melissatrv
Premium,VIP
join:2005-05-23
Charlotte, NC
| Microsoft Security Bulletin(s) for 11/13/2007
Note: There may be latency issues due to replication, if the page does not display keep refreshing
November 13, 2007
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
»www.microsoft.com/technet/securi···Nov.mspx
Critical Bulletins:
Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)
»www.microsoft.com/technet/securi···061.mspx
Important Bulletins:
Vulnerability in DNS Could Allow Spoofing (941672)
»www.microsoft.com/technet/securi···062.mspx
Re-Released Bulletins:
Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
»www.microsoft.com/technet/securi···049.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary |
|
xstation20
join:2005-05-03
San Jose, CA | thanks |
|
dp
Go Steelers
Premium,MVM
join:2000-12-08
Greensburg, PA | reply to melissatrv
Thank you Melissa  |
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
| reply to melissatrv
Many thanks as always melissa
TechNet Webcast: Information About Microsoft November Security Bulletins (Level 200)
Event ID: 1032344694
Register Online
Language(s): English.
Product(s): Security.
Audience(s): IT Professionals.
Duration: 60 Minutes
Start Date: Wednesday, November 14, 2007 11:00 AM Pacific Time (US & Canada)
Event Overview
On November 13, 2007, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the November security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.
Presenters: Christopher Budd, Security Program Manager, Microsoft Corporation, and Mike Reavey, Group Manager MSRC, Microsoft Corporation
Register now for the November security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security
|
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs: | reply to melissatrv
Thank you Ms. Melissa and Nick! |
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
| reply to melissatrv
Malicious Software Removal Tool
Published: January 11, 2005 | Updated: November 13, 2007
New Additions
We have added detection and cleaning capabilities for the following malicious software:
• Conhook
»go.microsoft.com/fwlink/?linkid=···/Conhook
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security
|
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada | reply to melissatrv
Thanks Melissa & Nick updating now. |
|
DrDemento
join:2005-07-25
Brick, NJ | reply to melissatrv
Just updated. Only had KB943460 and KB890830 to install today. Both went smoothly. |
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA | reply to melissatrv
Thank you Melissa! |
|
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
| reply to melissatrv
Once again, thank you Melissa (& Nick)
Just as sure as there is a "patch Tuesday", we can always count on this thread to fill us in on the details. 
All is well here (XP Pro SP2).
--
I had a life once.....now I have a Computer and a Modem. |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH | reply to melissatrv
Thanks Melissa.
Two for me all is well. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
1 edit | reply to melissatrv
Windows Vista picked up 4 fixes today. No problems after install.
I didn't see KB941649 mentioned elsewhere here. Here is info on this Vista fix:
»support.microsoft.com/kb/941649
• It extends the battery life for mobile devices.
• It improves the stability of portable computers and of desktop computers that use an uninterruptable power supply (UPS).
• It improves the reliability of Windows Vista when you open the menu of a startup application.
• It improves the stability of wireless network services.
• It shortens the startup time of Windows Vista by using a better timing structure.
• It shortens the recovery time after Windows Vista experiences a period of inactivity.
• It shortens the recovery time when you try to exit the Photos screen saver.
• It improves the stability of Windows PowerShell.
This update also resolves the following issues in Windows Vista:• A compatibility issue that affects some third-party antivirus software applications.
• A reliability issue that occurs when a Windows Vista-based computer uses certain network driver configurations.
|
|
AB
Premium
join:2006-04-04
Leesburg, VA
1 edit | reply to melissatrv
Thanks, Melissa!
From the link:
"Mitigating Factors for Windows URI Handling Vulnerability - CVE-2007-3896
•Windows 2000 Service Pack 4 is not affected
•Windows Vista is not affected
•Windows Vista x64 Edition is not affected
•Microsoft has not identified a way to exploit this vulnerability on any Windows operating system that is running Internet Explorer 6"
Uhh . . yeah. Sounds pretty scary, all right-- not.
Exactly who is affected? ME users running IE 4 & 5?
*Edit- On second blush, it might appear that IE 7 on Windows XP is vulnerable.
"Workarounds for Windows URI Handling Vulnerability - CVE-2007-3896
Microsoft has not identified any workarounds for this vulnerability." Actually, it would seem you just did identify the 'workaround' there, Microsoft Corp. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| said by AB 
*Edit- On second blush, it might appear that IE 7 on Windows XP is vulnerable.
" Workarounds for Windows URI Handling Vulnerability - CVE-2007-3896Microsoft has not identified any workarounds for this vulnerability."[/bquote : Actually, it would seem you just did identify the 'workaround' there, Microsoft Corp.
No patches for me this month.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ | reply to melissatrv
I always look here first before downloading and installing anything update-wise. It's always nice to see if anything went awry and to find out that it didn't. Thanks, guys. |
|
hbnzo
@comcast.net | I have XP Pro Sp2 and IE 6.0, and the 943460 update is showing up on automatic updates for me. Should I be installing this? |
|
AB
Premium
join:2006-04-04
Leesburg, VA
| said by Microsoft Corp. :
•Microsoft has not identified a way to exploit this vulnerability on any Windows operating system that is running Internet Explorer 6 said by hbnzo :
I have XP Pro Sp2 and IE 6.0, and the 943460 update is showing up on automatic updates for me. Should I be installing this? Perhaps by installing it you could help them identify a way to exploit IE 6?
Or perhaps that would prevent them from doing so?
But I'd put it down for 'user preference' in your situation.
YMMV-- as 'user preference' mileages often do. |
|
exocet_cm
I am the law
Premium
join:2003-03-23
New Orleans, LA
clubs: 
·Cox HSI
·Suddenlink
·Cingular Wireless
 ·AT&T Southeast
·Charter Pipeline
1 edit | reply to AB
said by AB :Thanks, Melissa! From the link: " Mitigating Factors for Windows URI Handling Vulnerability - CVE-2007-3896•Windows 2000 Service Pack 4 is not affected
•Windows Vista is not affected
•Windows Vista x64 Edition is not affected
•Microsoft has not identified a way to exploit this vulnerability on any Windows operating system that is running Internet Explorer 6" Uhh . . yeah. Sounds pretty scary, all right-- not. Exactly who is affected? ME users running IE 4 & 5? *Edit- On second blush, it might appear that IE 7 on Windows XP is vulnerable. "Workarounds for Windows URI Handling Vulnerability - CVE-2007-3896
Microsoft has not identified any workarounds for this vulnerability." Actually, it would seem you just did identify the 'workaround' there, Microsoft Corp. My hardware firewall vendor caught on:
quote:
Exposure:
Microsoft's two security bulletins detail vulnerabilities found in components of Windows. Each vulnerability affects different versions of Windows to a different extent. The summary below lists the sole Critical vulnerability first.
MS07-061: URI Handling Code Execution Vulnerability
Uniform Resource Identifiers (URI) are short strings of characters used to identify or name resources on networks, including the Internet. For instance, a URL such as »www.watchguard.com is actually one form of a URI, telling you where to find WatchGuard's web site. Besides identifying and addressing resources on a network, URIs also tell your computer how to handle those resources. For instance, the "http://" portion of "http://www.watchguard.com" tells your computer it needs to use a web browser to handle the resource "www.watchguard.com." Likewise, a URI beginning with "ftp://" informs your computer that it needs to use a File Transfer Protocol client to handle any following resource.
Windows' shell suffers from an unspecified vulnerability in the way it handles invalid URIs. By enticing one of your users into opening an email attachment, or into visiting a maliciously crafted web site, an attacker could exploit this vulnerability to execute code on that user's computer, with that user's privileges. If the victim Windows user has local administrative privileges, an attacker could leverage this vulnerability to take over the victim's machine. This vulnerability affects Windows XP and Server 2003 only.
Microsoft rating: Critical.
Edit: Sorry, vendor is Watchguard, firewall is Firebox
--
"I have measured out my life with coffee spoons..." - T.S Eliot
Check Out the Tech Bench »johnball.wordpress.com/tech-bench/
Ma blog: »www.johndball.com |
|
AB
Premium
join:2006-04-04
Leesburg, VA
| said by exocet_cm :said by AB :From the link: " Mitigating Factors for Windows URI Handling Vulnerability - CVE-2007-3896. . • Microsoft has not identified a way to exploit this vulnerability on any Windows operating system that is running Internet Explorer 6" . . it might appear that IE 7 on Windows XP is vulnerable. My hardware firewall vendor caught on: quote:
Exposure:
. . This vulnerability affects Windows XP and Server 2003 only.
Microsoft rating: Critical.
I don't see from your quote where they mention that, according to Microsoft, this also only seems to affect those two OS's in conjunction with using IE 7. |
|
bcool
Premium
join:2000-08-25
The Ozarks
3 edits | reply to melissatrv
for any of us WINXP SP2 do you notice an empty folder under
C:\Windows\$hf_mig$\ KB943460 ?
Of course I see the folder c:\windows\$NtUninstallKB943460$
which contained the replaced file(s) of this upate. That looks normal.
I was just wondering why Microsoft Update created the empty folder as per above.
I try to cypher them update logs but I'm tellin' ya what. Them are wrote in some kind of foreign words.
--
"in flagrante delicto" |
|
