Jump to content
Sign in to follow this  
nlinecomputers

Microsoft Monthly Update

Recommended Posts

Perhaps this explains why:

Frequently asked questions (FAQ) related to this security updateHow does the extended support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition affect the release of security updates for these operating systems?Microsoft will only release security updates for critical security issues. Non-critical security issues are not offered during this support period. For more information about the Microsoft Support Lifecycle policies for these operating systems, visit the following Web site.For more information about severity ratings, visit the following Web site.Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition critically affected by one or more of the vulnerabilities that are addressed in this security bulletin?No. Although Windows Millennium Edition does contain the affected component, the vulnerability is not critical. For more information about severity ratings, visit the following Web site.

Share this post


Link to post
Share on other sites

NOTE TO MODS:If posted incorrectly into this thread, feel free to move with no notice to me.Microsoft Security Bulletin Summary for June, 2005Issued: June 14, 2005Version Number: 1.0SummaryIncluded in this advisory are updates for newly discovered vulnerabilities. These vulnerabilities, broken down by severity are:Critical (3)

Important (4)

Moderate (3)

Share this post


Link to post
Share on other sites

Thanks, TeMerc, saves me from posting all that info myself. ;)

Share this post


Link to post
Share on other sites

It's Tuesday, but not Super Tuesday, but that hasn't stopped Microsoft from offering Update Rollup 1 for Windows 2000 SP4.If you are running Windows 2000 SP4 and haven't gotten around to installing the latest security patches and hotfixes, this update will apply the 50 or so patches since SP4 came out. B)

Share this post


Link to post
Share on other sites

Thanks Peachy. It's usful to burn to a CD so if I need a reinstall I don't have to download all the patches one at a time.

Share this post


Link to post
Share on other sites

Almost forgot about Patch Tuesday today! ;) First up, a patch for Microsoft Word:http://www.microsoft.com/technet/security/...n/MS05-035.mspxMicrosoft Security Bulletin MS05-035Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)http://www.microsoft.com/technet/security/...n/ms05-036.mspxMicrosoft Security Bulletin MS05-036Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)And last, but not least, a patch for Internet Explorer that was discovered last week:http://www.microsoft.com/technet/security/...n/MS05-037.mspxMicrosoft Security Bulletin MS05-037Vulnerability in JView Profiler Could Allow Remote Code Execution (903235) :)

Share this post


Link to post
Share on other sites

It's Patch Tuesday once again and we have one MS Word patch and 6 Windows patches:Microsoft Security Bulletin MS05-023Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)http://www.microsoft.com/technet/security/...n/MS05-023.mspxMicrosoft Security Bulletin MS05-032Vulnerability in Microsoft Agent Could Allow Spoofing (890046)http://www.microsoft.com/technet/security/...n/MS05-032.mspxMicrosoft Security Bulletin MS05-038Cumulative Security Update for Internet Explorer (896727)http://www.microsoft.com/technet/security/...n/MS05-038.mspxMicrosoft Security Bulletin MS05-040Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)http://www.microsoft.com/technet/security/...n/MS05-040.mspxMicrosoft Security Bulletin MS05-041Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)http://www.microsoft.com/technet/security/...n/MS05-041.mspxMicrosoft Security Bulletin MS05-042Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)http://www.microsoft.com/technet/security/...n/MS05-042.mspxMicrosoft Security Bulletin MS05-043Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)http://www.microsoft.com/technet/security/...n/MS05-043.mspx

Share this post


Link to post
Share on other sites

December's Super Tuesday patches from Microsoft include:Microsoft Security Bulletin MS05-054Cumulative Security Update for Internet Explorer (905915)http://www.microsoft.com/technet/security/...n/ms05-054.mspxMicrosoft Security Bulletin MS05-055Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)http://www.microsoft.com/technet/security/...n/ms05-055.mspx

Share this post


Link to post
Share on other sites

With all the buzz about the WMF patch I pretty much forgot to check for the scheduled Patch Tuesday updates. Here are the two new ones:Microsoft Security Bulletin MS06-002Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)http://www.microsoft.com/technet/security/...n/MS06-002.mspxMicrosoft Security Bulletin MS06-003Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)http://www.microsoft.com/technet/security/...n/MS06-003.mspx

Share this post


Link to post
Share on other sites

2 Critical BulletinsMS06-004 - Cumulative Security Update for Internet Explorer (910620)http://www.microsoft.com/technet/security/...n/MS06-004.mspxMS06-005 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)http://www.microsoft.com/technet/security/...n/MS06-005.mspx5 Important BulletinsMS06-006 - Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)http://www.microsoft.com/technet/security/...n/MS06-006.mspxMS06-007 - Vulnerability in TCP/IP Could Allow Denial of Service (913446)http://www.microsoft.com/technet/security/...n/MS06-007.mspxMS06-008 - Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)http://www.microsoft.com/technet/security/...n/MS06-008.mspxMS06-009 - Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)http://www.microsoft.com/technet/security/...n/MS06-009.mspxMS06-010 - Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)http://www.microsoft.com/technet/security/...n/MS06-010.mspx

Share this post


Link to post
Share on other sites

Hmmm...I have "Automaic Updates" set to notify me before downloading and installing. Shouldn't it have told me there were updates by now? It hasn't yet.

Share this post


Link to post
Share on other sites

Oops, almost forgot about Super Tuesday. Here are the March Windows Security updates:http://www.microsoft.com/technet/security/...n/MS06-011.mspxMicrosoft Security Bulletin MS06-011Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)http://www.microsoft.com/technet/security/...n/MS06-012.mspxMicrosoft Security Bulletin MS06-012Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)

Share this post


Link to post
Share on other sites

Yesterday's Patch Tuesday releases are as follows:Microsoft Security Bulletin MS06-013Cumulative Security Update for Internet Explorer (912812)This update resolves several vulnerabilities in Internet Explorer that could allow remote code execution.Microsoft Security Bulletin MS06-014Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)This update resolves a vulnerability in MDAC that could allow remote code execution.Microsoft Security Bulletin MS06-015Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)This update resolves a vulnerability in Windows Explorer that could allow remote code executionMicrosoft Security Bulletin MS06-016Cumulative Security Update for Outlook Express (911567)This update resolves a vulnerability in Outlook Express that could allow an attacker to take complete control of the affected system. User interaction is required for an attacker to exploit this vulnerability.Microsoft Security Bulletin MS06-017Vulnerability in Microsoft Front Page Server Extensions Could Allow Cross Site Scripting (917627)This update resolves a cross-site scripting vulnerability in FrontPage Server Extensions that could allow an attacker to run script in the context of the locally logged on user. User interaction is required for an attacker to exploit this vulnerability.

Share this post


Link to post
Share on other sites

Thanks, Peachy. Um...is it normal for XP's built-in auto update to prompt me to download and just disappear for a while? I have it set to notify me before downloading, so it prompted me first thing when I started up my computer this morning, I hit "Download", the icon sat in the systray for a couple of seconds and disappeared. It hasn't come back yet. Is this normal?

Share this post


Link to post
Share on other sites

I have the same problem here already for a couple of months. I searched MS kb to no avail, since then I'm seeing sometimes it behaves normal, sometimes like you described. So now I just download the updates myself.

Share this post


Link to post
Share on other sites
I have the same problem here already for a couple of months. I searched MS kb to no avail, since then I'm seeing sometimes it behaves normal, sometimes like you described. So now I just download the updates myself.
Well, that's annoying. I'd expect a built-in tool to work and not have to download additional ActiveX controls and junk :)

Share this post


Link to post
Share on other sites

It most likely finished installing and didn't require a reboot. Some patches don't have to reboot the OS.

Share this post


Link to post
Share on other sites
It most likely finished installing and didn't require a reboot. Some patches don't have to reboot the OS.
In five seconds? Not even maybe. Besides, when I rebooted, the icon came back then disappeared again.

Share this post


Link to post
Share on other sites

It could also be that you need the updated windows update installer package (there are three things you need to have installed prior to the current Windows Updates working properly):WGA (Updated Windows Genuine Advantage)Windows Installer 3.xand something else I can remember right now...If you go to the Windows Update site manually and get those, the rest will come down naturally through the updates.I have had that happen with a few new client computers where they hadn't been there in a few months and that was the only way to get it to go right.One recent one had two out of the three and just needed the updated WGA before it would work right.Go figure.

Share this post


Link to post
Share on other sites

Critical (2)Bulletin Identifier Microsoft Security Bulletin MS06-019 Bulletin Title Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803) http://go.microsoft.com/fwlink/?LinkId=66352Executive Summary Vulnerabilities exist in Microsoft Exchange that could allow remote code execution. Maximum Severity Rating Critical Impact of Vulnerability Remote Code Execution Affected Software Exchange. For more information, see the Affected Software and Download Locations section. Bulletin Identifier Microsoft Security Bulletin MS06-020 Bulletin Title Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)http://www.microsoft.com/technet/security/...n/MS06-020.mspxExecutive Summary Vulnerabilities exist in Macromedia Flash Player from Adobe that could allow remote code execution. Maximum Severity RatingCritical Impact of Vulnerability Remote Code Execution Affected Software Windows. For more information, see the Affected Software and Download Locations section. Moderate (1) Bulletin Identifier Microsoft Security Bulletin MS06-018 Bulletin Title Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)http://www.microsoft.com/technet/security/...n/MS06-018.mspxExecutive Summary A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. Maximum Severity Rating Moderate Impact of Vulnerability Denial of Service Affected Software Windows. For more information, see the Affected Software and Download Locations section.

Share this post


Link to post
Share on other sites

Whoo yea! I forgot about that today. Thanks. B)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...