Just another Microsoft MVPs site
Microsoft Security Bulletin Advance Notification issued: July 3, 2008
Microsoft Security Bulletins to be issued: July 8, 2008
This is an advance notification of security bulletins that Microsoft is intending to release on July 8, 2008.
4 Important bulletins. 1 SQL, 2 Windows, and 1 Exchange.
http://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx
The Windows Update updated client will be rolled out gradually by Microsoft over the next few weeks. For Administrators who want to roll this out within their company, a download link is provided.
http://support.microsoft.com/default.aspx?scid=kb;en-us;946928
Source: MSRC
Hi. Bill here.
I want to let you know that we have just posted Microsoft Security Advisory 954960, which contains information regarding deployment Issues with Microsoft Windows Server Update Services (WSUS) version 3.0 and 3.0 Service Pack 1. Under specific conditions, the issue does not let clients detect any updates from a WSUS server on systems with Microsoft Office 2003 installed.
While the notification of this issue went out as a Security Advisory, this issue is not a security vulnerability in WSUS or Microsoft Office 2003, but it does address customers’ overall security. This issue only affects the ability of client machines to synchronize with a WSUS server.
We encourage affected customers to implement the manual workarounds, included in the Advisory, which enable clients to synchronize with a WSUS server and will be updated when our ongoing work in testing the permanent solution is complete.
This issue is not related to Microsoft Security Advisory 954474 where systems were blocked from deploying security updates using System Center Configuration Manager 2007.
Thanks,
Bill Sisk
I read about the update yesterday, but interestingly enough, you won’t see the update (for the automated updater from Adobe) until you actually have to use Adobe Reader.
I could go for months without using Adobe – and, frankly wish I never had to use it. But, I did today and was presented with the update.
If you want to do it yourself, here’s the info about it…
http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403742&sliceId=1
It addresses a buffer overflow security vulnerability.
Blogger Carl Weinschenk picked up one of Chris Mosby’s blog posts on security and patching today.
It actually a pretty good read that brings together multiple sources to paint a pretty clear picture about the immediate future of patching.
Read the article here:
Patch Management, Now More than Ever
This post “Microsoft Security Advisory (954474) – affects ConfigMgr 2007” is being picked up in the regular news streams today.
At ComputerWorld: http://www.myitforum.com/absolutenm/templates/?a=5102&z=71
Microsoft is investigating public reports of a non-security issue that affects environments with System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft is aware of reports from customers who are experiencing this issue.
Upon completion of the investigation, Microsoft will take the appropriate action to resolve the problem within System Center Configuration Manager 2007.
Mitigating Factors:
• This issue impacts customers using System Center Configuration Manager 2007 servers to deploy updates to SMS 2003 clients.
Read the full Advisory…
http://www.microsoft.com/technet/security/advisory/954474.mspx
Microsoft Security Bulletin Advance Notification for June 2008
http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx?pf=true
3 Critical
Bulletin Identifier
Bluetooth Bulletin
Maximum Severity Rating
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software section.
Bulletin Identifier
Internet Explorer Bulletin
Maximum Severity Rating
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows, Internet Explorer. For more information, see the Affected Software section.
Bulletin Identifier
DirectX Bulletin
Maximum Severity Rating
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software section.
3 Important
Bulletin Identifier
WINS Bulletin
Maximum Severity Rating
Impact of Vulnerability
Elevation of Privilege
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software section.
Bulletin Identifier
Active Directory Bulletin
Maximum Severity Rating
Impact of Vulnerability
Denial of Service
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software section.
Bulletin Identifier
PGM Bulletin
Maximum Severity Rating
Impact of Vulnerability
Denial of Service
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software section.
– and –
1 Moderate
Bulletin Identifier
Kill Bit Bulletin
Maximum Severity Rating
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software section.