May security updates for Server DNS and Office 2003/2007 and IE7. Also Quicktime needs an update

David Overton's Blog

Syndication

RSS for Posts
Atom
RSS for Comments
Email Notifications
GoEnter a valid email

Tags

I did a quick scan and it seems that this month Office is the main target of updates, along with one critical one for Windows Server (for DNS RPC attack) and one for IE7. Worth a quick download and install :-)

I also got this in the mail today: Apple QuickTime 7.x must be upgraded to 7.1.5 or higher.

On the security updates:

Microsoft is releasing the following new security bulletins for newly discovered vulnerabilities:

Bulletin Number Maximum Severity Affected Products Impact

MS07-023 Critical Microsoft Excel (all currently supported versions) Remote Code Execution

MS07-024 Critical Microsoft Word 2000, 2002, 2003, 2004 (Mac) Remote Code Execution

MS07-025 Critical Microsoft Office (all currently supported versions) Remote Code Execution

MS07-026 Critical Microsoft Exchange (all current versions) Remote Code Execution

MS07-027 Critical Internet Explorer - all current versions on all currently supported versions of Microsoft Windows Remote Code Execution

MS07-028 Critical CAPICOM, BizTalk Server Remote Code Execution

MS07-029 Critical Windows 2000 (server), Windows Server 2003 Remote Code Execution
Summaries for these new security bulletins may be found at the following pages: http://www.microsoft.com/technet/security/bulletin/ms07-May.mspx Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.

Microsoft Windows Malicious Software Removal ToolMicrosoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here: http://go.microsoft.com/fwlink/?LinkId=40573 High-Priority Non-Security Updates on Microsoft Update (MU), Windows Update (WU), Windows Server Update Services (WSUS) and Software Update Services (SUS)Microsoft is also releasing High-Priority NON-SECURITY updates today on WU, MU, SUS and WSUS. For complete details on non-security updates being released today please review the following KB Article: http://support.microsoft.com/?id=894199 TechNet Webcast:

Title: Information about Microsoft May Security Bulletins (Level 200)

When: Wednesday, 9 May 2007 11:00 AM (GMT-08:00) Pacific Time (US & Canada)

URL: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327015

Replay: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327015

ttfn

David

Technorati tags: Security, Office 2007, Office 2003, IE7, SBS 2003

Posted Tue, May 8 2007 9:16 PM by David Overton

Filed under: SBS 2003, Windows 7, Vista and XP, Office System, Support and Tools, Security, Exchange, Windows Server 2003, Windows Client, Windows XP, Office 2007, SBS 2003 R2, Word, Outlook, PowerPoint, Office 2003

Syndication

Recent Posts

Tags

Add a Comment

Bulletin Number	Maximum Severity	Affected Products	Impact
MS07-023	Critical	Microsoft Excel (all currently supported versions)	Remote Code Execution
MS07-024	Critical	Microsoft Word 2000, 2002, 2003, 2004 (Mac)	Remote Code Execution
MS07-025	Critical	Microsoft Office (all currently supported versions)	Remote Code Execution
MS07-026	Critical	Microsoft Exchange (all current versions)	Remote Code Execution
MS07-027	Critical	Internet Explorer - all current versions on all currently supported versions of Microsoft Windows	Remote Code Execution
MS07-028	Critical	CAPICOM, BizTalk Server	Remote Code Execution
MS07-029	Critical	Windows 2000 (server), Windows Server 2003	Remote Code Execution