Microsoft Security Bulletin Summary for December 2006

Microsoft Security Bulletin Summary for December, 2006
Published: December 12, 2006

Version: 1.0

http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx

Critical (3)

Bulletin Identifier Microsoft Security Bulletin MS06-072
Bulletin Title
Cumulative Security Update for Internet Explorer (925454)
Executive Summary
This update resolves vulnerabilities in Internet Explorer that could allow remote code execution.
http://go.microsoft.com/fwlink/?LinkId=77563

Bulletin Identifier Microsoft Security Bulletin MS06-073
Bulletin Title
Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
Executive Summary
This update resolves a vulnerability in Visual Studio 2005 that could allow remote code execution.
http://go.microsoft.com/fwlink/?LinkId=79426

Bulletin Identifier Microsoft Security Bulletin MS06-078
Bulletin Title
Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
Executive Summary
This update resolves a vulnerability in Windows Media Player that could allow remote code execution.
http://go.microsoft.com/fwlink/?LinkId=76487

Important (4)

Bulletin Identifier Microsoft Security Bulletin MS06-074
Bulletin Title
Vulnerability in SNMP Could Allow Remote Code Execution (926247)
Executive Summary
This update resolves a vulnerability in Simple Network Management Protocol (SNMP) that could allow remote code execution. The SNMP service is not installed by default in any supported version of Windows.
http://go.microsoft.com/fwlink/?LinkId=78533

Bulletin Identifier Microsoft Security Bulletin MS06-075
Bulletin Title
Vulnerability in Windows Could Allow Elevation of Privilege (926255)
Executive Summary
A vulnerability exists in Windows that could allow elevation of privilege on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
http://go.microsoft.com/fwlink/?LinkId=77797

Bulletin Identifier Microsoft Security Bulletin MS06-076
Bulletin Title
Cumulative Security Update for Outlook Express (923694)
Executive Summary
This update resolves a vulnerability in Outlook Express that could allow remote code execution. User interaction is required for an attacker to exploit this vulnerability.
http://go.microsoft.com/fwlink/?LinkId=73835

Bulletin Identifier Microsoft Security Bulletin MS06-077
Bulletin Title
Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)
Executive Summary
This update resolves a vulnerability in Remote Installation Service (RIS) that could allow remote code execution. RIS is not installed by default.
http://go.microsoft.com/fwlink/?LinkId=78537

Acknowledgments

Microsoft thanks the following for working with us to help protect customers:

• Jakob Balle and Carsten Eiram of Secunia Research for reporting an issue described in MS06-072

• Sam Thomas, working with TippingPoint and the Zero Day Initiative, for reporting an issue described in MS06-072

• Yorick Koster of ITsec Security Services for reporting an issue described in MS06-072

• TippingPoint and the Zero Day Initiative for reporting an issue described in MS06-073

• Kostya Kortchinsky of Immunity, Inc. and Clement Seguy of the European Aeronautic Defence and Space Company for reporting an issue described in MS06-074

• Nicolas Ruff for reporting an issue described in MS06-077


This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Webcast
Microsoft will host a [webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

Start Time: Wednesday, December 13th, 2006 11:00 AM Pacific Time (US & Canada)
End Time: Wednesday, December 13th, 2006 12:00 PM Pacific Time (US & Canada)

Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Malicious Software Removal Tool
Published: January 11, 2005 | Updated: December 12, 2006


The Microsoft Windows Malicious Software Removal Tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.

Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.

Note The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. If you would like to run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.

Because computers can appear to function normally when infected, Microsoft advises you to run this tool even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.

To download the latest version of this tool, please visit the Microsoft Download Center.
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us


New Additions
Malicious Software Encyclopedia: Win32/Beenut
Published: 6, 12/4
Win32/Beenut is a family of trojan downloaders that download files from various URLs to the host computer and then run the downloaded files. A Win32/Beenut trojan may also copy itself to the host computer, modifying the registry so the copy of itself runs each time Windows starts.

http://www.microsoft.com/security/encyclopedia/details.aspx?name=Win32/Beenut

 

Microsoft Security Bulletin MS06-059
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
Published: October 10, 2006 | Updated: December 12, 2006

Version: 2.0

Summary
Who Should Read this Document: Customers who use Microsoft Excel

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately

Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

Caveats: None

Tested Software and Security Update Download Locations:

Affected Software:

• Microsoft Office 2000 Service Pack 3

• Microsoft Excel 2000 — Download the update (KB923090)


• Microsoft Office XP Service Pack 3

• Microsoft Excel 2002 — Download the update (KB923089)


• Microsoft Office 2003 Service Pack 1 or Service Pack 2

• Microsoft Office Excel 2003 — Download the update KB923088

• Microsoft Office Excel Viewer 2003 - Download the update (KB923275)


• Microsoft Office 2004 for Mac

• Microsoft Excel 2004 for Mac - Download the update (KB924999)


• Microsoft Office v. X for Mac

• Microsoft Excel v. X for Mac - Download the update KB924998


• Microsoft Works Suites:

• Microsoft Works Suite 2004 - Download the update (KB923089) (same as the Microsoft Excel 2002 update)

• Microsoft Works Suite 2005 - Download the update (KB923089) (same as the Microsoft Excel 2002 update)

• Microsoft Works Suite 2006 - Download the update (KB923089) (same as the Microsoft Excel 2002 update)



The software in this list has been tested to determine whether the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support life cycle for your product and version, visit the Microsoft Support Lifecycle Web site.

http://www.microsoft.com/technet/security/bulletin/ms06-059.mspx

 

December 2006 Security Releases ISO Image
Brief Description
These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on December 12th, 2006.

Overview
These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on December 12th, 2006. They do not contain security updates for other Microsoft products. These CD images are intended for corporate administrators who manage large multinational organizations, who need to download multiple individual language versions of each security update, and who do not use an automated solution such as WSUS. Use these images to download multiple updates in all languages at the same time.

Caution: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

These CD images contain the following updates:
KB923689 / MS06-078

* Windows Server 2003 (32-bit x86) - 18 languages
* Windows Server 2003 x64 Edition – 2 languages
* Windows XP - 24 languages
* Windows XP x64 Edition – 2 languages
* Windows 2000 - 24 languages

KB923694 / (MS06-076)

* Windows Server 2003 (32-bit x86) - 18 languages
* Windows Server 2003 for Itanium-based Systems - 4 languages
* Windows Server 2003 x64 Edition – 2 languages
* Windows XP - 24 languages
* Windows XP x64 Edition – 2 languages
* Windows 2000 - 24 languages

KB925398 / MS06-078

* Windows Server 2003 (32-bit x86) - 18 languages
* Windows Server 2003 x64 Edition – 2 languages
* Windows XP - 24 languages
* Windows XP x64 Edition – 2 languages
* Windows 2000 - 24 languages

KB925454 / (MS06-072)

* Windows Server 2003 (32-bit x86) - 18 languages
* Windows Server 2003 for Itanium-based Systems - 4 languages
* Windows Server 2003 x64 Edition – 2 languages
* Windows XP - 24 languages
* Windows XP x64 Edition – 2 languages
* Windows 2000 - 24 languages

KB926121 / (MS06-077)

* Windows 2000 - 24 languages

KB926247 / (MS06-074)

* Windows Server 2003 (32-bit x86) - 18 languages
* Windows Server 2003 for Itanium-based Systems - 4 languages
* Windows Server 2003 x64 Edition – 2 languages
* Windows XP - 24 languages
* Windows XP x64 Edition – 2 languages
* Windows 2000 - 24 languages

KB926255 / (MS06-075)

* Windows Server 2003 (32-bit x86) - 18 languages
* Windows Server 2003 for Itanium-based Systems - 4 languages
* Windows XP - 24 languages


System Requirements

* Supported Operating Systems: Windows 2000 Service Pack 4; Windows Server 2003; Windows Server 2003 Itanium-based editions; Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 1 for Itanium-based Systems; Windows Server 2003, Datacenter x64 Edition; Windows Server 2003, Enterprise x64 Edition; Windows Server 2003, Standard x64 Edition; Windows XP Professional x64 Edition ; Windows XP Service Pack 2

Instructions

1. Select a file to download at the bottom of this page, or choose a different language from the drop-down list and click Change.

2. To copy the ISO Image download to your computer to burn a CD at a later time click Save or Save this program to disk.

3. Use the directions for your CD burner to create a CD from the ISO Image


Download Information
* Windows-KB913086-200612-1.iso contains KB923689, KB923694, KB925398, KB926121, KB926247 for Windows 2000; KB925454 for IE for Windows 2000

* Windows-KB913086-200612-2.iso contains KB923689, KB923694, KB925398, KB926247, KB926255 for Windows Server 2003; KB925454 for IE for Windows Server 2003
* Windows-KB913086-200612-3.iso contains KB923689, KB923694, KB925398, KB926247, KB926255 for Windows XP; KB925454 for IE for Windows XP

http://www.microsoft.com/downloads/...bd-273b-4d3a-92a3-92ee51a510ef&DisplayLang=en