Thursday, December 06, 2007

December 2007 MSRC Security Bulletin Release

On 11 December 2007 Microsoft is planning to release seven new security bulletins. Below is a summary in order of severity. For more information on affected software, see the Affected Software section of the Advance Notification page, linked below. Microsoft Baseline Security Analyzer can detect whether your computer system requires these updates.

In addition to an updated Malicious Software Removal Tool, Microsoft is also planning to release six non-security,high priority updates on Microsoft Update and Windows Server Update Services and one non-security high-priority update for Windows on Windows Update.


Maximum Severity Rating:Critical
  • Microsoft Security Bulletin 2
Impact of Vulnerability:Remote Code Execution
Restart Requirement: The update will not require a restart, except in certain situations.
Affected Software :Windows, DirectX, DirectShow.
  • Microsoft Security Bulletin 6
Impact of Vulnerability:Remote Code Execution
Restart Requirements:The update will not require a restart, except in certain situations.
Affected Software:Windows, Windows Media Format Runtime.
  • Microsoft Security Bulletin 7
Impact of Vulnerability:Remote Code Execution
Restart Requirement:The update will require a restart.
Affected Software:Windows, Internet Explorer.


Maximum Severity Rating: Important
  • Microsoft Security Bulletin 1
Impact of Vulnerability:Remote Code Execution
Restart Requirement: The update will require a restart.
Affected Software:Windows.
  • Microsoft Security Bulletin 3
Impact of Vulnerability:Remote Code Execution
Restart Requirement: The update will require a restart.
Affected Software: Windows.
  • Microsoft Security Bulletin 4
Impact of Vulnerability:Elevation of Privilege
Restart Requirement: The update will require a restart.
Affected Software:Windows.
  • Microsoft Security Bulletin 5
Impact of Vulnerability:Local Elevation of Privilege
Restart Requirement: The update will require a restart.
Affected Software:Windows.

References:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

2 comments:

Anonymous said...

Corrine: I get so confused. I understand there is more than one way to update my operating system. I usually let the auto update download the files then I choose when and which ones I want to install.

My question is there is also a "windows update" on the computer xp pro sp2 do I need to periodically use that also? Am I getting all the updates I should be? Thanks

Corrine said...

Great question! It prompted me to pull together a number of resources for others with the same question.

See "Understanding Microsoft Updates", at http://securitygarden.blogspot.com/2007/12/understanding-microsoft-updates.html