Microsoft Security Bulletin Summary for May 2007

Discussion in 'other security issues & news' started by NICK ADSL UK, May 8, 2007.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for 5/08/2007
    http://www.microsoft.com/technet/security/bulletin/ms07-may.mspx

    May 8 2007
    Today Microsoft released the following Security Bulletin(s).


    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:


    Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966):
    http://www.microsoft.com/technet/security/Bulletin/MS07-029.mspx

    Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)
    http://www.microsoft.com/technet/security/Bulletin/MS07-028.mspx

    Cumulative Security Update for Internet Explorer 931768
    http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx

    Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)
    http://www.microsoft.com/technet/security/Bulletin/MS07-026.mspx

    Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)
    http://www.microsoft.com/technet/security/Bulletin/MS07-025.mspx

    Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)
    http://www.microsoft.com/technet/security/Bulletin/MS07-024.mspx

    Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
    http://www.microsoft.com/technet/security/Bulletin/MS07-023.mspx

    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About Microsoft May Security Bulletins (Level 200)
    Language(s): English.
    Product(s): Security.
    Audience(s): IT Professional.

    Duration: 60 Minutes
    Start Date: Wednesday, May 09, 2007 11:00 AM Pacific Time (US & Canada)


    Event Overview

    On May 8, 2007, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the May security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

    Presenters: Christopher Budd, CCE, CISA, CISM, CISSP, ISSMP Security Program Manager, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation

    Register now for the May security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Families Cleaned by the Malicious Software Removal Tool
    Additions Are Made Each Month to Address the Latest Threats
    Published: April 12, 2005 | Updated: May 8, 2007



    Run the tool from the Microsoft.com Web site, or download the tool and run it locally on your computer.

    The Microsoft Windows Malicious Software Removal Tool removes specific, prevalent malicious software families from computers running compatible versions of Windows. Microsoft releases a new version of the tool on the second Tuesday of every month, and as needed to respond to security incidents.

    New Malicious Software
    The following malicious software was added this release. Click the name to learn more in our Malicious Software Encyclopedia.

    Renos
    http://www.microsoft.com/security/encyclopedia/details.aspx?name=Win32/Renos
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS07-027
    Cumulative Security Update for Internet Explorer 931768
    Published: May 8, 2007 | Updated: May 16, 2007
    Revisions:

    • V1.0 (May 8, 2007): Bulletin published.


    • V1.1 (May 8, 2007): Updated file version, size and time-stamp information for the Microsoft Internet Explorer 6 for Windows XP Service Pack 2.

    • V1.2 (May 16, 2007): Bulletin revised due to an incorrect file name in Arbitrary File Rewrite Vulnerability - CVE-2007-2221 killbit table; A new issue discovered with the security update: 937409The “File Download – Security Warning” dialog box opens when you try to open Internet Explorer 7;Updated file names for Internet Explorer 7

    http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS07-025
    Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)
    Published: May 8, 2007 | Updated: May 16, 2007

    Version: 1.1

    Revisions:

    • V1.0 (May 8, 2007): Bulletin published.

    • V1.1 (May 16, 2007): Bulletin workarounds section updated, with the removal of the “Use Microsoft Word Viewer 2003 to open and view files” workaround. This workaround is not valid for the vulnerability discussed in this security bulletin.

    http://www.microsoft.com/technet/security/bulletin/ms07-025.mspx
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS07-023
    Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
    Published: May 8, 2007 | Updated: May 16, 2007

    Version: 1.1

    Revisions:

    • V1.0 (May 8, 2007): Bulletin published.


    • V1.1 (May 16, 2007): Bulletin “Installation File Information” section updated with the correct file name for the Office 2007 Compatibility Pack.

    http://www.microsoft.com/technet/security/bulletin/ms07-023.mspx
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions
    Issued: May 17, 2007

    ********************************************************************

    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    * MS07-025
    * MS07-023


    Bulletin Information:
    =====================

    * MS07-025
    http://www.microsoft.com/technet/security/bulletin/ms07-025.mspx

    - Reason for Revision: This Bulletin has been revised due to new
    issues discovered with the security update as reflected in
    Microsoft Knowledge Base Article 934873
    - Originally posted: May 8, 2007
    - Updated: May 17, 2007
    - Bulletin Severity Rating: Critical
    - Version: 1.2

    MS07-023
    http://www.microsoft.com/technet/security/bulletin/ms07-023.mspx

    - Reason for Revision: This Bulletin has been revised due to new
    issues discovered with the security update as reflected in
    Microsoft Knowledge Base Article 934233
    - Originally posted: May 8, 2007
    - Updated: May 17, 2007
    - Bulletin Severity Rating: Critical
    - Version: 1.2

    Support:
    ========
    Technical support resources can be found at
    http://support.microsoft.com/

    International customers can get support from their local Microsoft subsidiaries. Phone numbers for international support can be found
    at:
    http://support.microsoft.com/common/international.aspx
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Advance Notification for June 2007

    Microsoft Security Bulletin Advance Notification issued: June 7, 2007
    Microsoft Security Bulletins to be issued: June 12, 2007

    This is an advance notification of six security bulletins that Microsoft is intending to release on June 12, 2007.


    http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
     
Loading...
Thread Status:
Not open for further replies.