Microsoft Security Bulletin(s) for 1/9/2007 in Security http://www.dslreports.com/forum/r17608530 en Tue, 08 Dec 2009 18:10:41 EDT Tue, 08 Dec 2009 18:10:41 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17669327 AB : Hi Libra!
Thanks for the response! Always a pleasure! :)

You're probably right. Though it's more than likely I'm going to UN-install the other one, actually. Along with any other IE patch that requires user interaction to execute the vulnerability.
I never use IE. Ever. So any patch that fits that description is actually useless to me. Excess baggage. And I'm becoming more and more convinced that some of these patches slow the machine down, as they interact with or alter the previous coding & what-not.
A statement bordering on security heresy, no doubt, but there it is anyway. I said it. ;)
I don't recommend the kids at home try this, though.
I don't know. We'll see. No final decision made yet.
Thank you very much though, Libra. I thought that post was going to die of loneliness!
Enjoy your evening!

Yours,
A.B.
:)]]> http://www.dslreports.com/forum/remark,17669327 Fri, 19 Jan 2007 01:11:39 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17669211 Libra : Hi Argle,
I got that update. If you read the article again, although XPsp2 isn't listed among the affected components, XPsp2 is listed among affected software (which appears above affected components). You should install it.
Sincerely, Libra]]> http://www.dslreports.com/forum/remark,17669211 Fri, 19 Jan 2007 00:37:54 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17659835 AB :
said by Dustyn See Profile :

Event Type: Information
Event Source: KB929969
Event Category: None
Event ID: 4377
Date: 1/9/2007
Time: 10:53:24 PM
User:
Computer:
Description:
Windows XP Version 2003 Hotfix KB929969 was installed.

For more information, see Help and Support Center at »go.microsoft.com/fwlink/events.asp.
This one I'm not sure of either. It says it replaces KB925486, which I have on my machine, yet it also says the affected components don't include IE6 on XP SP2, which is also what I have. And Belarc doesn't say it's missing.
So what's up, if anyone happens to know?

And why does Microsoft continue to take such pains to make these explanations as difficult as possible to understand?
I hate trying to decipher stuff on their site. It's semi-impossible sometimes.

And of course thank you, Melissa, as always. :)]]> http://www.dslreports.com/forum/remark,17659835 Wed, 17 Jan 2007 16:33:28 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17613742 Hutch : Thank You melissatrv See Profile. :D]]> http://www.dslreports.com/forum/remark,17613742 Wed, 10 Jan 2007 03:40:50 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17612967 danny9 : melissatrv, thanks for the update! :)]]> http://www.dslreports.com/forum/remark,17612967 Tue, 09 Jan 2007 23:37:04 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17612722 Dustyn : Event Type: Information
Event Source: KB929969
Event Category: None
Event ID: 4377
Date: 1/9/2007
Time: 10:53:24 PM
User:
Computer:
Description:
Windows XP Version 2003 Hotfix KB929969 was installed.

For more information, see Help and Support Center at »go.microsoft.com/fwlink/events.asp.

This was the only update I found at Microsoft Update for XP64. Any restarts required? I was not prompted so I guess not?

Severity Ratings and Vulnerability Identifiers:

Vulnerability Identifiers Impact of Vulnerability
Windows 2000 Service Pack 4
•Critical
Windows XP Service Pack 2
•Critical
Windows Server 2003
•Critical
Windows Server 2003 Service Pack 1 (XP64SP1)
•Moderate

Interesting security rating.
NOTE: By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration.

EDIT: Thanks for the update melissatrv See Profile
--
»/forum/wall]]> http://www.dslreports.com/forum/remark,17612722 Tue, 09 Jan 2007 22:57:41 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17612310 lilhurricane : Thanks, Melissa :)]]> http://www.dslreports.com/forum/remark,17612310 Tue, 09 Jan 2007 21:55:43 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17612065 Alwill : Much appreciated Melissa.]]> http://www.dslreports.com/forum/remark,17612065 Tue, 09 Jan 2007 21:17:28 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17611878 MagMan : Thanks forgot it was second Tues. :)]]> http://www.dslreports.com/forum/remark,17611878 Tue, 09 Jan 2007 20:50:30 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17611770 Jrb2 : Thanks Melissa !]]> http://www.dslreports.com/forum/remark,17611770 Tue, 09 Jan 2007 20:34:52 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17610725 dadkins : Thanks Melissa! :)]]> http://www.dslreports.com/forum/remark,17610725 Tue, 09 Jan 2007 18:00:22 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17610680 NICK ADSL UK : Many thanks melissa :)

Windows Malicious Software Removal Tool - January 2007 (KB890830)
Malicious Software Encyclopedia: Win32/Haxdoor

Win32/Haxdoor is a family of rootkit-capable backdoor trojans which gather and send private user data to remote attackers. Collected data might include user names and passwords, credit card numbers, bank logon credentials, or other sensitive financial information. Files and processes related to a Win32/Haxdoor infection may be hidden by a kernel-mode rootkit component, detected by Microsoft as WinNT/Haxdoor. Win32/Haxdoor can also disable security-related software and redirect the infected user’s URL connection requests. Depending on the version of the operation system infected, Win32/Haxdoor may perform other malicious actions, such as clearing CMOS settings, destroying disk data, and shutting down Windows unexpectedly.

New Additions

We have added detection and cleaning capabilities for the following malicious software:

Haxdoor/ Technical Analysis
http://www.microsoft.com/security/encyclopedia/details.aspx?name=Win32%2fHaxdoor
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security

]]> http://www.dslreports.com/forum/remark,17610680 Tue, 09 Jan 2007 17:53:12 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17610411 onDvine : Gracias, Melissa. :)]]> http://www.dslreports.com/forum/remark,17610411 Tue, 09 Jan 2007 17:12:25 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17610350 dp : Thank you Melissa :)]]> http://www.dslreports.com/forum/remark,17610350 Tue, 09 Jan 2007 17:02:18 EDT Re: Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17610323 MarkAW : Thanks melissatrv See Profile. :)]]> http://www.dslreports.com/forum/remark,17610323 Tue, 09 Jan 2007 16:49:32 EDT Microsoft Security Bulletin(s) for 1/9/2007 http://www.dslreports.com/forum/remark,17608530 melissatrv : Note: There may be latency issues due to replication, if the page does not display keep refreshing

January 9, 2007
Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···Jan.mspx

Critical Bulletins:

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
»www.microsoft.com/technet/securi···002.mspx

Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)
»www.microsoft.com/technet/securi···003.mspx

Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
»www.microsoft.com/technet/securi···004.mspx

Important Bulletins:

Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)
»www.microsoft.com/technet/securi···001.mspx


This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary]]> http://www.dslreports.com/forum/remark,17608530 Tue, 09 Jan 2007 12:59:36 EDT