Hi folks,

Well it's that time again.  Another patch Tuesday is yet upon us.  Check out the details

What is this alert?

 

This alert is to provide you with an overview of Security Bulletins released on 14 November 2006.

 

New Security Bulletins

 

Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:

 

Important  MS06-066    Microsoft Windows   Remote Code Execution                       

Critical       MS06-067    Microsoft Windows   Remote Code Execution

Critical       MS06-068    Microsoft Windows   Remote Code Execution

Critical       MS06-069    Microsoft Windows   Remote Code Execution

Critical       MS06-070    Microsoft Windows   Remote Code Execution

Critical       MS06-071    Microsoft Windows with MSXML 4 or MSXML 6   Remote Code Execution       

 

Summaries for these new bulletins may be found here.

 

Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.

 

Microsoft Windows Malicious Software Removal Tool

 

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here:

 

 

High-Priority Non-Security Updates

 

Microsoft is today also making the following High-Priority NON-SECURITY updates available on WU, MU, SUS and WSUS:

 

KB NUMBER         TITLE                                                                       Available via:        

921587                   Update for Outlook 2003 Junk E-Mail Filter      MU      

 

Additional Information

 

Microsoft is introducing a new architecture for the WSUSSCAN.CAB file in correlation with the November Bulletin release Nov. 14th.  Microsoft encourages customers to deploy the updated versions of MBSA and SMS ITMU as part of its November Bulletin Release to address the change in architecture for the WSUSSCAN.CAB. 

 

The new version of MBSA can be obtained here:

 

The new version of SMS ITMU can be obtained here:

 

TechNet Webcast

 

Information about Microsoft November 2006 Security Bulletins (Level 200)

 

Wednesday, 15 November 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)

 

 

The on-demand version of the webcast will be available 24 hours after the live webcast here:

 

 

Security Bulletin Details

 

MS06-066

 

Title:  Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution (923980)

 

Affected Software:

  Microsoft Windows 2000 Service Pack 4

  Microsoft Windows XP Service Pack 2

  Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

 

Non-Affected Software:

  Microsoft Windows XP Professional x64 Edition

  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

  Microsoft Windows Server 2003 x64 Edition

  Windows Vista

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Important

 

Restart Requirement:  You must restart your system after you apply this security update.

 

Update Can Be Uninstalled: Yes. To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

 

More information on this vulnerability is available here:

 

 

******************************************************************

 

MS06-067

 

Title:  Cumulative Security Update for Internet Explorer (922760)

 

Affected Software:

  Microsoft Windows 2000 Service Pack 4

  Microsoft Windows XP Service Pack 2

  Microsoft Windows XP Professional x64 Edition

  Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

  Microsoft Windows Server 2003 x64 Edition

 

Non-Affected Software:

  Microsoft Windows Vista

 

Tested Microsoft Windows Components:

 

Affected Components:

  Microsoft Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4

  Microsoft Internet Explorer 6 Service Pack 1 on Windows 2000 Service Pack 4

  Microsoft Internet Explorer 6 for Windows XP Service Pack 2

  Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition

  Microsoft Internet Explorer 6 for Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

  Microsoft Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems and Windows Server 2003 with SP1 for Itanium-based Systems

  Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition

 

Non-Affected Components:

  Windows Internet Explorer 7 for Windows XP Service Pack 2

  Windows Internet Explorer 7 for Windows XP Professional x64 Edition

  Windows Internet Explorer 7 for Windows Server 2003 Service Pack 1

  Windows Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems

  Windows Internet Explorer 7 for Windows Server 2003 x64 Edition

  Windows Internet Explorer 7 in Windows Vista

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Critical

 

Restart Requirement:  You must restart your system after you apply this security update.

 

Update Can Be Uninstalled: Yes. To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

 

More information on this vulnerability is available here:

 

 

******************************************************************

MS06-068

 

Title:  Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)

 

Affected Software:

  Microsoft Windows 2000 Service Pack 4

  Microsoft Windows XP Service Pack 2

  Microsoft Windows XP Professional x64 Edition

  Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

  Microsoft Windows Server 2003 x64 Edition

 

Non-Affected Software:

  Microsoft Windows Vista

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Critical

 

Restart Requirement:  You must restart your system after you apply this security update.

 

Update Can Be Uninstalled: Yes. To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

 

More information on this vulnerability is available here:

 

 

******************************************************************

 

MS06-069

 

Title:  Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)

 

Affected Software:

  Microsoft Windows XP Service Pack 2

  Microsoft Windows XP Professional x64 Edition

 

Non-Affected Software:

  Microsoft Windows 2000 Service Pack 4

  Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

  Microsoft Windows Server 2003 x64 Edition

  Windows Vista

 

Note: Flash Player does not ship with the versions of Microsoft Windows in the Non-Affected Software list. Customers who have installed Flash Player on these versions of Windows are encouraged to follow the guidance in the Adobe Security Bulletin APSB06-11.

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Critical

 

Restart Requirement:  This update does not require a restart.

 

Removal Information: This security update cannot be removed.

 

More information on this vulnerability is available here:

 

 

******************************************************************

 

MS06-070

 

Title:  Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)

 

Affected Software:

  Microsoft Windows 2000 Service Pack 4

  Microsoft Windows XP Service Pack 2

 

Non-Affected Software:

  Microsoft Windows XP Professional x64 Edition

  Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

  Microsoft Windows Server 2003 x64 Edition

  Windows Vista

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Critical

 

Restart Requirement:  You must restart your system after you apply this security update.

 

Update Can Be Uninstalled: Yes. To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

 

More information on this vulnerability is available here:

 

 

******************************************************************

 

MS06-071

 

Title:  Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (928088)

 

Affected Software:

  Microsoft XML Core Services 4.0 when installed on Windows (all versions)

  Microsoft XML Core Services 6.0 when installed on Windows (all versions)

 

Non-Affected Software:

  Microsoft XML Core Services 3.0

  Microsoft XML Core Services 5.0

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Critical

 

Restart Requirement:  You must restart your system after you apply this security update.

 

Update Can Be Uninstalled:

 

MSXML 6.0: To remove this security update, use the Add or Remove Programs tool in Control Panel. Note Removing this security update for Microsoft XML Core Services 6 will completely remove MSXML6 from the computer.

 

MSXML 4.0: This version of Microsoft XML Core Services is installed in a side-by-side mode with pervious versions of MSXML4. Follow steps outlined in the Security Bulletin to remove the security update.

 

More information on this vulnerability is available here:

 

Cheers, Jeffa