|
| |||||||
| Notices |
 |
| LinkBack | Thread Tools | Display Modes |
12-11-2007, 05:15 PM
| #1 (permalink) |
 Microsoft Security Bulletins for December 2007 Microsoft Security Bulletins for December 2007 Microsoft released today the following security bulletins. Note: There may be latency issues due to replication, if the page does not display keep refreshing Critical: MS07-064 - Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) http://www.microsoft.com/technet/sec.../MS07-064.mspx MS07-068 - Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) http://www.microsoft.com/technet/sec.../MS07-068.mspx MS07-069 - Cumulative Security Update for Internet Explorer (942615) http://www.microsoft.com/technet/sec.../MS07-069.mspx Important: MS07-063 - Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) http://www.microsoft.com/technet/sec.../MS07-063.mspx MS07-065 - Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) http://www.microsoft.com/technet/sec.../MS07-065.mspx MS07-066 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078) http://www.microsoft.com/technet/sec.../MS07-066.mspx MS07-067 - Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653) http://www.microsoft.com/technet/sec.../MS07-067.mspx Non-Security, High-Priority Updates on MU, WU, and WSUS Microsoft has released four non-security, high-priority updates and 2007 Microsoft Office Service Pack 1 on Microsoft Update (MU) and Windows Server Update Services (WSUS). Microsoft has released four non-security, high-priority updates for Windows and Windows SharePoint Services 3.0 Service Pack 1 on Windows Update (WU) and WSUS. References: December 2007 Security Bulletins Summary: http://www.microsoft.com/technet/sec.../ms07-dec.mspx Security Bulletin for end-users: http://www.microsoft.com/protect/com...ns/200712.mspx MSRC Blog: http://blogs.technet.com/msrc/default.aspx Support: Call 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. International users should go to http://support.microsoft.com/common/international.aspx Security Bulletin Webcast: Microsoft will host a Webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts: http://msevents.microsoft.com/CUI/We...CountryCode=US Update sources: Microsoft NEVER send security updates via e-mail. As always, download the updates only from the vendors' website - visit Windows Update and Office Update or Microsoft Update. You may also get the updates thru Automatic Updates functionality in Windows. Security updates are available on ISO-9660 DVD5 image files from the Microsoft Download Center. For more information, please see http://support.microsoft.com/kb/913086 Note: Don't be a victim of spoofed emails. Read "How to tell whether a security e-mail message is really from Microsoft" at http://www.microsoft.com/athome/secu...uine_mail.mspx Recommendations: Microsoft advises customers to install the latest product releases, security updates, and service packs to remain as secure as possible. Older products, such as Microsoft Windows NT 4.0, may not meet today's more demanding security requirements. It may not be possible for Microsoft to provide security updates for older products. More info at Microsoft Support Lifecycle website: http://support.microsoft.com/lifecycle/ Tool: Check your system for missing or misconfigured patches using Microsoft Baseline Security Analyzer (MBSA) - http://www.microsoft.com/technet/sec.../mbsahome.mspx For 3rd Party tools in scanning your computer for missing updates, hotfixes or out-dated version, please see the list at http://www.dozleng.com/updates/index...howtopic=13587 Regards, Donna Buenaventura Windows Security MVP | Guest
Posts: n/a
|
 |
|
12-11-2007, 05:41 PM
| #2 (permalink) | |
| Re: Microsoft Security Bulletins for December 2007 Known issues as per Microsoft: Microsoft Security Bulletin MS07-064: Microsoft Knowledge Base Article 941568 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. http://support.microsoft.com/kb/941568 Microsoft Security Bulletin MS07-069 - Microsoft Knowledge Base Article 942615 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. http://support.microsoft.com/kb/942615 NOTE: If pages of KB article is not available, please try later. "Donna Buenaventura" <dbuenaventura@mvps.org> wrote in message news:E3E51AED-8758-4393-94A8-596FF7110ED7@microsoft.com... Quote:
| Guest
Posts: n/a
| |
| |
|
12-11-2007, 06:46 PM
| #3 (permalink) |
| Re: Microsoft Security Bulletins for December 2007 Donna: I see nothing on those pages regarding known issues. "Donna Buenaventura" <dbuenaventura@mvps.org> wrote in message news:70E23C41-42A0-4D9C-9E9F-93B387947F08@microsoft.com... : Known issues as per Microsoft: : : Microsoft Security Bulletin MS07-064: Microsoft Knowledge Base Article : 941568 documents the currently known issues that customers may experience : when they install this security update. The article also documents : recommended solutions for these issues. : http://support.microsoft.com/kb/941568 : : Microsoft Security Bulletin MS07-069 - Microsoft Knowledge Base Article : 942615 documents the currently known issues that customers may experience : when they install this security update. The article also documents : recommended solutions for these issues. : http://support.microsoft.com/kb/942615 : : NOTE: If pages of KB article is not available, please try later. : : "Donna Buenaventura" <dbuenaventura@mvps.org> wrote in message : news:E3E51AED-8758-4393-94A8-596FF7110ED7@microsoft.com... : > Microsoft Security Bulletins for December 2007 : > : > Microsoft released today the following security bulletins. Note: There may : > be latency issues due to replication, if the page does not display keep : > refreshing : > : > Critical: : > MS07-064 - Vulnerabilities in DirectX Could Allow Remote Code Execution : > (941568) : > http://www.microsoft.com/technet/sec.../MS07-064.mspx : > MS07-068 - Vulnerabilities in DirectX Could Allow Remote Code Execution : > (941568) : > http://www.microsoft.com/technet/sec.../MS07-068.mspx : > MS07-069 - Cumulative Security Update for Internet Explorer (942615) : > http://www.microsoft.com/technet/sec.../MS07-069.mspx : > : > Important: : > : > MS07-063 - Vulnerability in SMBv2 Could Allow Remote Code Execution : > (942624) : > http://www.microsoft.com/technet/sec.../MS07-063.mspx : > MS07-065 - Vulnerability in Message Queuing Could Allow Remote Code : > Execution (937894) : > http://www.microsoft.com/technet/sec.../MS07-065.mspx : > MS07-066 - Vulnerability in Windows Kernel Could Allow Elevation of : > Privilege (943078) : > http://www.microsoft.com/technet/sec.../MS07-066.mspx : > MS07-067 - Vulnerability in Macrovision Driver Could Allow Local Elevation : > of Privilege (944653) : > http://www.microsoft.com/technet/sec.../MS07-067.mspx : > : > Non-Security, High-Priority Updates on MU, WU, and WSUS : > : > Microsoft has released four non-security, high-priority updates and 2007 : > Microsoft Office Service Pack 1 on Microsoft Update (MU) and Windows : > Server Update Services (WSUS). : > : > Microsoft has released four non-security, high-priority updates for : > Windows and Windows SharePoint Services 3.0 Service Pack 1 on Windows : > Update (WU) and WSUS. : > : > References: : > December 2007 Security Bulletins Summary: : > http://www.microsoft.com/technet/sec.../ms07-dec.mspx : > Security Bulletin for end-users: : > http://www.microsoft.com/protect/com...ns/200712.mspx : > MSRC Blog: http://blogs.technet.com/msrc/default.aspx : > : > Support: : > Call 1-866-PCSAFETY. There is no charge for support calls that are : > associated with security updates. International users should go to : > http://support.microsoft.com/common/international.aspx : > : > Security Bulletin Webcast: : > Microsoft will host a Webcast tomorrow. The webcast focuses on addressing : > your questions and concerns about the security bulletins. Therefore, most : > of the live webcast is aimed at giving you the opportunity to ask : > questions and get answers from their security experts: : > http://msevents.microsoft.com/CUI/We...CountryCode=US : > : > Update sources: : > Microsoft NEVER send security updates via e-mail. As always, download the : > updates only from the vendors' website - visit Windows Update and Office : > Update or Microsoft Update. You may also get the updates thru Automatic : > Updates functionality in Windows. : > Security updates are available on ISO-9660 DVD5 image files from the : > Microsoft Download Center. For more information, please see : > http://support.microsoft.com/kb/913086 : > Note: Don't be a victim of spoofed emails. Read "How to tell whether a : > security e-mail message is really from Microsoft" at : > http://www.microsoft.com/athome/secu...uine_mail.mspx : > : > Recommendations: : > Microsoft advises customers to install the latest product releases, : > security updates, and service packs to remain as secure as possible. Older : > products, such as Microsoft Windows NT 4.0, may not meet today's more : > demanding security requirements. It may not be possible for Microsoft to : > provide security updates for older products. More info at Microsoft : > Support Lifecycle website: http://support.microsoft.com/lifecycle/ : > : > Tool: : > Check your system for missing or misconfigured patches using Microsoft : > Baseline Security Analyzer (MBSA) - : > http://www.microsoft.com/technet/sec.../mbsahome.mspx : > For 3rd Party tools in scanning your computer for missing updates, : > hotfixes or out-dated version, please see the list at : > http://www.dozleng.com/updates/index...howtopic=13587 : > : > Regards, : > Donna Buenaventura : > Windows Security MVP : | Guest
Posts: n/a
|
| |
|
12-11-2007, 07:16 PM
| #4 (permalink) | |
| Re: Microsoft Security Bulletins for December 2007 You will Tom, you will. There's just nothing to show at the mowment. MowGreen [MVP 2003-2008] =============== *-343-* FDNY Never Forgotten =============== Tom [Pepper] Willett wrote: Quote:
| Guest
Posts: n/a
| |
| |
|
12-11-2007, 07:22 PM
| #5 (permalink) |
| Re: Microsoft Security Bulletins for December 2007 Okay. Thanks, Steve. Tom "MowGreen [MVP]" <mowgreen@nowandzen.com> wrote in message news:ulapCLDPIHA.4712@TK2MSFTNGP04.phx.gbl... : You will Tom, you will. There's just nothing to show at the mowment. : : : MowGreen [MVP 2003-2008] : =============== : *-343-* FDNY : Never Forgotten : =============== : : : : Tom [Pepper] Willett wrote: : : > Donna: I see nothing on those pages regarding known issues. : > : > "Donna Buenaventura" <dbuenaventura@mvps.org> wrote in message : > news:70E23C41-42A0-4D9C-9E9F-93B387947F08@microsoft.com... : > : Known issues as per Microsoft: : > : : > : Microsoft Security Bulletin MS07-064: Microsoft Knowledge Base Article : > : 941568 documents the currently known issues that customers may experience : > : when they install this security update. The article also documents : > : recommended solutions for these issues. : > : http://support.microsoft.com/kb/941568 : > : : > : Microsoft Security Bulletin MS07-069 - Microsoft Knowledge Base Article : > : 942615 documents the currently known issues that customers may experience : > : when they install this security update. The article also documents : > : recommended solutions for these issues. : > : http://support.microsoft.com/kb/942615 : > : : > : NOTE: If pages of KB article is not available, please try later. : > : | Guest
Posts: n/a
|
| |
|
12-12-2007, 03:21 AM
| #6 (permalink) | |
| Re: Microsoft Security Bulletins for December 2007 More: http://aumha.net/viewtopic.php?t=30454 &ff -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE, OE, Security, Shell/User) AumHa VSOP & Admin http://aumha.net DTS-L.ORG http://66.39.69.143/ Donna Buenaventura wrote: Quote:
| Guest
Posts: n/a
| |
| |
|
12-12-2007, 04:05 AM
| #7 (permalink) | ||
| Re: Microsoft Security Bulletins for December 2007 Robear, you may wish to add the links to the article re Office 2007 - http://support.microsoft.com/Default.aspx?kbid=936982 and/or http://www.microsoft.com/downloads/d...displaylang=en Kaylene "PA Bear" wrote: Quote:
| Guest
Posts: n/a
| ||
| |
|
12-12-2007, 09:30 AM
| #8 (permalink) | |
| Re: Microsoft Security Bulletins for December 2007 Donna Buenaventura added these comments in the current discussion du jour ... Quote:
are they going to work for the vast majority of people or be problematic for at least some percentage? I ask because I never do the updates they day they are released by MS, preferring to lurk for awhile in this and other MS peer-to-peer help NGs to see what issues others may be having. And, how does any customer or group of customers figure out if the particular vulnerability even applies to them? If not, seems like risking a problem for a fix that isn't needed. Thanks. -- HP, aka Jerry "Never complain, never explain" - Henry Ford II | Guest
Posts: n/a
| |
| |
|
12-12-2007, 02:08 PM
| #9 (permalink) | ||
| Re: Microsoft Security Bulletins for December 2007 Non-issues as far as I am concerned. I rely on Microsoft Update to present only those updates that my computer needs and I image my system partition before installing. If any problems occur (which has not happened to me in years) I would just restore my image and watch the newsgroups for advice. --- Leonard Grey Errare humanum est HEMI-Powered wrote: Quote:
| Guest
Posts: n/a
| ||
| |
|
12-13-2007, 03:11 AM
| #10 (permalink) | |
| Re: Microsoft Security Bulletins for December 2007 Hi, I don't trust any updates because many things may or may not happen. It is recommended to update soon especially if it's security-related and major bug fixes that affects the user's application. Every PC including those from vendors (e.g. Microsoft) has their own settings and other products that is not the same to all users in the world so what might work to User A, B, C... may not work to User X, Y, Z. Even if I don't trust any updates, I have to install them to enjoy the fixes and improvements. I don't delay as I'm confident I can go back in the good system state. Like Leonard, I rely on backup and ensure that System Restore is functioning (not only running) prior installation of big updates. If I may add here the link to what I wrote last year: What to do before "Patch Tuesday"? http://www.dozleng.com/updates/index.php?showtopic=9112 If anything is screwed, I'll just try System Restore. If no joy, I use the full system backup. Windows Update should only offer products that is applicable for your system (windows and other components that WU can detect/install/offer). It should not offer products that is not installed in your machine. Although, today.. it offered me some product updates that is nowhere to be found in my system: http://www.dozleng.com/updates/index...howtopic=16588. A suggestion: Avoid using Automatic Updates but use the setting to notify you on updates then review the offered updates. Set to ignore the products that you don't need or don't want to install (except security updates). Sometimes MS release some toolkit to block installation of Service Pack or upgrade on major component in Windows. Regards, Donna "HEMI-Powered" <none@none.en> wrote in message news:Xns9A04381813BC3ReplyScoreID@140.99.99.130... Quote:
| Guest
Posts: n/a
| |
| |
|
| Tags |
| None |
| Thread Tools | |
| Display Modes | |
| |
| ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Microsoft Security Bulletins for October 2007 | Donna Buenaventura \(MVP\) | Windows Vista Security | 0 | 10-09-2007 05:51 PM |
| Microsoft Security Bulletins for July 2007 | Donna Buenaventura | Windows Vista Security | 0 | 07-10-2007 05:24 PM |
| Microsoft Security Bulletins for June 2007 | Donna Buenaventura | Windows Vista Security | 3 | 06-12-2007 09:42 PM |
| Microsoft Security Bulletins for May 2007 | Donna Buenaventura | Windows Vista Security | 5 | 05-09-2007 01:40 AM |
| Microsoft Security Bulletins for February 2007 | Donna Buenaventura | Windows Vista Security | 10 | 02-15-2007 03:18 AM |
Linear Mode
