PDA

View Full Version : MS Alerts - Q1-2007b



AplusWebMaster
2007-03-08, 23:02
FYI...

- http://www.microsoft.com/technet/security/bulletin/advance.mspx
Updated: March 8, 2007
"On March 13, 2007 Microsoft is planning to release:
Security Updates
• No new Microsoft Security Bulletins will be released on March 13, 2007..."

- http://isc.sans.org/diary.html?storyid=2379
Last Updated: 2007-03-08 20:10:34 UTC ~ "...This announcement may have been a result of the upcoming Sunday switch in some geographies to Daylight Savings Time. This new schedule for DST may hose some software. Microsoft might be trying to avoid negative interactions of new patches on Tuesday only two short days after DST conversion..."

- http://www.informationweek.com/shared/printableArticle.jhtml?articleID=197801353
March 8, 2007 ~ "With nine outstanding software bugs, Microsoft announced on Thursday afternoon that it won't be releasing any patches this month. It's the first time the company hasn't gone through with its monthly Patch Tuesday release since September 2005..."

:fear:

AplusWebMaster
2007-03-13, 23:31
FYI...

- http://preview.tinyurl.com/3c3cga
March 13, 2007 ~ "(Computerworld) - Microsoft Corp. quietly deployed a patch to its Windows Live OneCare security suite earlier than expected to fix a bug that has erased some users' e-mail. "On Sunday, March 11, the Windows Live OneCare team released a new antimalware engine that will fix the issue of OneCare erroneously quarantining certain Outlook .pst or Outlook Express .dbx files when infected files were detected within them," a Microsoft representative confirmed today. "Windows Live OneCare customers whose PCs are connected to the Internet will automatically get this fix"..."

:fear:

AplusWebMaster
2007-03-13, 23:55
FYI...

- http://isc.sans.org/diary.html?storyid=2436
Last Updated: 2007-03-13 20:18:44 UTC ...(Version: 2)
"...(Initially, this looked like just the release candidate, but apparently this is the real deal)..."
> http://www.microsoft.com/technet/windowsserver/sp2.mspx

> http://support.microsoft.com/?kbid=914961
Last Review: March 13, 2007

Oh well, have fun. And they said "No patches..." this month:
- http://www.microsoft.com/technet/security/bulletin/ms07-mar.mspx
"...Microsoft has not released any security bulletins on March 13, 2007..."
-------------------------------------------------------------------------

> http://preview.tinyurl.com/3x7y3a
"...Some organizations have requested the ability to temporarily disable the automatic delivery of this update through Automatic Updates (AU) and Windows Update (WU)..."
Quick Details
File Name: SPBlockerTools.EXE
Version: 1
Date Published: 3/12/2007
Language: English
Download Size: 81 KB
-------------------------------------------------------------------------

Release Notes for Microsoft Windows Server 2003 SP2
- http://preview.tinyurl.com/2d3qcw
"...If you installed Internet Explorer 7 after installing Windows Server 2003 SP1, you must uninstall Internet Explorer 7 before you install Windows Server 2003 SP2..." (? - one of several weird things shown there)

Readme for Windows Server 2003 SP2
> http://preview.tinyurl.com/35absv

Windows Server 2003 Service Pack 2 Technical Library
- http://preview.tinyurl.com/2d85wc

"...List of known CVEs that are supposed to be fixed in SP2 for Windows 2003..."
> http://isc.sans.org/diary.html?storyid=2454

.

AplusWebMaster
2007-03-14, 03:45
FYI...

- http://www.informationweek.com/shared/printableArticle.jhtml?articleID=198000229
March 12, 2007 ~ "...Tech staffers at NIST, a part of the Department of Commerce charged with promulgating technology standards, are scheduled to meet on April 10 in Gaithersburg, Md., to discuss their concerns about the new operating system, which Microsoft released to consumers in January amid much fanfare and to businesses in December with lesser flair. According to the formal agenda for the meeting, NIST technology workers will attend a session entitled "Windows Vista Security" to discuss "the current ban of this operating system on NIST networks." NIST officials weren't immediately available to comment. Word of NIST's Windows Vista ban comes a week after InformationWeek revealed that the U.S. Department of Transportation and the Federal Aviation Administration have both imposed similar blackouts on the operating system, as well as on Microsoft Office 2007 and Internet Explorer 7..."

:lip:

AplusWebMaster
2007-03-14, 15:31
:scratch:

- http://www.microsoft.com/technet/security/bulletin/ms07-mar.mspx
"...Microsoft has not released any security bulletins on March 13, 2007..."


Despite the above pronouncement, you may want to take a look at these:

1) http://support.microsoft.com/?kbid=932246
March 2007 Windows Vista Application Compatibility Update
Article ID: 932246
Last Review: March 15, 2007
Revision: 1.2 *

2) http://forums.spybot.info/showpost.php?p=74644&postcount=21
Windows Server 2003 SP2

3) http://support.microsoft.com/?kbid=931764
Outlook 2003 Junk E-mail Filter update
Article ID: 931764
Last Review: March 13, 2007
Revision: 1.0

4) http://support.microsoft.com/?kbid=931766
Outlook 2007 Junk E-mail Filter update
Article ID: 931766
Last Review: March 13, 2007
Revision: 1.0

:lip:

AplusWebMaster
2007-03-29, 23:52
FYI...

Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling
- http://www.microsoft.com/technet/security/...ory/935423.mspx (http://www.microsoft.com/technet/security/advisory/935423.mspx)
March 29, 2007 ~ "Microsoft is investigating new public reports of targeted attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker. As a best practice, users should always exercise extreme caution when opening or viewing unsolicited emails and email attachments from both known and unknown sources... ."

- http://isc.sans.org/diary.html?storyid=2534
Last Updated: 2007-03-29 19:35:05 UTC
"...Mitigation:
- Microsoft is reporting that users of Internet Explorer 7 with Protected Mode* are protected from active exploitation. Note that this does not apply to Outlook !;
- Anti-virus detection is very spotty. We've tested some of the exploits and they were detected by Windows Live OneCare 1.2306 and McAfee 4995. One specific file was also discovered by a product triggering on a signature written for MS05-002, a similar vulnerability from 2005. This will not apply to most exploits in the wild..."
* http://www.microsoft.com/technet/windowsvi...ware.mspx#EZPAC (http://www.microsoft.com/technet/windowsvista/security/defend_against_malware.mspx#EZPAC)
"...This setting only works in Internet Explorer 7 with Windows Vista..."

> http://www.avertlabs.com/research/blog/?p=230
"...Preliminary tests demonstrate that Internet Explorer 6 and 7 running on a fully patched Windows XP SP2 are vulnerable to this attack. Windows XP SP0 and SP1 do not appear to be vulnerable, nor does Firefox 2.0..."

> http://preview.tinyurl.com/26y4f8
(TrendMicro)

> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1765

- http://isc.sans.org/diary.html?storyid=2539
Last Updated: 2007-03-30 10:40:08 UTC ~ "A short overview of how the different email clients (in the supported list of Microsoft) are reacting to the animated cursor vulnerability depending on the actions and settings of the email client. The surprising element is that read in plain text mode makes some of the clients more vulnerable and actually only offers real added value for Outlook 2003..."
(Chart available at the URL above.)

> http://www.us-cert.gov/current/#WINANI
-----------------------------------

Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling
- http://www.microsoft.com/technet/security/advisory/935423.mspx
Revisions:
• March 29, 2007: Advisory published
• March 29, 2007: Advisory revised to add additional information regarding Outlook 2007 in the Mitigations Section. The Workarounds Section also updated to clarify impact and use of plain text email on Windows Mail and Outlook Express
• March 31, 2007: Advisory revised to add additional information regarding Windows 2003 Service Pack 2, Microsoft Windows Server 2003 with SP2 for Itanium-based Systems, and Microsoft Windows Server 2003 x64 Edition Service Pack 2 in the “Related Software” section.
===================

Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling
- http://www.microsoft.com/technet/security/advisory/935423.mspx
Updated: April 3, 2007 ~ "Microsoft has completed the investigation into a public report of attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. We have issued MS07-017 to address this issue..."
* http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx

.
:fear:

AplusWebMaster
2007-04-02, 12:31
FYI...

- http://www.microsoft.com/technet/security/bulletin/advance.mspx
April 1, 2007 ~ "...On Tuesday 3 April 2007 Microsoft is planning to release:

Security Updates
• -One- Microsoft Security Bulletin affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

Microsoft Windows Malicious Software Removal Tool
• Microsoft will not release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center on Tuesday 3 April 2007.

Non-security High Priority updates on MU, WU, WSUS and SUS
• Microsoft will not release any NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS) on Tuesday 3 April 2007.
• Microsoft will not release any NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS) on Tuesday 3 April 2007.

Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released..."

.