for Windows XP Service Pack 2 - Internet Explorer 7 for Windows XP Professional x64 Edition - Internet Explorer 7 for Windows XP Professional x64 Edition Service Pack 2 - Windows Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 - Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems - Internet Explorer 7 for Windows Server 2003 x64 Edition Service Pack 1 and Windows Server 2003 x64 Edition Service Pack 2 - Windows Internet Explorer 7 in Windows Vista - Windows Internet Explorer 7 in Windows Vista x64 Edition Impact: Remote Code Execution Version Number: 1.0 MS07-028 - Vulnerability in CAPICOM Could Allow Remote Code Execution (931906) Affected Software: - CAPICOM - Platform SDK Redistributable: CAPICOM - BizTalk Server 2004 Service Pack 1 - BizTalk Server 2004 Service Pack 2 Impact: Remote Code Execution Version Number: 1.0 MS07-029 - Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution (935966)** Affected Software: - Windows 2000 Server Service Pack 4 - Windows Server 2003 Service Pack 1 - Windows Server 2003 Service Pack 2 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Server 2003 x64 Edition Service Pack 1 - Windows Server 2003 x64 Edition Service Pack 2 Impact: Remote Code Execution Version Number: 1.0 Update Availability: =================== Updates are available to address these issues. For additional information, including Technical Details, Workarounds, answers to Frequently Asked Questions, and Update Deployment Information please read the Microsoft Security Bulletin Summary for this month at: http://go.microsoft.com/fwlink/?LinkId=89795 __________________ "Time is the wisest because it discovers everything" Thales of Miletus (ca.624BC-ca.546BC) "Everything flows, nothing stands still." Heraclitus of Ephesus (ca.535BC-475BC) "One thing I know, that I know nothing" Socrates of Athens (ca.470BC–399BC)