Microsoft Security Bulletin Summary for November 2006

Microsoft Security Bulletin Summary for November, 2006
http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx

Critical (5)
Bulletin Identifier Microsoft Security Bulletin MS06-067
Bulletin Title
Cumulative Security Update for Internet Explorer (922760)
Executive Summary
This update resolves vulnerabilities in Internet Explorer that could allow remote code execution.
http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx


Bulletin Identifier Microsoft Security Bulletin MS06-068
Bulletin Title
Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)
Executive Summary
This update resolves a vulnerability in Microsoft Agent that could allow remote code execution
http://www.microsoft.com/technet/security/bulletin/ms06-068.mspx


Bulletin Identifier Microsoft Security Bulletin MS06-069
Bulletin Title
Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)
Executive Summary
This update resolves vulnerabilities in Macromedia Flash Player, from Adobe, that could allow remote code execution.
http://www.microsoft.com/technet/security/bulletin/ms06-069.mspx

Bulletin Identifier Microsoft Security Bulletin MS06-070
Bulletin Title
Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)
Executive Summary
This update resolves a vulnerability in Workstation Service that could allow remote code execution.
http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx

Bulletin Identifier Microsoft Security Bulletin MS06-071
Bulletin Title
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution 928088
Executive Summary
This update resolves a vulnerability in Microsoft XML Core Services that could allow remote code execution.
http://www.microsoft.com/technet/security/bulletin/ms06-071.mspx

Important (1)
Bulletin Identifier Microsoft Security Bulletin MS06-066
Bulletin Title
Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution (923980)
Executive Summary
This update resolves vulnerabilities in the Client Service for NetWare that could allow remote code execution. The Client Service for NetWare is not installed by default on any affected operating system version.
http://www.microsoft.com/technet/security/bulletin/ms06-066.mspx

This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Webcast
Microsoft will host a webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

Start Time: Wednesday, november 15th, 2006 11:00 AM Pacific Time (US & Canada)
End Time: Wednesday, november 15th, 2006 12:00 PM Pacific Time (US & Canada)

Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Malicious Software Removal Tool
Published: January 11, 2005 | Updated: November 14, 2006


The Microsoft Windows Malicious Software Removal Tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.

Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.

Note The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. If you would like to run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.

Because computers can appear to function normally when infected, Microsoft advises you to run this tool even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.

To download the latest version of this tool, please visit the Microsoft Download Center.
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us


New Additions
We have added detection and cleaning capabilities for the following malicious software:
• Brontok
http://go.microsoft.com/fwlink/?linkid=37020&name=Win32/Brontok

 

The following bulletins have undergone a minor revision increment.

*MS06-020 *MS06-069 *MS06-071

*MS06-020
Reason for revision: Bulletin revised to call out Microsoft Windows XP Professional x64 Edition as affected software. - Updated: November 15, 2006 - Bulletin Severity Rating: Critical - Version: 1.1
http://www.microsoft.com/technet/security/bulletin/ms06-020.mspx

MS06-069 Reason for revision: Bulletin revised to clarify that this security update installs Flash6.ocx version 6.0.88.0 and removes the version of Flash.ocx it is replacing.
http://www.microsoft.com/technet/security/bulletin/ms06-069.mspx

MS06-071
Reason for revision: Executable name for msxml6 has been updated with correct name and log file has been updated with correct KB number. Additional clarification has also been added to clarify which components of the previous Bulletin this update replaces.
- Updated: November 15, 2006 - Bulletin Severity Rating: Critical - Version: 1.1
http://www.microsoft.com/technet/security/bulletin/ms06-071.mspx

 

MS06-071 Available Through SUS 1.0

 

Microsoft Security Bulletin Advance Notification
http://www.microsoft.com/technet/security/...in/advance.mspx

The next security bulletin advance notification is scheduled for December 7, 2006, and will outline information for the December 12, 2006 security bulletin release.


December Security Bulletin Webcast
http://msevents.microsoft.com/CUI/WebCastE...;CountryCode=US

Microsoft will host a webcast on December 13, 2006 (after Patch Tuesday) to address your concerns. The webcast is devoted to attendees asking questions about the bulletins and getting answers from their security experts.

 

On 12 December 2006 Microsoft is planning to release:

Security Updates
•

Five Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Some of these updates will require a restart.
•

One Microsoft Security Bulletins affecting Microsoft Visual Studio. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool
•

Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

Note that this tool will NOT be distributed using Software Update Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS
•

Microsoft will release four NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).
•

Microsoft will release 10 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.

Microsoft will host a webcast next week to address customer questions on these bulletins. For more information on this webcast please see below:
•

TechNet Webcast: Information about Microsoft's Security Bulletins
•

Wednesday, December 13, 2006 11:00 AM Pacific Time (US & Canada)
http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US

At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 12 December 2006.