Microsoft Security Bulletins for June 2007

D

Donna Buenaventura

Today, Microsoft has released the following Security Bulletins. Please see
the affected software or component below and the appropriate security
bulletin for more details. You should also read the bulletins for any
caveats prior installation of the update.

Critical:
MS07-031 - Vulnerability in the Windows Schannel Security Package Could
Allow Remote Code Execution (935840)
http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows Server
2003 for Small Business Server, Windows Server 2003, Datacenter Edition,
Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard
Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter
Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition
for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition,
Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
Edition, Windows XP Home Edition, Windows XP Professional, Windows XP
Professional 64-Bit Edition

MS07-031 - Vulnerability in the Windows Schannel Security Package Could
Allow Remote Code Execution (935840)
http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows Server
2003 for Small Business Server, Windows Server 2003, Datacenter Edition,
Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard
Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter
Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition
for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition,
Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
Edition, Windows XP Home Edition, Windows XP Professional, Windows XP
Professional 64-Bit Edition

MS07-032 - Vulnerability in Windows Vista Could Allow Information Disclosure
(931213)
http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
-- Affected Software: Windows Vista, Windows Vista x64

MS07-033 - Cumulative Security Update for Internet Explorer (933566)
http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
Edition, Windows Server 2003 for Small Business Server, Windows Server 2003,
Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server
2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server
2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003
Enterprise Edition for Itanium-based Systems, Internet Explorer 5.01,
Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise
x64 Edition, Windows Server 2003 Standard x64 Edition, Windows Vista,
Windows Vista x64, Internet Explorer 6.0 for Windows XP Service Pack 2,
Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition,
Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for
Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for Microsoft
Windows Server 2003 for Itanium-based Systems, Internet Explorer 7.0 for
Windows XP Service Pack 2 , Internet Explorer 7.0 For Windows 2003, Internet
Explorer 7 for Windows 2003 for Itanium, Internet Explorer 7 for Windows
2003 x64 Edition, Internet Explorer 7.0 for Windows Vista, Internet Explorer
7.0 for Windows Vista x64, Internet Explorer 6.0

MS07-034 - Cumulative Security Update for Outlook Express and Windows Mail
(929123)
http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
-- Affected Software: Windows XP Home Edition, Windows XP Professional,
Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small
Business Server, Windows Server 2003, Datacenter Edition, Windows Server
2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows
Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for
Itanium-based Systems, Windows Server 2003 Enterprise Edition for
Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows
Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
Edition, Outlook Express 6 on Microsoft Windows XP, Outlook Express 6 for
Microsoft Windows XP 64-Bit Edition, Outlook Express 6 on Windows Server
2003, Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based
Systems, Outlook Express 6 on Windows Server 2003 (64 bit edition), Windows
Vista, Windows Mail for Windows Vista, Windows Vista x64, Windows Mail for
Windows Vista x64 Edition

MS07-035 - Vulnerability in Win 32 API Could Allow Remote Code Execution
(935839)
http://www.microsoft.com/technet/security/Bulletin/MS07-035.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
Edition, Windows Server 2003 for Small Business Server, Windows Server 2003,
Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server
2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server
2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003
Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter
x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003
Standard x64 Edition

Moderate:
MS07-032 - Vulnerability in Windows Vista Could Allow Information Disclosure
(931213)
http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
-- Affected Software: Windows Vista, Windows Vista x64

Important:
MS07-030 - Vulnerabilities in Microsoft Visio Could Allow Remote Code
Execution (927051)
http://www.microsoft.com/technet/security/Bulletin/MS07-030.mspx
-- Affected Software: Visio 2002, Visio 2003

Microsoft also released 7 Non-Security, High-Priority Updates on Microsoft
Update (MU) and Windows Server Update Services (WSUS).

References:
Security Bulletins Summary for June:
http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
Security Bulletins for end-users:
http://www.microsoft.com/protect/computer/updates/bulletins/200706.mspx
Security Response Center Blog: http://blogs.technet.com/msrc/default.aspx

Security Bulletin Webcast:
http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US
Microsoft will host a webcast tomorrow. The webcast focuses on addressing
your questions and concerns about the security bulletins. Therefore, most of
the live webcast is aimed at giving you the opportunity to ask questions and
get answers from their security experts.
Start Date: Wednesday, June 13, 2007 11:00 AM Pacific Time (US & Canada)

Tool:
Check your system for missing or misconfigured patches using Microsoft
Baseline Security Analyzer (MBSA)
http://www.microsoft.com/technet/security/tools/mbsahome.mspx

Support:
Call Microsoft at 1-866-PCSAFETY for issues on security patches if you are
in the US and Canada. For other location, go here:
http://support.microsoft.com/common/international.aspx

Please note, Microsoft NEVER send security updates via e-mail. Download the
updates only from the vendors website - visit Windows Update and Office
Update or Microsoft Update websites. You may also get the updates thru
Automatic Updates functionality in Windows system.
Security updates are available on ISO-9660 DVD5 image files from the
Microsoft Download Center. For more information, please see
http://support.microsoft.com/kb/913086




--
Regards,
Donna Buenaventura
Windows Security MVP
w: http://cou.dozleng.com
b: http://msmvps.com/donna
 
D

Donna Buenaventura

Corrected copy (just moved out the dupe MS07-031 and 032. Sorry and Thanks!

Today, Microsoft has released the following Security Bulletins. Please see
the affected software or component below and the appropriate security
bulletin for more details. You should also read the bulletins for any
caveats prior installation of the update.

Critical:

MS07-031 - Vulnerability in the Windows Schannel Security Package Could
Allow Remote Code Execution (935840)
http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows Server
2003 for Small Business Server, Windows Server 2003, Datacenter Edition,
Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard
Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter
Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition
for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition,
Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
Edition, Windows XP Home Edition, Windows XP Professional, Windows XP
Professional 64-Bit Edition

MS07-033 - Cumulative Security Update for Internet Explorer (933566)
http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
Edition, Windows Server 2003 for Small Business Server, Windows Server 2003,
Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server
2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server
2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003
Enterprise Edition for Itanium-based Systems, Internet Explorer 5.01,
Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise
x64 Edition, Windows Server 2003 Standard x64 Edition, Windows Vista,
Windows Vista x64, Internet Explorer 6.0 for Windows XP Service Pack 2,
Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition,
Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for
Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for Microsoft
Windows Server 2003 for Itanium-based Systems, Internet Explorer 7.0 for
Windows XP Service Pack 2 , Internet Explorer 7.0 For Windows 2003, Internet
Explorer 7 for Windows 2003 for Itanium, Internet Explorer 7 for Windows
2003 x64 Edition, Internet Explorer 7.0 for Windows Vista, Internet Explorer
7.0 for Windows Vista x64, Internet Explorer 6.0

MS07-034 - Cumulative Security Update for Outlook Express and Windows Mail
(929123)
http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
-- Affected Software: Windows XP Home Edition, Windows XP Professional,
Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small
Business Server, Windows Server 2003, Datacenter Edition, Windows Server
2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows
Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for
Itanium-based Systems, Windows Server 2003 Enterprise Edition for
Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows
Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64
Edition, Outlook Express 6 on Microsoft Windows XP, Outlook Express 6 for
Microsoft Windows XP 64-Bit Edition, Outlook Express 6 on Windows Server
2003, Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based
Systems, Outlook Express 6 on Windows Server 2003 (64 bit edition), Windows
Vista, Windows Mail for Windows Vista, Windows Vista x64, Windows Mail for
Windows Vista x64 Edition

MS07-035 - Vulnerability in Win 32 API Could Allow Remote Code Execution
(935839)
http://www.microsoft.com/technet/security/Bulletin/MS07-035.mspx
-- Affected Software: Windows 2000 Server, Windows 2000 Professional,
Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows XP
Home Edition, Windows XP Professional, Windows XP Professional 64-Bit
Edition, Windows Server 2003 for Small Business Server, Windows Server 2003,
Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server
2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server
2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003
Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter
x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003
Standard x64 Edition

Moderate:

MS07-032 - Vulnerability in Windows Vista Could Allow Information Disclosure
(931213)
http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
-- Affected Software: Windows Vista, Windows Vista x64

Important:
MS07-030 - Vulnerabilities in Microsoft Visio Could Allow Remote Code
Execution (927051)
http://www.microsoft.com/technet/security/Bulletin/MS07-030.mspx
-- Affected Software: Visio 2002, Visio 2003

Microsoft also released 7 Non-Security, High-Priority Updates on Microsoft
Update (MU) and Windows Server Update Services (WSUS).

References:
Security Bulletins Summary for June:
http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
Security Bulletins for end-users:
http://www.microsoft.com/protect/computer/updates/bulletins/200706.mspx
Security Response Center Blog: http://blogs.technet.com/msrc/default.aspx

Security Bulletin Webcast:
http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US
Microsoft will host a webcast tomorrow. The webcast focuses on addressing
your questions and concerns about the security bulletins. Therefore, most of
the live webcast is aimed at giving you the opportunity to ask questions and
get answers from their security experts.
Start Date: Wednesday, June 13, 2007 11:00 AM Pacific Time (US & Canada)

Tool:
Check your system for missing or misconfigured patches using Microsoft
Baseline Security Analyzer (MBSA)
http://www.microsoft.com/technet/security/tools/mbsahome.mspx

Support:
Call Microsoft at 1-866-PCSAFETY for issues on security patches if you are
in the US and Canada. For other location, go here:
http://support.microsoft.com/common/international.aspx

Please note, Microsoft NEVER send security updates via e-mail. Download the
updates only from the vendors website - visit Windows Update and Office
Update or Microsoft Update websites. You may also get the updates thru
Automatic Updates functionality in Windows system.
Security updates are available on ISO-9660 DVD5 image files from the
Microsoft Download Center. For more information, please see
http://support.microsoft.com/kb/913086


Donna
 
M

mc

All June updates failed to be installed.. and I dunno why!! I think the error
code is 0x80070005. That error code is not listed. Worse still here's the
list of recent updates which has cannot be found using search where my
updates failed ..

Windows Malicious Software Removal Tool - June 2007 (KB890830) 13 June 2007
Windows XP Security Update for Windows XP (KB935840) 13 June 2007
Windows XP Cumulative Security Update for Outlook Express for Windows XP
(KB929123) 13 June 2007
Windows XP Cumulative Security Update for Internet Explorer 7 for Windows XP
(KB933566) 13 June 2007
Windows XP Security Update for Windows XP (KB935839) 13 June 2007
Definition Update for Windows Defender - KB915597 (Definition 1.18.2632.5)
12 June 2007
 
L

LaurenceCook

A colleague is experiencing some peculiar problems, and the only change we
can see is the installation of the latest updates. Her preferences (display
colours, icon display and arrangement etc) seem to have reverted to default,
her Skype preferences have gone and her Mozilla bookmarks have disappeared.
Also, some recently loaded pictures have gone from My Documents. Is there any
chance that the latest updates have caused these problems? If so, are they
reversible? (BTW Avast AV full scan has found no problems).
 
R

Robin Walker [MVP]

LaurenceCook said:
A colleague is experiencing some peculiar problems, and the only
change we can see is the installation of the latest updates. Her
preferences (display colours, icon display and arrangement etc) seem
to have reverted to default, her Skype preferences have gone and her
Mozilla bookmarks have disappeared. Also, some recently loaded
pictures have gone from My Documents. Is there any chance that the
latest updates have caused these problems? If so, are they
reversible? (BTW Avast AV full scan has found no problems).

This can happen if, when a user logs on, Windows decides that their profile
is corrupt. A new user directory will be created under C:\Documents and
Settings\ for this user, with default settings for everything. All her old
files will be under her former directory. Settings will need remaking.
 
T

T~Ann

I have Windows Vista 32 and Live OneCare AV. Can I assume Windows auto update
(which is on) will take care of these issues? If not what can I do to further
protect my system?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top