melissatrv
Premium,VIP
join:2005-05-23
Charlotte, NC
| Microsoft Security Bulletin(s) for 1/9/2007 Note: There may be latency issues due to replication, if the page does not display keep refreshing
January 9, 2007
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
»www.microsoft.com/technet/securi···Jan.mspx
Critical Bulletins:
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
»www.microsoft.com/technet/securi···002.mspx
Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)
»www.microsoft.com/technet/securi···003.mspx
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
»www.microsoft.com/technet/securi···004.mspx
Important Bulletins:
Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)
»www.microsoft.com/technet/securi···001.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary | |
|
 
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada | Re: Microsoft Security Bulletin(s) for 1/9/2007 Thanks melissatrv  .  | |
|
dp
Go Steelers
Premium,MVM
join:2000-12-08
Greensburg, PA | Thank you Melissa | |
|
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
1 edit | Many thanks melissa
Windows Malicious Software Removal Tool - January 2007 (KB890830)
Malicious Software Encyclopedia: Win32/Haxdoor
Win32/Haxdoor is a family of rootkit-capable backdoor trojans which gather and send private user data to remote attackers. Collected data might include user names and passwords, credit card numbers, bank logon credentials, or other sensitive financial information. Files and processes related to a Win32/Haxdoor infection may be hidden by a kernel-mode rootkit component, detected by Microsoft as WinNT/Haxdoor. Win32/Haxdoor can also disable security-related software and redirect the infected user’s URL connection requests. Depending on the version of the operation system infected, Win32/Haxdoor may perform other malicious actions, such as clearing CMOS settings, destroying disk data, and shutting down Windows unexpectedly.
New Additions
We have added detection and cleaning capabilities for the following malicious software:
Haxdoor/ Technical Analysis
http://www.microsoft.com/security/encyclopedia/details.aspx?name=Win32%2fHaxdoor
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security
| |
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA | Thanks Melissa! | |
|
Jrb2
Premium
join:2001-08-31 | Thanks Melissa ! | |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH | Thanks forgot it was second Tues. | |
|
Alwill
Lost time is never found again.
Premium
join:2002-09-25
Sydney, OZ | Much appreciated Melissa. | |
|
|
Dustyn
Premium
join:2003-02-26
Ontario, CAN
4 edits | Event Type: Information
Event Source: KB929969
Event Category: None
Event ID: 4377
Date: 1/9/2007
Time: 10:53:24 PM
User:
Computer:
Description:
Windows XP Version 2003 Hotfix KB929969 was installed.
For more information, see Help and Support Center at »go.microsoft.com/fwlink/events.asp.
This was the only update I found at Microsoft Update for XP64. Any restarts required? I was not prompted so I guess not?
Severity Ratings and Vulnerability Identifiers:
Vulnerability Identifiers Impact of Vulnerability
Windows 2000 Service Pack 4
•Critical
Windows XP Service Pack 2
•Critical
Windows Server 2003
•Critical
Windows Server 2003 Service Pack 1 (XP64SP1)
•Moderate
Interesting security rating.
NOTE: By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration.
EDIT: Thanks for the update melissatrv
--
»/forum/wall | |
|
 | 
AB
Premium
join:2006-04-04
Leesburg, VA
| Re: Microsoft Security Bulletin(s) for 1/9/2007 said by Dustyn :Event Type: Information Event Source: KB929969 Event Category: None Event ID: 4377 Date: 1/9/2007 Time: 10:53:24 PM User: Computer: Description: Windows XP Version 2003 Hotfix KB929969 was installed. For more information, see Help and Support Center at » go.microsoft.com/fwlink/events.asp. This one I'm not sure of either. It says it replaces KB925486, which I have on my machine, yet it also says the affected components don't include IE6 on XP SP2, which is also what I have. And Belarc doesn't say it's missing.
So what's up, if anyone happens to know?
And why does Microsoft continue to take such pains to make these explanations as difficult as possible to understand?
I hate trying to decipher stuff on their site. It's semi-impossible sometimes.
And of course thank you, Melissa, as always. | |
|
| | Libra
Premium
join:2003-08-06
USA
| Re: Microsoft Security Bulletin(s) for 1/9/2007 Hi Argle,
I got that update. If you read the article again, although XPsp2 isn't listed among the affected components, XPsp2 is listed among affected software (which appears above affected components). You should install it.
Sincerely, Libra | |
|
| | | |
|
|
|
|
|
