June Security Release Alert

As part of Microsoft’s commitment to deliver security updates on a predictable and consistent monthly schedule, Microsoft released six new security bulletins on 12 June 2007.

Here is an overview of these new security bulletins:

Bulletin Number

Title

Maximum Severity Rating

Products Affected

MS07-030

Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)

Important

Visio 2002, 2003

MS07-031

Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)

Critical

Windows 2000, Windows XP, Windows Server 2003

MS07-032

Vulnerability in Windows Vista Could Allow Information Disclosure (931213)

Moderate

Windows Vista

MS07-033

Cumulative Security Update for Internet Explorer (933566)

Critical

All current versions Internet Explorer on all currently supported versions of Microsoft Windows

MS07-034

Cumulative Security Update for Outlook Express and Windows Mail (929123)

Critical

Outlook Express 6 on Windows XP and Windows Server 2003; Windows Mail on Windows Vista

MS07-035

Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)

Critical

Windows 2000, Windows XP, Windows Server 2003

You can find a more comprehensive bulletin summary at the Microsoft’s Security Update Archive: https://www.microsoft.com/technet/security/current.aspx. All recent updates are available for download at https://www.microsoft.com/security/.

Microsoft continues to urge all customers running Windows XP to update to the latest version of Windows XP, Windows XP Service Pack 2 with Advanced Security Technologies. More information is available at https://www.microsoft.com/security/. We also encourage customers to deploy Windows Server 2003 Service Pack 2 which provides customers with significant security enhancements and reliability and performance improvements. More information about Windows Server 2003 Service Pack 2 is available at https://www.microsoft.com/windowsserver2003/default.mspx.

Microsoft recommends that all customers sign up for Microsoft Update (MU) and enable its Automatic Updates functionality to receive all updates available this month and to help make their systems more secure. MU is a service offered at no charge that gives customers everything they get through Windows Update (WU), plus high priority updates for Office and other Microsoft applications. MU includes the Automatic Updates functionality already found in WU so users can choose to automatically install high-priority updates. Customers can sign up for MU by following the steps at: https://update.microsoft.com/microsoftupdate.

Additional Resources

Microsoft encourages system administrators to join the monthly technical webcast to learn more about this month’s security updates, the Malicious Software Removal Tool and the TechNet IT Pro Security Newsletter column on Principles of Patch Management:

Title: Information about Microsoft June Security Bulletins (Level 200)

When: Wednesday, June 13, 2007 11:00 AM Pacific Time (US & Canada)

URL: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327013