Jeff Alexander's Weblog

Technical Evangelist - Windows Infrastructure

Security Bulletin: October 2007

Security Bulletin: October 2007

  • Comments 1
  • Likes

It's that time again.  Time for another round of security updates.  Please see details below.

What is this alert?

This alert is to provide you with an overview of the new Security Bulletin being released on 09 October 2007.

 

New Security Bulletins

 

Microsoft is releasing the following six new security bulletins for newly discovered vulnerabilities:

 

Bulletin Number

Maximum Severity

Affected Products

Impact

MS07-055

Critical

Windows 2000, Windows XP, Windows Server 2003

Remote Code Execution

MS07-056

Critical

All currently supported versions of Windows

Remote Code Execution

MS07-057

Critical

All currently supported versions of Internet Explorer

Remote Code Execution

MS07-058

Important

All currently supported versions of Windows

Denial of Service

MS07-059

Important

Windows SharePoint Services 3.0, Office SharePoint Server 2007

Elevation of Privilege

MS07-060

Critical

Word 2000, Word 2002

Remote Code Execution

 

Summaries for these new bulletins may be found at the following pages:

 

http://www.microsoft.com/technet/security/bulletin/ms07-Oct.mspx 

 

Re-released Security Bulletins

 

In addition, Microsoft is re-releasing the following security bulletin:

MS05-004 - ASP.NET Path Validation Vulnerability (887219)

http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx 

 

Microsoft updated security bulletin MS05-004 on 09 October 2007 to list Windows Server 2003 Service Pack 2 and Windows Vista as "Affected Software" for .NET Framework 1.0 Service Pack 3 KB886906 and .NET Framework 1.1 Service Pack 1 KB886903. 

 

Customers are advised to review the information in these bulletins, test and deploy the updates immediately in their environments, if applicable.

 

Microsoft Windows Malicious Software Removal Tool

 

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here: http://go.microsoft.com/fwlink/?LinkId=40573

 

High-Priority Non-Security Updates

 

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU) or Windows Server Update Services (WSUS) will be detailed in the following KB Article: http://support.microsoft.com/?id=894199

 

 

TechNet Webcast: Microsoft will host a Webcast to address customer questions on these bulletins:

 

Title: Information about Microsoft October Security Bulletins (Level 200)

Date: Wednesday, October 10th, 2007 11:00 AM Pacific Time (US & Canada)

URL: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032344692

Replay:  Available 24 hours after webcast - same URL

 

Technorati Tags: , ,

Cheers, Jeffa

Comments
  • Hi Jeffa,

    When my computer restarted - presumably after the patches were installed - on Tuesday my Windows XP (Media Center 2002) failed to start. When I tried choosing any of the options (Start Windows, Go back to last good configuration, Safe Mode, etc.) the same options screen would inevitably appear after a few seconds. Do you have any suggestions for resolving this issue?

    Thanks,

    Rich

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment