RE: Microsoft Security Bulletins for June 2007

RE: Microsoft Security Bulletins for June 2007
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
RE: Microsoft Security Bulletins for June 2007 T~Ann 08-14-2007
Posted by =?Utf-8?B?VH5Bbm4=?= on August 14, 2007, 1:40 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I have Windows Vista 32 and Live OneCare AV. Can I assume Windows auto update
(which is on) will take care of these issues? If not what can I do to further
protect my system?
--
Thank you for volunteering your knowledge


"Donna Buenaventura" wrote:

> Today, Microsoft has released the following Security Bulletins. Please see
> the affected software or component below and the appropriate security
> bulletin for more details. You should also read the bulletins for any
> caveats prior installation of the update.
>
> Critical:
> MS07-031 - Vulnerability in the Windows Schannel Security Package Could
> Allow Remote Code Execution (935840)
> http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows Server
> 2003 for Small Business Server, Windows Server 2003, Datacenter Edition,
> Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard
> Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter
> Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition
> for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition,
> Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
> Edition, Windows XP Home Edition, Windows XP Professional, Windows XP
> Professional 64-Bit Edition
>
> MS07-031 - Vulnerability in the Windows Schannel Security Package Could
> Allow Remote Code Execution (935840)
> http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows Server
> 2003 for Small Business Server, Windows Server 2003, Datacenter Edition,
> Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard
> Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter
> Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition
> for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition,
> Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
> Edition, Windows XP Home Edition, Windows XP Professional, Windows XP
> Professional 64-Bit Edition
>
> MS07-032 - Vulnerability in Windows Vista Could Allow Information Disclosure
> (931213)
> http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
> -- Affected Software: Windows Vista, Windows Vista x64
>
> MS07-033 - Cumulative Security Update for Internet Explorer (933566)
> http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx
> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
> Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
> Edition, Windows Server 2003 for Small Business Server, Windows Server 2003,
> Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server
> 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server
> 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003
> Enterprise Edition for Itanium-based Systems, Internet Explorer 5.01,
> Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise
> x64 Edition, Windows Server 2003 Standard x64 Edition, Windows Vista,
> Windows Vista x64, Internet Explorer 6.0 for Windows XP Service Pack 2,
> Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition,
> Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for
> Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for Microsoft
> Windows Server 2003 for Itanium-based Systems, Internet Explorer 7.0 for
> Windows XP Service Pack 2 , Internet Explorer 7.0 For Windows 2003, Internet
> Explorer 7 for Windows 2003 for Itanium, Internet Explorer 7 for Windows
> 2003 x64 Edition, Internet Explorer 7.0 for Windows Vista, Internet Explorer
> 7.0 for Windows Vista x64, Internet Explorer 6.0
>
> MS07-034 - Cumulative Security Update for Outlook Express and Windows Mail
> (929123)
> http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
> -- Affected Software: Windows XP Home Edition, Windows XP Professional,
> Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small
> Business Server, Windows Server 2003, Datacenter Edition, Windows Server
> 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows
> Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for
> Itanium-based Systems, Windows Server 2003 Enterprise Edition for
> Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows
> Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
> Edition, Outlook Express 6 on Microsoft Windows XP, Outlook Express 6 for
> Microsoft Windows XP 64-Bit Edition, Outlook Express 6 on Windows Server
> 2003, Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based
> Systems, Outlook Express 6 on Windows Server 2003 (64 bit edition), Windows
> Vista, Windows Mail for Windows Vista, Windows Vista x64, Windows Mail for
> Windows Vista x64 Edition
>
> MS07-035 - Vulnerability in Win 32 API Could Allow Remote Code Execution
> (935839)
> http://www.microsoft.com/technet/security/Bulletin/MS07-035.mspx
> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
> Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
> Edition, Windows Server 2003 for Small Business Server, Windows Server 2003,
> Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server
> 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server
> 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003
> Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter
> x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003
> Standard x64 Edition
>
> Moderate:
> MS07-032 - Vulnerability in Windows Vista Could Allow Information Disclosure
> (931213)
> http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
> -- Affected Software: Windows Vista, Windows Vista x64
>
> Important:
> MS07-030 - Vulnerabilities in Microsoft Visio Could Allow Remote Code
> Execution (927051)
> http://www.microsoft.com/technet/security/Bulletin/MS07-030.mspx
> -- Affected Software: Visio 2002, Visio 2003
>
> Microsoft also released 7 Non-Security, High-Priority Updates on Microsoft
> Update (MU) and Windows Server Update Services (WSUS).
>
> References:
> Security Bulletins Summary for June:
> http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
> Security Bulletins for end-users:
> http://www.microsoft.com/protect/computer/updates/bulletins/200706.mspx
> Security Response Center Blog: http://blogs.technet.com/msrc/default.aspx
>
> Security Bulletin Webcast:
>
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032327013&EventCategory=4&culture=en-US&CountryCode=US
> Microsoft will host a webcast tomorrow. The webcast focuses on addressing
> your questions and concerns about the security bulletins. Therefore, most of
> the live webcast is aimed at giving you the opportunity to ask questions and
> get answers from their security experts.
> Start Date: Wednesday, June 13, 2007 11:00 AM Pacific Time (US & Canada)
>
> Tool:
> Check your system for missing or misconfigured patches using Microsoft
> Baseline Security Analyzer (MBSA)
> http://www.microsoft.com/technet/security/tools/mbsahome.mspx
>
> Support:
> Call Microsoft at 1-866-PCSAFETY for issues on security patches if you are
> in the US and Canada. For other location, go here:
> http://support.microsoft.com/common/international.aspx
>
> Please note, Microsoft NEVER send security updates via e-mail. Download the
> updates only from the vendors website - visit Windows Update and Office
> Update or Microsoft Update websites. You may also get the updates thru
> Automatic Updates functionality in Windows system.
> Security updates are available on ISO-9660 DVD5 image files from the
> Microsoft Download Center. For more information, please see
> http://support.microsoft.com/kb/913086
>
>
>
>
> --
> Regards,
> Donna Buenaventura
> Windows Security MVP
> w: http://cou.dozleng.com
> b: http://msmvps.com/donna
>

Posted by PA Bear on August 14, 2007, 3:12 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Description of the Automatic Updates feature in Windows:
http://support.microsoft.com/kb/294871

Vista Features Explained: Automatic Updates
http://www.microsoft.com/windows/products/windowsvista/features/details/windowsupdate.mspx
--
~Robear Dyer (PA Bear), working offline
MS MVP-Windows (IE, OE, Security, Shell/User)
AumHa VSOP & Admin; DTS-L.org

T~Ann wrote:
> I have Windows Vista 32 and Live OneCare AV. Can I assume Windows auto
> update (which is on) will take care of these issues? If not what can I do
> to further protect my system?
>
>> Today, Microsoft has released the following Security Bulletins. Please
>> see
>> the affected software or component below and the appropriate security
>> bulletin for more details. You should also read the bulletins for any
>> caveats prior installation of the update.
>>
>> Critical:
>> MS07-031 - Vulnerability in the Windows Schannel Security Package Could
>> Allow Remote Code Execution (935840)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
>> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
>> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows
>> Server 2003 for Small Business Server, Windows Server 2003, Datacenter
>> Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003,
>> Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003
>> Datacenter Edition for Itanium-based Systems, Windows Server 2003
>> Enterprise Edition for Itanium-based Systems, Windows Server 2003
>> Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition,
>> Windows Server 2003 Standard x64 Edition, Windows XP Home Edition,
>> Windows
>> XP Professional, Windows XP Professional 64-Bit Edition
>>
>> MS07-031 - Vulnerability in the Windows Schannel Security Package Could
>> Allow Remote Code Execution (935840)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
>> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
>> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows
>> Server 2003 for Small Business Server, Windows Server 2003, Datacenter
>> Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003,
>> Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003
>> Datacenter Edition for Itanium-based Systems, Windows Server 2003
>> Enterprise Edition for Itanium-based Systems, Windows Server 2003
>> Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition,
>> Windows Server 2003 Standard x64 Edition, Windows XP Home Edition,
>> Windows
>> XP Professional, Windows XP Professional 64-Bit Edition
>>
>> MS07-032 - Vulnerability in Windows Vista Could Allow Information
>> Disclosure (931213)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
>> -- Affected Software: Windows Vista, Windows Vista x64
>>
>> MS07-033 - Cumulative Security Update for Internet Explorer (933566)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx
>> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
>> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
>> Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
>> Edition, Windows Server 2003 for Small Business Server, Windows Server
>> 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition,
>> Windows
>> Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows
>> Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server
>> 2003 Enterprise Edition for Itanium-based Systems, Internet Explorer
>> 5.01,
>> Windows Server 2003 Datacenter x64 Edition, Windows Server 2003
>> Enterprise
>> x64 Edition, Windows Server 2003 Standard x64 Edition, Windows Vista,
>> Windows Vista x64, Internet Explorer 6.0 for Windows XP Service Pack 2,
>> Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition,
>> Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for
>> Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for
>> Microsoft Windows Server 2003 for Itanium-based Systems, Internet
>> Explorer
>> 7.0 for Windows XP Service Pack 2 , Internet Explorer 7.0 For Windows
>> 2003, Internet Explorer 7 for Windows 2003 for Itanium, Internet Explorer
>> 7 for Windows 2003 x64 Edition, Internet Explorer 7.0 for Windows Vista,
>> Internet Explorer
>> 7.0 for Windows Vista x64, Internet Explorer 6.0
>>
>> MS07-034 - Cumulative Security Update for Outlook Express and Windows
>> Mail
>> (929123)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
>> -- Affected Software: Windows XP Home Edition, Windows XP Professional,
>> Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small
>> Business Server, Windows Server 2003, Datacenter Edition, Windows Server
>> 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows
>> Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for
>> Itanium-based Systems, Windows Server 2003 Enterprise Edition for
>> Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition,
>> Windows
>> Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
>> Edition, Outlook Express 6 on Microsoft Windows XP, Outlook Express 6 for
>> Microsoft Windows XP 64-Bit Edition, Outlook Express 6 on Windows Server
>> 2003, Outlook Express 6 for Microsoft Windows Server 2003 for
>> Itanium-based
>> Systems, Outlook Express 6 on Windows Server 2003 (64 bit edition),
>> Windows
>> Vista, Windows Mail for Windows Vista, Windows Vista x64, Windows Mail
>> for
>> Windows Vista x64 Edition
>>
>> MS07-035 - Vulnerability in Win 32 API Could Allow Remote Code Execution
>> (935839)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-035.mspx
>> -- Affected Software: Windows 2000 Server, Windows 2000 Professional,
>> Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
>> Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
>> Edition, Windows Server 2003 for Small Business Server, Windows Server
>> 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition,
>> Windows
>> Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows
>> Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server
>> 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003
>> Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition,
>> Windows Server 2003 Standard x64 Edition
>>
>> Moderate:
>> MS07-032 - Vulnerability in Windows Vista Could Allow Information
>> Disclosure (931213)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
>> -- Affected Software: Windows Vista, Windows Vista x64
>>
>> Important:
>> MS07-030 - Vulnerabilities in Microsoft Visio Could Allow Remote Code
>> Execution (927051)
>> http://www.microsoft.com/technet/security/Bulletin/MS07-030.mspx
>> -- Affected Software: Visio 2002, Visio 2003
>>
>> Microsoft also released 7 Non-Security, High-Priority Updates on
>> Microsoft
>> Update (MU) and Windows Server Update Services (WSUS).
>>
>> References:
>> Security Bulletins Summary for June:
>> http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
>> Security Bulletins for end-users:
>> http://www.microsoft.com/protect/computer/updates/bulletins/200706.mspx
>> Security Response Center Blog: http://blogs.technet.com/msrc/default.aspx
>>
>> Security Bulletin Webcast:
>>
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032327013&EventCategory=4&culture=en-US&CountryCode=US
>> Microsoft will host a webcast tomorrow. The webcast focuses on addressing
>> your questions and concerns about the security bulletins. Therefore, most
>> of the live webcast is aimed at giving you the opportunity to ask
>> questions and get answers from their security experts.
>> Start Date: Wednesday, June 13, 2007 11:00 AM Pacific Time (US & Canada)
>>
>> Tool:
>> Check your system for missing or misconfigured patches using Microsoft
>> Baseline Security Analyzer (MBSA)
>> http://www.microsoft.com/technet/security/tools/mbsahome.mspx
>>
>> Support:
>> Call Microsoft at 1-866-PCSAFETY for issues on security patches if you
>> are
>> in the US and Canada. For other location, go here:
>> http://support.microsoft.com/common/international.aspx
>>
>> Please note, Microsoft NEVER send security updates via e-mail. Download
>> the
>> updates only from the vendors website - visit Windows Update and Office
>> Update or Microsoft Update websites. You may also get the updates thru
>> Automatic Updates functionality in Windows system.
>> Security updates are available on ISO-9660 DVD5 image files from the
>> Microsoft Download Center. For more information, please see
>> http://support.microsoft.com/kb/913086
>>
>>
>>
>>
>> --
>> Regards,
>> Donna Buenaventura
>> Windows Security MVP
>> w: http://cou.dozleng.com
>> b: http://msmvps.com/donna


Similar ThreadsPosted
Re: Microsoft Security Bulletins for June 2007 June 12, 2007, 8:13 pm
RE: Microsoft Security Bulletins for June 2007 June 15, 2007, 10:58 am
RE: Microsoft Security Bulletins for February 2007 February 13, 2007, 8:27 pm
RE: Microsoft Security Bulletins for February 2007 February 13, 2007, 8:27 pm
Re: Microsoft Security Bulletins for February 2007 February 13, 2007, 8:33 pm
RE: Microsoft Security Bulletins for February 2007 February 13, 2007, 8:33 pm
Microsoft Security Bulletins for January January 9, 2007, 1:17 pm
RE: Microsoft January 2008 Security Bulletins January 9, 2008, 4:53 pm
Re: Microsoft January 2008 Security Bulletins January 9, 2008, 9:07 pm
Re: Microsoft January 2008 Security Bulletins January 10, 2008, 3:17 am

The site map in XML format XML site map

Contact Us | Privacy Policy