Tuesday, June 12, 2007

June 2007 Monthly Security Bulletin Release

Congratulations, Simon, Release Manager in the MSRC, celebrating his first year anniversary there. So, from Simon and the MSRC Team we have the June Security updates:

June's release contains 6 new bulletins, 4 of which have maximum severities of "Critical".

  • MS07-030 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)
  • MS07-031 Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)
  • MS07-032 Vulnerability in Windows Vista Could Allow Information Disclosure (931213)
  • MS07-033 Cumulative Security Update for Internet Explorer (933566)
  • MS07-034 Cumulative Security Update for Outlook Express and Windows Mail (929123)
  • MS07-035 Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)

Additionally Microsoft is re-releasing two bulletins:

  • MS07-012 Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667) (Updated to v2.0 to reflect applicability to Windows Server 2003 Service Pack 2, and explicitly noting that Platform SDK is not affected)
  • MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939) Updated to fix an issue whereby custom CMS2002 install paths could be reset in the registry to the default paths, as noted in KB article 924429 "known issues" section)

Please refer to the bulletin revision notes for more detail.


No comments: