Microsoft Security Bulletins for April

Discussion in 'Software' started by NICK ADSL UK, Apr 11, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    April 11, 2006

    Today Microsoft released the following Security Bulletin(s).

    Bulletin Summary:
    http://www.microsoft.com/technet/security/...n/ms06-Apr.mspx

    Critical Bulletins:

    Cumulative Security Update for Internet Explorer (912812)
    http://www.microsoft.com/technet/security/...n/ms06-013.mspx

    Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
    http://www.microsoft.com/technet/security/...n/ms06-014.mspx

    Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)
    http://www.microsoft.com/technet/security/...n/ms06-015.mspx

    Important Bulletins:

    Cumulative Security Update for Outlook Express (911567)
    http://www.microsoft.com/technet/security/...n/ms06-016.mspx

    Moderate Bulletins:

    Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)
    http://www.microsoft.com/technet/security/...n/ms06-017.mspx

    Re-Released Bulletins:

    Vulnerability in Windows Media Player Could Allow Remote Code Execution
    (911565)
    http://www.microsoft.com/technet/security/...n/ms06-005.mspx
     
    Last edited: Apr 11, 2006
    NICK ADSL UK, Apr 11, 2006
    #1
  2. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Microsoft Malicious Software Removal Tool - update 04/12/2006

    --------------------------------------------------------------------------------

    Microsoft® Windows® Malicious Software Removal Tool (KB890830)

    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

    File Name: Windows-KB890830-V1.15.exe
    Version: 1.15
    Knowledge Base (KB) Articles: KB890830
    Date Published: 4/11/2006
    Language: English
    Download Size: 1.7 MB

    More Info:
    http://www.majorgeeks.com/Microsoft_Malicious_Software_Removal_Tool_d4471.html
     
    Last edited: Apr 11, 2006
    NICK ADSL UK, Apr 11, 2006
    #2
  3. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Update to the MS06-015 issue.

     
    NICK ADSL UK, Apr 18, 2006
    #3
  4. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Microsoft wil re-release Windows patch MS06-015 on Tuesday, April 25th

    From the MSRC Blog: We've been continually examining the best way to assist the customers who may have been impacted by the interaction of MS06-015 with the software Mike mentioned before. We wanted to check in and let you know the current plan. Up until now there have been several solutions: Upgrade to the newest version of the affected software, a manual registry key fix, uninstall the third party software (NVIDIA Drivers versions 61.94 and prior or the Hewlett Packard Share-to-web software) or uninstall the update. All of these require the user to take some sort of action.

    So what we have done is re-engineered the MS06-015 update to avoid the conflict altogether with the older Hewlett Packard and NVIDIA software. We're going to run a test pass on it and we will release this new update on Tuesday, April 25th. What the new update essentially does is simply add the affected third party software to an "exception list" so that the problem does not occur. The revised update automates the manual registry key fix.

    So what should you do?

    Well if you are experiencing the problem right now, you can use the currently available reg key fix documented in 918165, go to the newest versions of the affected software, or uninstall the third party software. On Tuesday April 25th, if you have not taken those actions but are having the problem, the update MS06-015 will be delivered to the machine through AU if configured, or through Microsoft Update or the Download Center if you want to install it manually.

    I want to be real clear about that. When the update is re-released, it's going to be very much targeted to people who are having the problem, or people who have not installed MS06-015 yet. That means if you have already installed MS06-015 and are not having the problem, there's no action here for you.

    Windows Update, Microsoft Update, and Automatic Update will have detection logic built into them to only offer the revised update (which essentially includes the reg key fix) to those customers who either don't have MS06-015 or are having the problem.

    We've updated the bulletin to reflect this information as well.

    http://blogs.technet.com/msrc/archive/2006/04/21/425838.aspx
     
    NICK ADSL UK, Apr 21, 2006
    #4
  5. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Windows Genuine Advantage Notification (KB905474)
    Date last published: 4/25/2006
    Download size: 829 KB
    The Windows Genuine Advantage Notification tool notifies you if your copy of Windows is not genuine. If your system is found to be a non-genuine, the tool will help you obtain a licensed copy of Windows.
    http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

    Update for Windows XP (KB900485)
    Typical download size: 149 KB , less than 1 minute
    Install this update to prevent an issue in which you may receive a “stop 0x7e in AEC.SYS” error message on a computer that is running Windows XP Service Pack 2. The error may occur during startup, or after the system has started. AEC.SYS is the acoustic echo canceling driver. After you install this item, you may have to restart your computer.
    Details...
    http://support.microsoft.com/default.aspx/kb/900485

    Security Update for Windows XP (KB908531)
    Typical download size: 789 KB , 1 minute
    A security issue has been identified in Windows Explorer that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
    NOTE: If you have already installed MS06-015 and are not having the problem, you need take no action.
    Details...
    http://www.microsoft.com/technet/security/Bulletin/MS06-015.mspx
     

    Attached Files:

    NICK ADSL UK, Apr 25, 2006
    #5
  6. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Microsoft Security Bulletin MS06-016

    Cumulative Security Update for Outlook Express (911567)
    Published: April 11, 2006 | Updated: April 26, 2006

    Version: 1.2

    Summary
    Who should read this document: Customers who use Microsoft Outlook Express

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Important

    Recommendation: Customers should apply the update at the earliest opportunity

    Security Update Replacement: This bulletin replaces two prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

    Caveats: Microsoft Knowledge Base Article 911567 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 911567.

    Tested Software and Security Update Download Locations:

    http://www.microsoft.com/technet/security/bulletin/ms06-016.mspx

    Affected Software:

    • Microsoft Windows 2000 Service Pack 4

    • Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

    • Microsoft Windows XP Professional x64 Edition

    • Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

    • Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

    • Microsoft Windows Server 2003 x64 Edition

    • Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Windows Me) – Review the FAQ section of this bulletin for details about these operating systems.


    Tested Microsoft Windows Components:
    Affected Components:

    • Outlook Express 6 on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 - Download the update

    • Outlook Express 6 on Microsoft Windows Server 2003 x64 Edition - Download the update

    • Outlook Express 6 Microsoft Windows Server 2003 on Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems - Download the update

    • Outlook Express 6 on Microsoft Windows XP Service Pack 2 - Download the update

    • Outlook Express 6 on Microsoft Windows XP Professional x64 Edition - Download the update

    • Outlook Express 6 Service Pack 1 on Microsoft Windows XP Service Pack 1 or when installed on Microsoft Windows 2000 Service Pack 4 - Download the update

    • Outlook Express 5.5 Service Pack 2 on Microsoft Windows 2000 Service Pack 4 - Download the Update


    Note The security updates for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 also apply to Microsoft Windows Server 2003 R2.
     
    NICK ADSL UK, Apr 28, 2006
    #6
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds