Update on Microsoft Security Advisory 935964

Kudos to the MSRC Team on the excellent communication provided to the community!

Highlights from the MSRC Friday Update on Microsoft Security Advisory 935964:

• An update is expected for the May 8, 2007, monthly bulletin release

• Attacks are not widespread and no new malicious software has been found attempting to exploit this vulnerability

• Customers are deploying the workarounds in Security Advisory 936263

• The anticipated security update will NOT undo any of the workarounds that have been applied and will need to be undone

• The security update will require a reboot.

Also of importance in the referenced MSRC Blog update is that support for Windows Server 2003 expired on April 10, 2007, with the April monthly bulletin release. Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 are the currently supported versions. See the Microsoft Support Lifecycle.

References:

• Jesper's Blog (13Apr07)
• MSRC Blog (27Apr07)
  
• MSRC Blog (22Apr07)
  
• MSRC Blog (20Apr07)
  
• MSRC Blog (19Apr07)
  
• MSRC Blog (17Apr07)
  
• MSRC Blog (16Apr07)
  
• MSRC Blog (15Apr07)
  
• MSRC Blog (14Apr07)
  
• MSRC Blog (13Apr07)
  
• MSRC Blog (12Apr07)
• Security Advisory 935964
• Security Advisory 936263