Windows Updates Sept 2006

[nffc]

************************************************** ******************
Title: Microsoft Security Bulletin Advanced Notification
Issued: September 07, 2006
************************************************** ******************

Summary
=======

On 12 September 2006 Microsoft is planning to release:

Security Updates

. Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.

. One Microsoft Security Bulletin affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.


Microsoft Windows Malicious Software Removal Tool

. Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

. Microsoft will release Two NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).

. Microsoft will release three NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.

Microsoft will host a webcast next week to address customer questions on these bulletins. For more information on this webcast please see below:
. TechNet Webcast: Information about Microsoft's Security Bulletins
. Wednesday, September 13, 2006 11:00 AM Pacific Time (US & Canada)
http://msevents.microsoft.com/CUI/We...aspx?EventID=1
032305653&EventCategory=4&culture=en-US&CountryCode=US

At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 12 September 2006.

************************************************** ******************

[ben1390]

Some more updates for the increasingly patched OS

[Gareth]

Blimey, a quiet month... relatively speaking. That's good, as I'm on call that week (as usual).

[Theodoric]

Will there never be an end to these updates? I finally bit the bullet again a couple of weeks ago and installed a mere 22 updates! Ever since I installed a dodgy MS update which crippled Explorer, I've been a bit wary of Windows updates. What annoyed me about that particular one was that (I suspect as usual) the Windows site gave no indication that it could cause problems - only a quick System Restore and a bit of googling saved the situation.

Oh, and in that last batch I didn't install 905474 (Windows Genuine Advantage Notification). Is this going to give me problems with future updates?

[matt_2k34]

quite possibly mine *forced* me to download it... even though its not set to install it decided to put that in all by itself...

[jem]

Quote:

Originally Posted by Gareth

Blimey, a quiet month... relatively speaking. That's good, as I'm on call that week (as usual).

The moral of the story being Never...Ever be on call second Tuesday of the month

[Gareth]

Just for info, there's another exploit out in the wild.

Quote:

Originally Posted by FrSIRT

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to crash a vulnerable browser or take complete control of an affected system. This flaw is due to a memory corruption error when processing a specially crafted argument passed to the "KeyFrame()" method of a "DirectAnimation.PathControl" (daxctle.ocx) ActiveX object, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by convincing a user to visit a malicious Web page.

FrSIRT has successfully exploited this vulnerability on a fully patched Windows XP SP2 system.

Affected Products

Microsoft Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows XP Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows Millennium Edition

More info here... http://www.frsirt.com/english/advisories/2006/3593
MS info... http://support.microsoft.com/kb/925444
Exploit code... http://xsec.org

[ADd]

Quote:

Oh, and in that last batch I didn't install 905474 (Windows Genuine Advantage Notification). Is this going to give me problems with future updates?

No this will not affect your updates in any way at the moment, although M$ rate this update as 'critical' it is not IMO. Windows Update uses WGA to ensure your OS is legit when you visit the site, the WGA Notification tool is a waste of KB, and bandwidth as it phones home to M$ once installed - you can block it with your firewall or remove it manually or with a tool (the tool I used only removes it on legit versions of the OS). I had it installed, and then removed it for this very reason. This update is also beta at the moment which you are not told when you update. They change the version monthy (near enough), so you may get asked about it again.

http://support.microsoft.com/kb/921914 - how to remove WGA Notification

Quote:

Originally Posted by Theodoric

Will there never be an end to these updates? I finally bit the bullet again a couple of weeks ago and installed a mere 22 updates! Ever since I installed a dodgy MS update which crippled Explorer, I've been a bit wary of Windows updates. What annoyed me about that particular one was that (I suspect as usual) the Windows site gave no indication that it could cause problems - only a quick System Restore and a bit of googling saved the situation.

Oh, and in that last batch I didn't install 905474 (Windows Genuine Advantage Notification). Is this going to give me problems with future updates?

There will never be an end to updates there is no such thing as a totally secure os. Linux is constantly being updated also new versions etc a lot more often than new versions of windows.

Remember that exploits are found in code by code writers themselves and what 1 person can write and think is secure then another person will crack.Look at piracy if 1 man could write the perfect secure code then there would be no ability to copy anything someone has to crack the code this applies to dvds cds and software.

Windows is also by far the most popular way of running a computer and is in the homes of people who do not have a clue so what better a target for the unscruplous.As long as there is windows there will be windows update

[Paul K]

Not as though other O/S's have never required patches is it

[Gareth]

Well, our mainframes haven't been patched in a very long time... because there aren't any patches needed for it

...just don't expect to run The Sims on it