[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 742/06 - Microsoft Security Bulletin Advanced Notification.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 742/06 dated 10.11.06 time 14:00
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is available from the NISCC website at www.niscc.gov.uk
______________________________________________________________________________

Title
=====

Microsoft Security Bulletin Advanced Notification. 

Detail
======

On 14 November 2006 Microsoft is planning to release several security updates.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

********************************************************************
Title: Microsoft Security Bulletin Advanced Notification
Issued: November 09, 2006
********************************************************************

Summary
=======
On 14 November 2006 Microsoft is planning to release:

Security Updates

.	One Microsoft Security Bulletin affecting Microsoft XML Core 
Services. The highest Maximum Severity rating for this is Critical. 
These updates will be detectable using the Microsoft Baseline 
Security Analyzer. These updates will require a restart.

.	Five Microsoft Security Bulletins affecting Microsoft Windows. 
The highest Maximum Severity rating for these is Critical. These 
updates will be detectable using the Microsoft Baseline Security 
Analyzer and the Enterprise Scan Tool. Some of these updates will 
require a restart.

Microsoft Windows Malicious Software Removal Tool

.	Microsoft will release an updated version of the Microsoft 
Windows Malicious Software Removal Tool on Windows Update, Microsoft 
Update, Windows Server Update Services and the Download Center. 
Note that this tool will NOT be distributed using Software Update 
Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

.	Microsoft will release No NON-SECURITY High-Priority Updates 
for Windows on Windows Update (WU) and Software Update Services 
(SUS).

.	Microsoft will release two NON-SECURITY High-Priority Updates 
on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins, 
products affected, restart information and severities are subject to 
change until released. 

Microsoft will host a webcast next week to address customer 
questions on these bulletins. For more information on this webcast 
please see below:
.	TechNet Webcast: Information about Microsoft's Security 
Bulletins   
.	Wednesday, November 15, 2006 11:00 AM Pacific Time (US & 
Canada) 
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1
032313212&EventCategory=4&culture=en-US&CountryCode=US

At this time no additional information on these bulletins such as 
details regarding severity or details regarding the vulnerability 
will be made available until 14 November 2006.
********************************************************************

Support: 
========
Technical support is available from Microsoft Product Support 
Services at 1-866-PC SAFETY (1-866-727-2338). There is no 
charge for support calls associated with security updates. 
International customers can get support from their local Microsoft 
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx
 
Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
  valuable information to help you protect your network. This
  newsletter provides practical security tips, topical security
  guidance, useful resources and links, pointers to helpful
  community resources, and a forum for you to provide feedback
  and ask security-related questions.
  You can sign up for the newsletter at:

  http://www.microsoft.com/technet/security/secnews/default.mspx

* Protect your PC: Microsoft has provided information on how you 
  can help protect your PC at the following locations: 

  http://www.microsoft.com/security/protect/

  If you receive an e-mail that claims to be distributing a 
  Microsoft security update, it is a hoax that may be distributing a 
  virus. Microsoft does not distribute security updates via e-mail. 
  You can learn more about Microsoft's software distribution 
  policies here: 

http://www.microsoft.com/technet/security/topics/policy/swdist.mspx


********************************************************************
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS 
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT 
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING 
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE 
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, 
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL 
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN 
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY 
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING 
LIMITATION MAY NOT APPLY.
********************************************************************

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBRVN4yBCvwTv3q93mAQIDCA//awkYa2qFnwFA9aL6DiiQaqe2wI2N4iBn
kkSKSUnF22/iHFNPUTlFVnqp5rK8uZcAoMkwRJfdNgfEdQLGMvWOHyT6FY7Ea/4Y
Fx2UqL1iJPFTlu0Q3dCd256OJwZPR7t4SorHt5TEY86DVWmF1PAQRGiWbzLbYWLA
YLARMpOCqBeIvPVyfSvdZjC9Zdr7gRoMqDMaZlUVNQRLgjwMScPD1gUkzx0kJ8ZG
OgW9txeqERlu9bXmWrQz78wZBClWFdgk7vubn/8QCT7Nkhr8hSQWxSfOa8RoRRAf
v7AC07ziMPd7+c4CGjhF/6GHwgX4NoZNxTZZr/guK0Tj7eCPrjYOIy40oVIYEbDS
nRcJRfd258OGnVDzPLEysuqgOgOX35HsAA5Y5W4bRUWdhQ+yszn2vav2t1Ti19to
IaPlcLkeUlWDT+OgtXctsxRUiWCo9Ez0M373+mAQTjLD6o0ZgI3uSVQny513wJL0
zPiBub6qpwKYKzjw6RL/p8SH5erCWAb+rJmp4e7GG3xHms7voFL7K71Lihg3/ikY
VjdzMvfCj5/qKQFbyobUUsQQtYcoNvk8ghWgQ/JcxDE14nPeWBmIsr6VTPmuLVLN
jYUWzJ9dU8XkgVYXtsdmsJle+vZGT6HBiifNl0YoVkaFQu3qJwUp3r58AY2hFLMN
pfqtdPRjQW0=
=iwda
- -----END PGP SIGNATURE-----




______________________________________________________________________________

NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Microsoft for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRVSFuGl7oeQsXfKvEQIK4wCdE6DPSOnS0LMBqbIPlgnN53N02/wAoOeI
PDMgWWz/xdOQvnwkr/ms8vtz
=gUUh
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________