April 2007 Security Bulletins


This alert is to provide you with an overview of the new Security Bulletin being released on 10 April 2007.


 


New Security Bulletins


 


Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:


 


































Bulletin Number


Maximum Severity


Affected Products


Impact


MS07-018


Critical


Content Management Server 2001 and Content Management Server 2002


Remote Code Execution


MS07-019


Critical


Windows XP


Remote Code Execution


MS07-020


Critical


Windows 2000, Windows XP, Windows Server 2003


Remote Code Execution


MS07-021


Critical


All current versions of Microsoft Windows


Remote Code Execution


MS07-022


Important


Windows 2000, Windows XP, Windows Server 2003


Elevation of Privilege


 


Summaries for these new bulletins may be found at the following pages:


 


http://www.microsoft.com/technet/security/bulletin/ms07-Apr.mspx


 


 


Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.


 


Microsoft Windows Malicious Software Removal Tool


 


Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here:


 


http://go.microsoft.com/fwlink/?LinkId=40573


 


High-Priority Non-Security Updates on Microsoft Update (MU), Windows Update (WU), Windows Server Update Services (WSUS) and Software Update Services (SUS)


 


Microsoft is also releasing High-Priority NON-SECURITY updates today on WU, MU, SUS and WSUS. For complete details on non-security updates being released today please review the following KB Article:


 


http://support.microsoft.com/?id=894199


 


TechNet Webcast:  Information about Microsoft April 2007 Security Bulletins (Level 200)


 


Wednesday, April, 11, 2007 at 11:00 AM PDT


http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327017


 


The on-demand version of the Webcast will be available 24 hours after the live Webcast at:


http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327017


 


 


******************************************************************


Security Bulletin Details


 


MS06-018


 


Title:  Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)


 


Executive Summary: This update resolves two newly discovered, privately reported vulnerabilities. Each vulnerability is documented in the "Vulnerability Details" section of this bulletin. We recommend that customers apply the update immediately.


 


Affected Software:


·         Microsoft Content Management Server 2001 Service Pack 1


·         Microsoft Content Management Server 2002 Service Pack 2


 


Impact of Vulnerability: Remote Code Execution


 


Maximum Severity Rating: Critical


 


Restart requirement: To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).


 


Removal Information: After you install the update, you cannot remove it. To revert to an installation before the update was installed; you must remove the application, and then install it again from the original CD-ROM.


 


More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-018.mspx


 


******************************************************************


MS06-019


 


Title:  Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)


 


Executive Summary: This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. We recommend that customers apply the update immediately.


 


Affected Software:


·         Microsoft Windows XP Service Pack 2


·         Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2


 


Non-Affected Software:


·         Microsoft Windows 2000 Service Pack 4


·         Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2


·         Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems


·         Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2


·         Windows Vista


·         Windows Vista x64 Edition


 


Impact of Vulnerability: Remote Code Execution


 


Maximum Severity Rating: Critical


 


Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).


 


Removal Information: To remove this security update, use the Add or Remove Programs tool in Control Panel.  System administrators can also use the Spuninst.exe utility to remove this security update.


 


More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-019.mspx 


 


******************************************************************


MS06-020


 


Title:  Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)


 


Executive Summary: This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.  We recommend that customers apply the update immediately.


 


Affected Software:


·         Microsoft Windows 2000 Service Pack 4


·         Microsoft Windows XP Service Pack 2


·         Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2


·         Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 and Microsoft Server 2003 Service Pack 2


·         Microsoft Windows Server 2003 x64 Edition with Service Pack 1 and Microsoft Windows Server 2003 x64 Edition with Service Pack 2


·         Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems


 


Non-Affected Software:


·         Windows Vista


·         Windows Vista x64 Edition


 


Impact of Vulnerability: Remote Code Execution


 


Maximum Severity Rating: Critical


 


Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).


 


Removal Information: To remove this security update, use the Add or Remove Programs tool in Control Panel.  System administrators can also use the Spuninst.exe utility to remove this security update.


 


More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-020.mspx


 


******************************************************************


MS06-021


 


Title:  Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)


 


Executive Summary: This update resolves several newly discovered, privately and publicly disclosed vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.


 


Affected Software:


·         Microsoft Windows 2000 Service Pack 4


·         Microsoft Windows XP Service Pack 2


·         Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2


·         Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2


·         Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems


·         Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2


·         Windows Vista


·         Windows Vista x64 Edition


 


Impact of Vulnerability: Remote Code Execution


 


Maximum Severity Rating: Critical


 


Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).


 


Removal Information:


·         Windows 2000, Windows XP and Windows Server 2003: To remove this security update use the Add or Remove Programs tool in Control Panel.  System administrators can also use the Spuninst.exe utility to remove this security update.


·         Windows Vista: To remove this update, click Control Panel, click Security, then under Windows Update, click View installed updates and select from the list of updates.


 


More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-021.mspx


 


******************************************************************


MS06-022


 


Title:  Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)


 


Executive Summary: This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.  An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  We recommend that customers apply the update at the earliest opportunity.


 


Affected Software:


·         Microsoft Windows 2000 Service Pack 4


·         Microsoft Windows XP Service Pack 2


·         Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft 2003 Service Pack 2


 


Non-Affected Software:


·         Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2


·         Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2


·         Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 and SP2 for Itanium-based Systems


·         Windows Vista


·         Windows Vista x64 Edition


 


Impact of Vulnerability: Elevation of Privilege


 


Maximum Severity Rating: Important


 


Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).


 


Removal Information: To remove this security update, use the Add or Remove Programs tool in Control Panel.  System administrators can also use the Spuninst.exe utility to remove this security update.


 


More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-022.mspx


Skip to main content