MS December updates

[Paul K]

MS

Quote:

On 12 December 2006 Microsoft is planning to release:

Security Updates

• Five Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Some of these updates will require a restart.

• One Microsoft Security Bulletins affecting Microsoft Visual Studio. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool

• Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

Note that this tool will NOT be distributed using Software Update Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

• Microsoft will release four NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).

• Microsoft will release 10 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.

Usual heads up posting, no doubt the patches will continue lol

[DocDutch]

Paul, have you seen any patches for Vista ????

[Paul K]

Not yet but I would think that official Vista users would most likely receive patches regularly while the OS is bedding in.

[DocDutch]

yeah it is......quite a few updates for WinDefender. at least 1 a week.

[Paul K]

WinDefender? That's not MS software as far as I know. Windows Defender is anti spyware etc tool which will need regular updates but is not part of the monthly patching schedule. It's like a definitions update for anti-virus software.
If Windows Update is on automatic then Vista should just download any necessary patches etc on the fly.

[Gareth]

Moaned at our MS contact about there being no Office-related patches planned for Patch Tuesday, so any out-of-band patches during the festive period aren't going to go down well.

[Aragorn]

Here's the list from MS:

Quote:

Critical Security Bulletins
===========================

MS06-072 - Cumulative Security Update for Internet Explorer (925454)

- Affected Software:
- Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service
Pack 4
- Internet Explorer 6 Service Pack 1 on Windows 2000 Service
Pack 4
- Internet Explorer 6 for Windows XP Service Pack 2
- Internet Explorer 6 for Windows XP Professional x64 Edition
- Internet Explorer 6 for Windows Server 2003 and Windows
Server 2003 Service Pack 1
- Internet Explorer 6 for Windows Server 2003 for Itanium-based
Systems and Windows Server 2003 with SP1 for Itanium-based
Systems
- Internet Explorer 6 for Windows Server 2003 x64 Edition


- Impact: Remote Code Execution
- Version Number: 1.0

MS06-073 - Vulnerability in Visual Studio 2005
Could Allow Remote Code Execution (925674)

- Affected Software:
- Microsoft Visual Studio 2005


- Impact: Remote Code Execution
- Version Number: 1.0

MS06-078 - Vulnerability in Windows Media Format
Could Allow Remote Code Execution (923689)

- Affected Software:
- Microsoft Windows Media Format 7.1 through 9.5 Series Runtime
on the following operating system versions:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 or Microsoft Windows Server
2003 Service Pack 1
- Microsoft Windows Server 2003 x64 Edition
- Microsoft Windows Media Format 9.5 Series Runtime x64 Edition
on the following operating system versions:
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 x64 Edition
- Microsoft Windows Media Player 6.4
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 or on Microsoft Windows
Server 2003 Service Pack 1
- Microsoft Windows Server 2003 x64 Edition


- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

MS06-074 - Vulnerability in SNMP
Could Allow Remote Code Execution (926247)

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 for Itanium-based Systems
- Microsoft Windows Server 2003 with SP1
for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition


- Impact: Remote Code Execution
- Version Number: 1.0

MS06-075 - Vulnerability in Windows
Could Allow Elevation of Privilege (926255)

- Affected Software:
- Microsoft Windows XP Service Pack 2
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 for Itanium-based Systems


- Impact: Elevation of Privilege
- Version Number: 1.0

MS06-076 - Cumulative Security Update for Outlook Express (923694)

- Affected Software:
- Outlook Express 5.5 Service Pack 2 on Windows 2000 Service
Pack 4
- Outlook Express 6 Service Pack 1 on Windows 2000 Service
Pack 4
- Outlook Express 6 on Windows XP Service Pack 2
- Outlook Express 6 on Windows XP Professional x64 Edition
- Outlook Express 6 on Windows Server 2003 and Windows
Server 2003 Service Pack 1
- Outlook Express 6 on Windows Server 2003 for Itanium-based
Systems and Windows Server 2003 with SP1 for Itanium-based
Systems
- Outlook Express 6 on Windows Server 2003 x64 Edition


- Impact: Remote Code Execution
- Version Number: 1.0

MS06-077 - Vulnerability in Remote Installation Service
Could Allow Remote Code Execution (926121)

- Affected Software:
- Microsoft Windows 2000 Service Pack 4


- Impact: Remote Code Execution
- Version Number: 1.0

[Druchii]

All installed this morning it seems, not bad

Quote:

Originally Posted by Paul

WinDefender? That's not MS software as far as I know.

Windows Defender is the Microsoft Anti-spyware tool - if thats what the OP was talking about - but I'm sure you knew that anyway!

Vista updates - I believe a "few" (read: many) updates will become available in Jan!

[Paul K]

Erm thanks, read post 5 where I actually name windows defender and since I've been running it since beta......

Quote:

Originally Posted by Paul

Erm thanks, read post 5 where I actually name windows defender and since I've been running it since beta......

You edited the post! LOL!!!

(Only joking...)