Microsoft Security Bulletin(s) October 2007

Discussion in 'other security issues & news' started by NICK ADSL UK, Oct 9, 2007.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for 10/09/2007

    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    October 9, 2007
    Today Microsoft released the following Security Bulletin(s).


    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    http://www.microsoft.com/technet/security/Bulletin/ms07-Oct.mspx

    Critical Bulletins:
    Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)
    http://www.microsoft.com/technet/security/Bulletin/ms07-055.mspx

    Security Update for Outlook Express and Windows Mail (941202)
    http://www.microsoft.com/technet/security/Bulletin/ms07-056.mspx

    Cumulative Security Update for Internet Explorer (939653)
    http://www.microsoft.com/technet/security/Bulletin/ms07-057.mspx

    Vulnerability in Microsoft Word Could Allow Remote Code Execution (942695)
    http://www.microsoft.com/technet/security/Bulletin/ms07-060.mspx

    Important Bulletins:

    Vulnerability in RPC Could Allow Denial of Service (933729)
    http://www.microsoft.com/technet/security/Bulletin/ms07-058.mspx

    Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site (942017)
    http://www.microsoft.com/technet/security/Bulletin/ms07-059.mspx

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)
    Event ID: 1032344692
    Register Online [/B]

    Language(s): English.
    Product(s): Security.
    Audience(s): IT Professionals.

    Duration: 60 Minutes
    Start Date: Wednesday, October 10, 2007 11:00 AM Pacific Time (US & Canada)

    Event Overview

    On October 9, 2007, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the October security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

    Presenters: Christopher Budd, Security Program Manager, Microsoft Corporation, and Mike Reavey, Group Manager MSRC, Microsoft Corporation

    Register now for the October security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Title: Microsoft Security Bulletin Re-Release
    Issued: October 10, 2007
    ********************************************************************

    Summary
    =======
    The following bulletin has undergone a major revision increment.
    Please see the bulletin for more detail.

    Bulletin Information:
    =====================

    MS07-056 - Critical
    http://www.microsoft.com/technet/security/bulletin/ms07-056.mspx
    Reason for Revision: Revised to include Windows XP Professional
    x64 Edition in the Affected Software section; Known Issues
    set to none; Corrected missing file information to the
    bulletin text for Outlook Express 6.0 Service Pack 1 on
    Windows 2000 Service pack 4 and Outlook Express 5.5 Service
    Pack 2 on Windows 2000 Service pack 4.
    Originally posted: October 9, 2007
    Updated: October 10, 2007
    Bulletin Severity Rating: Critical
    Version: 2.0
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    ********************************************************************
    Title: Microsoft Security Bulletin Minor Revisions
    Issued: October 17, 2007
    ********************************************************************

    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    * MS07-055 - Critical
    * MS07-060 - Critical

    Bulletin Information:
    =====================

    * MS07-055 - Critical
    http://www.microsoft.com/technet/security/bulletin/ms07-055.mspx


    - Reason for Revision: Bulletin updated to include Windows XP x64
    Edition among non-affected software.
    - Originally posted: October 9, 2007
    - Updated: October 17, 2007
    - Bulletin Severity Rating: Critical
    - Version: 1.1


    * MS07-060 - Critical

    http://www.microsoft.com/technet/security/bulletin/ms07-060.mspx

    - Reason for Revision: Bulletin updated: Vulnerability FAQ updated
    to explain the nature of the update and plans for addressing
    similar stability issues.
    - Originally posted: October 9, 2007
    - Updated: October 17, 2007
    - Bulletin Severity Rating: Critical
    - Version: 1.2
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Advisory (943521)
    URL Handling Vulnerability in Windows XP and Windows Server 2003 with Windows Internet Explorer 7 Could Allow Remote Code Execution
    Published: October 10, 2007 | Updated: October 25, 2007


    Microsoft is investigating public reports of a remote code execution vulnerability in supported editions of Windows XP and Windows Server 2003 with Windows Internet Explorer 7 installed. Microsoft is aware of proof of concept code that has been posted publicly and is continuing to investigate public reports. We are also aware of attacks that try to use the reported vulnerability.

    This vulnerability does not affect Windows Vista or any supported editions of Windows where Internet Explorer 7 is not installed.

    Customers in the U.S. and Canada who believe they are affected can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.

    International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

    Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

    http://www.microsoft.com/technet/security/advisory/943521.mspx
     
Loading...
Thread Status:
Not open for further replies.