NICK ADSL UK
Premium,MVM
join:2004-02-22
| Microsoft Security Bulletin Summary for June 2007 Hi everyone! 
Owing to Melissa Travers (Microsoft MVP Lead Security) being unavailable again this month she has kindly asked me to post the Microsoft June security bulletin in which is as follows
Microsoft Security Bulletin(s) for 6/12/2007
»www.microsoft.com/technet/securi···jun.mspx
June 12 2007
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
Vulnerability in Win 32 API Could Allow Remote Code Execution (935839): MS07-035
»www.microsoft.com/technet/securi···035.mspx
Cumulative Security Update for Outlook Express and Windows Mail (929123): MS07-034
»www.microsoft.com/technet/securi···034.mspx
Cumulative Security Update for Internet Explorer (933566): MS07-033
»www.microsoft.com/technet/securi···033.mspx
Vulnerability in Windows Vista Could Allow Information Disclosure (931213): MS07-032
Affected Software: Windows Vista, Windows Vista x64
»www.microsoft.com/technet/securi···032.mspx
Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840): MS07-031
»www.microsoft.com/technet/securi···031.mspx
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051): MS07-030
Affected Software: Visio 2002, Visio 2003
»www.microsoft.com/technet/securi···030.mspx
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security
| |
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
| Re: Microsoft Security Bulletin Summary for June 2007 TechNet Webcast: Information About Microsoft May Security Bulletins (Level 200)
Language(s): English.
Product(s): Security.
Audience(s): IT Professional.
Duration: 60 Minutes
Start Date: Wednesday, june 13, 2007 11:00 AM Pacific Time (US & Canada)
Event Overview
On Tuesday June 12, 2007, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the May security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.
Presenters: Christopher Budd, CCE, CISA, CISM, CISSP, ISSMP Security Program Manager, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation
Register now for the June security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP-Windows Security
| |
|
|
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
4 edits | As always, thanks for the great info, Nick!
Just ran Microsoft Update manually on my XP Pro Machine(s).
Downloaded and installed 5 updates without issue (So far).
2 for XP, 1 for IE7, and 1 for OE.
And of course, one of my all time favorites, the Windows Malicious Software Removal Tool! 
Oh my, what was I thinking?
The fist thing I downloaded and installed, before anything else, was a new version of the Windows Genuine Advantage Validation Tool!
While I LOVE the Malicious Software Removal Tool, nothing comes close to the excitement of being a part of the Genuine Advantage Team!
(Restart was required here).
Thanks again, Nick!
--
I had a life once.....now I have a Computer and a Modem. | |
|
 | 
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
|  Re: Microsoft Security Bulletin Summary for June 2007
said by jabarnut  :As always, thanks for the great info, Nick! Just ran Microsoft Update manually on my XP Pro Machine(s). Downloaded and installed 5 updates without issue (So far). 2 for XP, 1 for IE7, and 1 for OE. And of course, one of my all time favorites, the Windows Malicious Software Removal Tool! Oh my, what was I thinking? The fist thing I downloaded and installed, before anything else, was a new version of the Windows Genuine Advantage Validation Tool! While I LOVE the Malicious Software Removal Tool, nothing comes close to the excitement of being a part of the Genuine Advantage Team! (Restart was required here). Thanks again, Nick! Wow, I didn't even notice that too: Windows Genuine Advantage Validation Tool (KB892130)
Gah, MS is really pushing this WGA!
--
Ant @ The Ant Farm: »antfarm.ma.cx ... Please do not IM/e-mail me for technical support. Use the forum (I check often)! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer. | |
|
| | 
caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
Spokane, WA
 ·WebBand
| Re: Microsoft Security Bulletin Summary for June 2007 said by antdude :Wow, I didn't even notice that too: Windows Genuine Advantage Validation Tool (KB892130) Gah, MS is really pushing this WGA! Precisely why I only get the email bulletins and only download the files directly.
--
"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." - A. Einstein | |
|
| | | |
| | | |
NICK ADSL UK
Premium,MVM
join:2004-02-22 | Re: Microsoft Security Bulletin Summary for June 2007 Hi antdude
I will make some inquires for you
regards | |
|
| | | | |
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| Re: Microsoft Security Bulletin Summary for June 2007 said by NICK ADSL UK :Hi antdude I will make some inquires for you Thanks. | |
|
| | | | | |
NICK ADSL UK
Premium,MVM
join:2004-02-22 | Re: Microsoft Security Bulletin Summary for June 2007 Your welcome | |
|
| | | | | | |
| | | | | | |
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
1 edit | Re: Microsoft Security Bulletin Summary for June 2007 Thank you! MS still hasn't fixed its broken link.  | |
|
| | | | |
| | | | |
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| Re: Microsoft Security Bulletin Summary for June 2007 Thanks!
--
Ant @ The Ant Farm: »antfarm.ma.cx ... Please do not IM/e-mail me for technical support. Use the forum (I check often)! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer. | |
|
| | | 
Curley
join:2002-04-10
Michigan
| said by caffeinator :said by antdude :Wow, I didn't even notice that too: Windows Genuine Advantage Validation Tool (KB892130) Gah, MS is really pushing this WGA! Precisely why I only get the email bulletins and only download the files directly. Ditto! | |
|
|
Hutch
My Throne is the Dunny
Premium
join:2000-10-14
Out House | Thanks Nick.  | |
|
Jrb2
Premium
join:2001-08-31 | Thanks Nick ! | |
|
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA | Thanks Nick! | |
|
|
| bigdarby
join:2004-09-18
Uniontown, OH | Re: Microsoft Security Bulletin Summary for June 2007 The current MS Udates I downloaded are:ks933566 935840 935839 935846 929123 890830 as of June 14,2007 | |
|
swhx7
Premium
join:2006-07-23
Elbonia
 ·RoadRunner Cable
2 edits | MS07-031 is about "Windows Schannel" which is explained as Microsoft's implementation of SSL and TLS. "This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS."
The bulletin says "Microsoft has not identified any workarounds for this vulnerability". So is it true, as the bulletin implies, that any browser running on Windows and using SSL or TLS is using Microsoft's version of SSL/TLS? I thought other browsers such as Firefox or Opera supplied their own SSL/TLS code. Is Microsoft just refusing to acknowledge that using a browser other than IE is a workaround?
Edit: I didn't see anything on point with a quick Google, but then I looked on mozilla.org and of course the Moz browsers have their own SSL/TLS code. It's just a deceptive bulletin.
Edit2: Thanks for the links as always. | |
|
| 
AB
Premium
join:2006-04-04
Leesburg, VA
1 edit | Re: Microsoft Security Bulletin Summary for June 2007 said by swhx7 :MS07-031 is about "Windows Schannel" which is explained as Microsoft's implementation of SSL and TLS. "This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS." The bulletin says "Microsoft has not identified any workarounds for this vulnerability". So is it true, as the bulletin implies, that any browser running on Windows and using SSL or TLS is using Microsoft's version of SSL/TLS? I thought other browsers such as Firefox or Opera supplied their own SSL/TLS code. Is Microsoft just refusing to acknowledgme that using a browser other than IE is a workaround? Edit: I didn't see anything on point with a quick Google, but then I looke on mozilla.org and of course the Moz browsers have their own SSL/TLS code. It's just a deceptive bulletin. Isn't that interesting? (Making the assumption here that that's true.)
So what does that also tell us, I wonder, about why it is that WGA might need to be 'updated' yet again?
I'm reserving any judgment for now-- but I can't help but think I smell a stench coming from somewhere. | |
|
| |
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| Re: Microsoft Security Bulletin Summary for June 2007 said by AB :said by swhx7 :MS07-031 is about "Windows Schannel" which is explained as Microsoft's implementation of SSL and TLS. "This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS." The bulletin says "Microsoft has not identified any workarounds for this vulnerability". So is it true, as the bulletin implies, that any browser running on Windows and using SSL or TLS is using Microsoft's version of SSL/TLS? I thought other browsers such as Firefox or Opera supplied their own SSL/TLS code. Is Microsoft just refusing to acknowledgme that using a browser other than IE is a workaround? Edit: I didn't see anything on point with a quick Google, but then I looke on mozilla.org and of course the Moz browsers have their own SSL/TLS code. It's just a deceptive bulletin. Isn't that interesting? (Making the assumption here that that's true.) So what does that also tell us, I wonder, about why it is that WGA might need to be 'updated' yet again? I'm reserving any judgment for now-- but I can't help but think I smell a stench coming from somewhere. I don't think they were updated? The wga*.* files look old. I could be wrong here.
I think MS just wants to force Windows Update (and MS Update) users to have WGA checking like OGA. Annoying!
--
Ant @ The Ant Farm: »antfarm.ma.cx ... Please do not IM/e-mail me for technical support. Use the forum (I check often)! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer. | |
|
| | |
AB
Premium
join:2006-04-04
Leesburg, VA
| Re: Microsoft Security Bulletin Summary for June 2007 said by antdude :I don't think they were updated? The wga*.* files look old. I could be wrong here. . . . I'm just going by jabarnut 's post:
»Re: Microsoft Security Bulletin Summary for June 2007
If he says there's an updated version, I believe him.
I don't and won't have that genuine POS on my computer. And this is one of the very reasons why not.
This is maybe the fourth or fifth 'update' to it they've come out with. Why? What is it about it that needs to be "updated"?
Wait, let me guess-- Microsoft's explanation will be that they're continually tweaking it to lessen the chances of a 'false positive' (or a 'false negative' would be more accurate in this case, I guess). 
I have two genuine licenses for their genuine OS software-- one genuine full retail, one genuine OEM. I paid genuine American greenbacks for both of them, I have genuine sales receipts for both of them, I have validated both of them upon install, and I have spoken with genuine Microsoft representatives via telephone on a couple of occasions. Microsoft Corp. has my genuine name, my genuine address, and my genuine telephone number. If that's not good enough (which apparently it isn't) then they can go pound sand up their genuine corporate asses, as far as I'm concerned.
End of story, and pardon my rant. | |
|
| | | | 
Caution
@netcarrier.net
| Re: Microsoft Security Bulletin Summary for June 2007
Well I don't know is its an updated WGA or not...an really don't care///its not getting installed on my computers.....it was install once before and I left it on just to see what would happen....an sure enough today I could not download the updates unless I installed it again///what the hell is this ?
Well I got the updates....just not from the windows update website..... | |
|
| | | |
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
4 edits | Thanks for the vote of confidence there AB !
Of course, I'm assuming it's an 'updated version', because (as mentioned in the second post above), I had to install it before I was able to download and install the other updates.
And I understand the problem you guys have with them continually hounding you with this thing.
It bothered me a lot at first too.
Now, I just don't care any more, and figure it's not worth getting an ulcer over.
I let them have their fun, install it, and move on. (Like most many of you, my installations are all legit too, and I figure they should certainly know that by now, but oh well).
And I do like the 'convenience' of Microsoft Update (even though I have auto-updates turned off..and run custom scans).
To be honest, the fact that my wife is constantly hounding me to finish staining the house, is a lot more irritating. 
--
I had a life once.....now I have a Computer and a Modem. | |
|
| | | | |
AB
Premium
join:2006-04-04
Leesburg, VA
| Re: Microsoft Security Bulletin Summary for June 2007 said by jabarnut :Thanks for the vote of confidence there AB ! Of course, I'm assuming it's an 'updated version', because (as mentioned in the second post above), I had to install it before I was able to install the other updates. And I understand the problem you guys have with them continually hounding you with this thing. It bothered me a lot at first too. Now, I just don't care any more, and figure it's not worth getting an ulcer over. You know you always have my utmost confidence, jabarnut, and I hold your opinions in high esteem, regardless of any of my sometimes silly comments to the possible contrary.
I don't blame you for taking that attitude. I have a similar one, actually, except without allowing the installation of that thing (which I initially did allow, until they started getting pushier and pushier about it).
Every once in a while when the subject of it comes up though, it still makes my blood boil.
I just don't care to play 98 lb. weakling to their bully, is all.
To be honest, the fact that my wife is constantly hounding me to finish staining the house, is a lot more irritating.
»Re: The Geek Squad
| |
|
| | |
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
4 edits | It appears that WGA's LegitCheckControl.dll file is v1.7.36.0 and from April 2007. So, it's not really new/updated.
Sneaky MS wants GA everywhere. :P | |
|
| | | |
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
4 edits | Re: Microsoft Security Bulletin Summary for June 2007 I didn't really look into it too much...all I know is that I had to install what was referred to as the "Windows Genuine Advantage Validation Tool" through Microsoft Update (it was the first thing that came up, after a custom scan), before the site would even let me download and install anything else.
And considering the fact that I've probably downloaded and installed what I believe to be same thing at least 2 or 3 times before in the past, I have to assume something changed, somewhere.
(Edit) I just looked at my LegitCheckControl.dll file, and it is indeed v1.7.36.0 as you mentioned.
However, that doesn't negate the fact that I still had to 'play the game' before I was allowed to continue.
--
I had a life once.....now I have a Computer and a Modem. | |
|
| | | | | OZO
Premium
join:2003-01-17
| Re: Microsoft Security Bulletin Summary for June 2007 I can confirm that this time new WGA was pushed once again on my computer.
Here is my collection of WGA's (LegitCheckControl.DLL):
•1.5.526.0; 555,824 bytes; 2006-04-10 12:00:34
•1.5.530.0; 579,888 bytes; 2006-05-17 10:23:38
•1.5.716.0; 1,488,688 bytes, 2006-10-30 11:25:08
•1.5.723.1; 1,474,864 bytes, 2006-12-12 10:45:04
•1.7.36.0; 1,485,696 bytes, 2007-04-24 11:32:06
I must admit they're working hard on this one...
It's interesting to know why WU needs considerably more time (this time it was around 1:40) to get the same list of updates required for my computer comparing to Belarc Advisor (it took around 20 sec). Notice, that in 20 sec Belarc makes not only the list of updates required (as WU does), but also analyzes and provides detailed info about all hardware of my computer, all installed software packages, all keys, all users, and lot more interesting stuff...
Then the simple question arises - what WU is doing all that time?
--
Keep it simple, it'll become complex by itself... | |
|
| | | | | |
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
| Re: Microsoft Security Bulletin Summary for June 2007 said by OZO :... Then the simple question arises - what WU is doing all that time? That's a good question OZO!
Just a wild guess, but it may take quite some time to scan the fingerprints from my Mouse, and compare it to fingerprints of known high profile criminals in the enormous FBI database.
--
I had a life once.....now I have a Computer and a Modem. | |
|
| | | | | | |
| | | | | | GuruGuy
join:2002-12-16
Atlanta, GA
| Me too.
After a Vista reboot, it said "installing updates". I only ran the WGA update and looked at what was available....no installs. Rebooted a few mins later then saw this message.
What the hell is MS$ doing?
--
GuruGuy | |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P. | Nick you da man and danke | |
|
|
| 
Sindows 7
join:2006-09-13
Hope, BC
1 edit |  Re: Microsoft Security Bulletin Summary for June 2007
| |
|
|
|
See 11 replies to this post |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| said by NICK ADSL UK :As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system. Security ToolFind out if you are missing important Microsoft product updates by using MBSA. Thank you for the notice.
Another place to get the patches is Microsoft Download site which you didn't mention. I think one should always read the Technet bulletin and Knowledge base article for each patch first and then download each patch to disk from the Microsoft Download site.
Belarc Advisor will also show you what patches you have and which you need and if you use it, and Microsoft Download site, then you totally avoid having Microsoft yet again demand that you "show your papers". So, for those who feel insulted by the "prove repeatedly that you are not a thief attitude", first read the Technet bulletins, then download from MS Download site, or wait until Belarc has the latest definitions out for Advisor (usually 24 hours after Microsoft publishes the patches) and let the Advisor guide you to the patches you need. MSBA is a fine tool also but some feel the current version is too invasive and if you feel that way then Belarc Advisor is a good substitute.
I'm off now to read the Technet bulletins and the Knowledge base articles.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason | |
|
|
| |
OZO
Premium
join:2003-01-17 | Why the time needed to find out all required updates for computer is so short for Belarc Advisor and so long for common Windows Update procedure?
--
Keep it simple, it'll become complex by itself... | |
|
Sindows 7
join:2006-09-13
Hope, BC
1 edit | Stop whinning about the wga and pay for your OS | |
|
swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable
| As long as we're ranting, I've always been annoyed by this cute weasel-language in these bulletins:
said by Microsoft :
n a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability ... an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
Of course it's literally true that "an attacker would have no way to force users to visit" an infective page. The other way of looking at it is that the only way to avoid the problem while using the affected software, is to avoid all web use altogether. The fact that "an attacker would have no way to force users to visit these Web sites" is not a "mitigating factor" as Microsoft calls it unless you already knew in advance which sites are hosting the malware, which obviously is never the case. | |
|
jose3030
Premium
join:1999-08-17
Manassas, VA
| Having a whale of a time trying to install KB935807.
I've done the workarounds of turning off Auto Updates and renaming the SoftwareUpdates folder in C:\Windows\ but it just wont install.
I've seen many other reports of the same thing here :
»itsvista.com/2007/07/important-u···kb935807 | |
|
| |
| 
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
 ·Vonage
| said by jose3030 :Having a whale of a time trying to install KB935807. I've done the workarounds of turning off Auto Updates and renaming the SoftwareUpdates folder in C:\Windows\ but it just wont install. I've seen many other reports of the same thing here : » itsvista.com/2007/07/important-u···kb935807 This is the June update thread. I think you want this one:
»Microsoft Security Bulletin(s) for 7/10/2007
--
~~"As long as America is an infidel enemy, terrorizing it is a duty." Sayed Imam Abdul-Aziz el-Sheriff~~
| |
|
| |
jose3030
Premium
join:1999-08-17
Manassas, VA | Re: Microsoft Security Bulletin Summary for June 2007 My sincerest apologies. | |
|
|
|
|
