Microsoft Security Bulletins for May 2006

Discussion in 'other security issues & news' started by NICK ADSL UK, May 9, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft® Windows® Malicious Software Removal Tool (KB890830)
    Brief Description

    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

    Overview
    The Microsoft Windows Malicious Software Removal Tool checks Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder.

    This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product.

    Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on Microsoft.com.

    To have the newest versions automatically delivered and installed as soon as they are released, set the Automatic Updates feature to Automatic. The version of this tool delivered by Windows Update runs on your computer once a month, in the background. If an infection is found, the tool will display a status report the next time you start your computer. If you would like to run this tool more than once a month, run the version that is available from this Web page or use the version on the Malicious Software Removal Tool Web site.

    http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
     

    Attached Files:

  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for 5/9/2006

    May 9, 2006

    Today Microsoft released the following Security Bulletin(s).


    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this
    one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:

    http://www.microsoft.com/technet/security/Bulletin/ms06-May.mspx

    Critical Bulletins:

    Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)

    http://www.microsoft.com/technet/security/Bulletin/ms06-019.mspx


    Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)
    http://www.microsoft.com/technet/security/Bulletin/ms06-020.mspx

    Moderate Bulletins:


    Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)
    http://www.microsoft.com/technet/security/Bulletin/ms06-018.mspx

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338 International customers should contact their local subsidiary.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About Microsoft June Security Bulletins (Level 200)
    Start Time: Wednesday, June 14, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
    End Time: Wednesday, June 14, 2006 12:00 PM (GMT-08:00) Pacific Time (US & Canada)

    Event Description
    Products: Security.

    Recommended Audience: IT Professional.

    Language: English-American

    Description: On June 13, 2006, Microsoft releases its monthly security bulletins.
    Join us for a brief overview of the technical details of the June security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the security bulletins and getting answers from our security experts.

    Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation

    Click here to register for the June Security Bulletin Webcast
    http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US
     
    Last edited: May 11, 2006
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Title: Microsoft Security Bulletin Minor Revisions
    Issued: May 11, 2006


    Microsoft Security Bulletin MS06-019
    Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)
    Published: May 9, 2006 | Updated: May 11, 2006

    Version: 1.1

    Summary
    Who should read this document: System administrators who use Microsoft Exchange

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately.

    Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list.


    Caveats: Microsoft Knowledge Base Article 916803 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 916803.
    http://support.microsoft.com/kb/916803

    Tested Software and Security Update Download Locations:

    Affected Software:

    • Microsoft Exchange Server 2000 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004(870540) - Download the update

    • Microsoft Exchange Server 2003 Service Pack 1– Download the update

    • Microsoft Exchange Server 2003 Service Pack 2 –Download the update


    The software in this list has been tested to determine whether the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support life cycle for your product and version, visit the Microsoft Support Lifecycle Web site.

    For more information about Exchange 2000 Server Post-Service Pack 3 Update Rollup see Microsoft Knowledge Base Article 870540.
    http://www.microsoft.com/technet/security/bulletin/ms06-019.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS06-014
    Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
    Published: April 11, 2006 | Updated: May 11, 2006


    Reason for Revision: Bulletin updated the following: "Spuninst.exe utility location" located in the "Removal Information" for "Windows XP Service Pack 1 with Microsoft Data Access Components 2.8 installed" under "Windows XP (all versions)" in the "Security Update Information" section.
    Updated the "Security Update Replacement" and "What updates does this release replace?" section in the "Frequently asked questions (FAQ) related to this security update".
    Originally posted: April 11, 2006
    Updated: May 11, 2006
    Bulletin Severity Rating: Critical
    Version: 1.2
    http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
     
Loading...
Thread Status:
Not open for further replies.