As part of Microsoft’s commitment to deliver security updates on a predictable and consistent monthly schedule, Microsoft released six new security bulletins on 12 June 2007.
Here is an overview of these new security bulletins:
Maximum Severity Rating
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)
Visio 2002, 2003
Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)
Windows 2000, Windows XP, Windows Server 2003
Vulnerability in Windows Vista Could Allow Information Disclosure (931213)
Cumulative Security Update for Internet Explorer (933566)
All current versions Internet Explorer on all currently supported versions of Microsoft Windows
Cumulative Security Update for Outlook Express and Windows Mail (929123)
Outlook Express 6 on Windows XP and Windows Server 2003; Windows Mail on Windows Vista
Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)
You can find a more comprehensive bulletin summary at the Microsoft’s Security Update Archive: http://www.microsoft.com/technet/security/current.aspx. All recent updates are available for download at http://www.microsoft.com/security/.
Microsoft continues to urge all customers running Windows XP to update to the latest version of Windows XP, Windows XP Service Pack 2 with Advanced Security Technologies. More information is available at http://www.microsoft.com/security/. We also encourage customers to deploy Windows Server 2003 Service Pack 2 which provides customers with significant security enhancements and reliability and performance improvements. More information about Windows Server 2003 Service Pack 2 is available at http://www.microsoft.com/windowsserver2003/default.mspx.
Microsoft recommends that all customers sign up for Microsoft Update (MU) and enable its Automatic Updates functionality to receive all updates available this month and to help make their systems more secure. MU is a service offered at no charge that gives customers everything they get through Windows Update (WU), plus high priority updates for Office and other Microsoft applications. MU includes the Automatic Updates functionality already found in WU so users can choose to automatically install high-priority updates. Customers can sign up for MU by following the steps at: http://update.microsoft.com/microsoftupdate.
Microsoft encourages system administrators to join the monthly technical webcast to learn more about this month’s security updates, the Malicious Software Removal Tool and the TechNet IT Pro Security Newsletter column on Principles of Patch Management:
Title: Information about Microsoft June Security Bulletins (Level 200)
When: Wednesday, June 13, 2007 11:00 AM Pacific Time (US & Canada)