melissatrv
Premium,VIP
join:2005-05-23
Charlotte, NC
| Microsoft Security Bulletin(s) for 12/12/2006
Note: There may be latency issues due to replication, if the page does not display keep refreshing
December 12, 2006
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
»www.microsoft.com/technet/securi···Dec.mspx
Critical Bulletins:
Cumulative Security Update for Internet Explorer (925454)
»www.microsoft.com/technet/securi···072.mspx
Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
»www.microsoft.com/technet/securi···073.mspx
Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
»www.microsoft.com/technet/securi···078.mspx
Important Bulletins:
Vulnerability in SNMP Could Allow Remote Code Execution (926247)
»www.microsoft.com/technet/securi···074.mspx
Vulnerability in Windows Could Allow Elevation of Privilege (926255)
»www.microsoft.com/technet/securi···075.mspx
Cumulative Security Update for Outlook Express (923694))
»www.microsoft.com/technet/securi···076.mspx
Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)
»www.microsoft.com/technet/securi···077.mspx
Re-Released Bulletins:
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
»www.microsoft.com/technet/securi···059.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
|
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire |  Thanks for the update list
Cudni |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P. | reply to melissatrv
danke'  |
|
dp
Go Steelers
Premium,MVM
join:2000-12-08
Greensburg, PA | reply to melissatrv
Thank you Melissa  |
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA | reply to melissatrv
Thank you Melissa! |
|
DrDemento
join:2005-07-25
Brick, NJ | reply to melissatrv
For those who want their computer clock updated automatically in 2007 download and install update kb928388 as a suggested software update. Remember the dates for daylight savings time change in 2007. |
|
onDvine
Premium
join:2005-01-29
So. CA, USA
clubs: | reply to melissatrv
Thank you, ma'am. |
|
AB
Premium
join:2006-04-04
Leesburg, VA
1 edit | reply to melissatrv
Thank you, Melissa.
A question for those 'in the know'--
The IE update, KB925454, looks like it's going to put that TIF warning right back on my computer that I just recently uninstalled (KB921398).
I dislike that warning, and don't want it on my machine.
Can anyone verify this, and/or suggest any option?
Thanks.
*Edit- In the spirit of Daniel Boone and Lewis & Clark, I went ahead & installed KB925454.
I don't get the warning box. I am running a little different OS now (XP Home retail vs. XP Home OEM) than in August, and not everyone was seeing that warning previously anyway, so . . . I have no clue what the significance might be.
But just an FYI, for anyone interested. |
|
swhx7
Premium
join:2006-07-23
Elbonia | reply to melissatrv
Thanks Melissa. I get the emails but it is more convenient to link from here. |
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
| reply to melissatrv
Thank you melissa
Malicious Software Removal Tool
Published: January 11, 2005 | Updated: December 12, 2006
The Microsoft Windows Malicious Software Removal Tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.
Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.
Note The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. If you would like to run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.
Because computers can appear to function normally when infected, Microsoft advises you to run this tool even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.
To download the latest version of this tool, please visit the Microsoft Download Center.
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
New Additions
Malicious Software Encyclopedia: Win32/Beenut
Published: 6, 12/4
Win32/Beenut is a family of trojan downloaders that download files from various URLs to the host computer and then run the downloaded files. A Win32/Beenut trojan may also copy itself to the host computer, modifying the registry so the copy of itself runs each time Windows starts.
http://www.microsoft.com/security/encyclopedia/details.aspx?name=Win32%2fBeenut
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security
|
|
Hutch
My Throne is the Dunny
Premium
join:2000-10-14
Out House | reply to melissatrv
Thanks Mellissa |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada | reply to melissatrv
Thanks Melissa. |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH | reply to melissatrv
Thanks all good no problems. |
|
Bondman
join:2001-08-24
Livonia, MI
|  reply to DrDemento
DrDemento:
Thanks for pointing out the kb928388 patch for time. One issue of concern is that there is no patch for Windows 2000 for the time. There are a lot of computers and servers with that OS still out there.
I did install all of the patches on one Windows 2000 test server, a Windows Server 2003 test server and one Windows XP pc. Knock on wood they installed without any issues. There was a new Exchange 2003 patch as well.
Bondman |
|
KachiWachi
join:2004-02-12
Warminster, PA
 ·Verizon Online DSL
| reply to melissatrv
Hopefully they will make KB928388 easier on those of us who have "other" OS...W2K, Win9.x, etc...
»support.microsoft.com/kb/928388/en-us
2007 time zone update for Microsoft Windows operating systems
»www.microsoft.com/windows/timezo···007.mspx
Preparing for daylight saving time changes in 2007
»support.microsoft.com/?kbid=914387
How to configure daylight saving time for the United States in 2007 |
|
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
| reply to melissatrv
As always, thank you Melissa.
All seems well here.
If anyone was wondering (as I was for a moment), why a security update for WMP 6.4 is included for those with WMP11 installed:
said by Microsoft :
I have installed Windows Media Player 11 on my computer. Why am I being offered the Windows Media Player 6.4 security update?
While Windows Media Player 11 is not vulnerable, Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Microsoft Windows Server 2003 or on Microsoft Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 x64 Edition will still have Windows Media Player 6.4 installed on the system for backwards compatibility.
(From the faq section in Melissa's link concerning 923689)
»www.microsoft.com/technet/securi···078.mspx
--
I had a life once.....now I have a Computer and a Modem. |
|
Bondman
join:2001-08-24
Livonia, MI
1 edit | reply to KachiWachi
KachiWachi:
Thanks for pointing out the other links. I had not read the KB928388 article to the bottom which would have told me about the 2nd link you gave. |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
 ·Optimum Online
 ·Vonage
| reply to AB
said by AB  :Thank you, Melissa. A question for those 'in the know'-- The IE update, KB925454, looks like it's going to put that TIF warning right back on my computer that I just recently uninstalled (KB921398). I dislike that warning, and don't want it on my machine. Can anyone verify this, and/or suggest any option? Thanks. OK, I give up....what's "TIF warning"? 
--
~~Well, I think you're crazy, I think you're crazy, I think you're crazy, just like me...~~
|
|
AB
Premium
join:2006-04-04
Leesburg, VA
1 edit | said by La Luna :OK, I give up....what's "TIF warning"? That would be "Temporary Internet Files", Luna.
A POS warning box that Microsoft Corp. provided with KB921398 awhile back. Evidently not everyone saw it, but on my machine, this extremely irritating 'warning box' popped up every time I went to access my Temporary Internet Files folder.
In fact, a thread about it can be found here:
»New dialog before opening TIF
And according to the details in KB925454, it includes that warning again, and I DON'T WANT IT! Grrrr!
*Edit- *See my previous post in this thread.*
--
I hope that answers your question, young lady? |
|
redwolfe_98
join:2001-06-11 | reply to melissatrv
thanks, everyone, for posting the information..
it just seems to get harder and harder to deal with MS updates, for me, at least.. |
|
