On July 14, 2009 Microsoft is planning to release six new security bulletins. Below is a summary in order of severity. The full version of the Microsoft Security Bulletin Advance Notification for this month can be found here at http://www.microsoft.com/technet/security/bulletin/ms09-jul.mspx.
Jerry Bryant provided important clarification regarding two of the pending Windows updates at the MSRC Blog in July 2009 Advance Notification:
"First, we will be addressing the issue discussed in Security Advisory 971778 concerning a vulnerability in DirectShow. As noted in the advisory, we are aware of limited active attacks and we have been working aggressively to get a quality update shipped to customers.Bulletin ID: Windows 1
Second, our engineering teams have been working around the clock to produce an update for the issue discussed in Security Advisory 972890 (vulnerability in the Microsoft Video ActiveX Control) and we believe that they will be able to release an update of appropriate quality for broad distribution that protects against the attacks we detailed in the advisory and in an MSRC blog post by Christopher Budd. In the mean time, we encourage customers to continue to enable the workaround by running the “Microsoft Fix it” solution in the associated knowledge base article (KB972890)."
Maximum Severity Rating: CriticalBulletin ID: Windows 2
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008
Maximum Severity Rating: CriticalBulletin ID: Windows 3
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows 2000, Windows XP, Windows Server 2003
Maximum Severity Rating: CriticalBulletin ID: VPC/VS
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows XP, Windows Server 2003
Maximum Severity Rating: ImportantBulletin ID: ISA
Vulnerability Impact: Elevation of Privilege
Restart Requirement: Requires restart
Affected Software: Virtual PC 2004, Virtual PC 2007, Virtual Server 2005
Maximum Severity Rating: ImportantBulletin ID: Publisher
Vulnerability Impact: Elevation of Privilege
Restart Requirement: Requires restart
Affected Software: Microsoft Internet Security and Acceleration Server 2006
Maximum Severity Rating: ImportantAlthough Microsoft does not anticipate any changes, the number of bulletins, products affected, restart information, and severity of the bulletins are subject to change until released.
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office Publisher 2007
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment