Microsoft Security Bulletin Summary for October, 2006

Discussion in 'other security issues & news' started by NICK ADSL UK, Oct 10, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Summary for October, 2006
    Published: October 10, 2006

    Critical (6)

    Microsoft Security Bulletin MS06-057
    Vulnerability in Windows Explorer Could Allow Remote Execution (923191)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/bulletin/ms06-057.mspx


    Microsoft Security Bulletin MS06-058
    Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx

    Microsoft Security Bulletin MS06-059
    Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/Bulletin/MS06-059.mspx

    Microsoft Security Bulletin MS06-060
    Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/Bulletin/MS06-060.mspx

    Microsoft Security Bulletin MS06-055
    Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
    Published: September 26, 2006 | Updated: October 5, 2006
    http://www.microsoft.com/technet/security/Bulletin/ms06-055.mspx

    Microsoft Security Bulletin MS06-062
    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/Bulletin/MS06-062.mspx

    Important (1)
    Microsoft Security Bulletin MS06-063

    Vulnerability in Server Service Could Allow Denial of Service (923414)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/bulletin/ms06-063.mspx

    Moderate (2)
    Microsoft Security Bulletin MS06-056

    Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/Bulletin/MS06-056.mspx

    Microsoft Security Bulletin MS06-065
    Vulnerability in Windows Object Packager Could Allow Remote Execution (924496)
    Published: October 10, 2006
    http://www.microsoft.com/technet/security/bulletin/ms06-065.mspx

    Low (1)
    Microsoft Security Bulletin MS06-064
    Vulnerabilities in TCP/IP Could Allow Denial of Service (922819)
    http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx


    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Webcast
    Microsoft will host a webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

    Start Time: Wednesday, october 11th, 2006 11:00 AM Pacific Time (US & Canada)
    End Time: Wednesday, october 11th, 2006 12:00 PM Pacific Time (US & Canada)


    Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft® Windows® Malicious Software Removal Tool (KB890830)
    Brief Description

    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

    File Name: Windows-KB890830-V1.21.exe
    Version: 1.21

    Knowledge Base (KB) Articles: KB890830
    Date Published: 10/10/2006
    Language: English
    Download Size: 4.1 MB


    Overview
    The Microsoft Windows Malicious Software Removal Tool checks Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder.

    This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product.

    Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on Microsoft.com.

    To have the newest versions automatically delivered and installed as soon as they are released, set the Automatic Updates feature to Automatic. The version of this tool delivered by Windows Update runs on your computer once a month, in the background. If an infection is found, the tool will display a status report the next time you start your computer. If you would like to run this tool more than once a month, run the version that is available from this Web page or use the version on the Malicious Software Removal Tool Web site.

    http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Just a brief update on some latest news just in with regards the Microsoft Security Bulletin Summary for October, 2006

    Due to some network issues experienced on the Microsoft Update platform, the October security updates released today are not yet currently available via:

    Microsoft Update
    Automatic Updates
    Windows Server Update Services (WSUS)
    Windows Update v6
    To be clear, it’s a delay due to the networking for these systems: there are no issues with the security updates themselves. Also, this issue doesn’t affect customers using Software Update Services (SUS), Windows Update v4 or Office Update.

    Those of you affected by this delay who want to deploy the updates immediately can go ahead and download and deploy these updates manually by visiting http://www.microsoft.com/technet/security for the list of bulletins released today and then downloading the updates directly from the links in the bulletin.

    Technical teams are engaged and have been working around the clock to resolve this problem and we anticipate that updates will be made available via the Microsoft Update platform by end of today October 10th.

    We will post an update when the situation has been resolved and the updates are again available via this distribution channel.

    -Craig
    http://blogs.technet.com/msrc/archive/2006/10/10/October-2006-Bulletin-Release.aspx
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    The technical issue as outlined above appears to be fixed and the Microsoft website is now available for the downloading of these updates.
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Following the technical glitch yesterday in which the Microsoft Security Bulletin Summary for October, 2006 was delayed. Although the Microsoft update site is now back to normal some of you may still be experiencing on where you are a delay in getting these updates owing to heavy traffic. If you have been affected please do remember to check back at the Microsoft update site to obtain these security updates or alternatively to make sure you have your computer set to automatically download these updates
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft October 2006 Security Releases ISO Image

    Brief Description
    This ISO-9660 CD image file contains the security updates for Windows released on Windows Update on October 10th, 2006.

    Overview
    This ISO-9660 CD image file contains the security updates for Windows released on Windows Update on October 10th, 2006. It does not contain security updates for other Microsoft products. This CD image is intended for corporate administrators who manage large multinational organizations, who need to download multiple individual language versions of each security update, and who do not use an automated solution such as WSUS. Use this image to download multiple updates in all languages at the same time.

    Caution: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

    http://www.microsoft.com/downloads/...dd-ae5d-4908-bb63-d0054775ee9e&DisplayLang=en
     
Loading...
Thread Status:
Not open for further replies.