Hi Everyone,
This is Tami Gallupe, MSRC release manager, and I just wanted to let you know that we’ve posted our bulletins for December 2007. We released seven bulletins today: three have a maximum severity of Critical, and four have a maximum severity of Important. Here is a snapshot of what we released and you can find more information at the Security Bulletin Summary for December 2007.
MS07-063: This update addresses a vulnerability in SMBv2 that could allow remote code execution, and has a maximum severity of Important.
MS07-064: This update addresses two vulnerabilities in Microsoft DirectX that could allow code execution, and has a maximum severity of Critical.
MS07-065: This update addresses a vulnerability in Message Queuing that could allow remote code execution, and has a maximum severity of Important.
MS07-066: This update addresses a vulnerability in Windows Kernel that could allow elevation of privilege, and has a maximum severity of Important.
MS07-067: This update addresses a vulnerability in Macrovision Driver that could allow local elevation of privilege, and has a maximum severity of Important.
MS07-068: This update addresses a vulnerability in Windows Media File Format that could allow remote code execution, and has a maximum severity of Critical.
MS07-069: This is a cumulative security update for Internet Explorer and the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. This bulletin has a maximum severity of Critical.
Additionally, we released the regularly scheduled Microsoft Windows Malicious Software Removal Tool. You can find more information about this tool at www.microsoft.com/malwareremove.
And last but not least, I would like to invite you to join us tomorrow for our final MSRC webcast of 2007. It will begin at 11:00 AM, PST, and we’ll be providing a technical overview of each bulletin, as well as answering related questions you may have about this release. Click here to register. We look forward to hearing from you then!
Happy holidays!
Tami
“Update: Tami here, I wanted to let you know that there’s a small delay in the posting of the wsusscan cab that is used so that SMS ITMU can deploy these updates. All other deployment mechanisms are already available. We expect to see wsusscan cab become available later this afternoon and we will let you know when it is published.”
“Update 2: The latest wsusscan cab has now been posted.”
*This posting is provided “AS IS” with no warranties, and confers no rights.*