Une 2006 Microsoft Security Response Center Bulletin Release

[Dr.Melzer 191]

Folgende Meldung ist heute morgen eingetroffen:

 

What is this alert?

 

As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers on the number of new security updates being released, the products affected, the aggregate maximum severity and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.

 

In addition, to help customers prioritize monthly security updates with any non-security updates released on Microsoft Update, Windows Update, Windows Server Update Services and Software Update Services on the same day as the monthly security bulletins, we also provide:

 

* Information about the release of updated versions of the Microsoft Windows Malicious Software Removal Tool.

 

* Information about the release of NON-SECURITY, High Priority updates on Microsoft Update (MU), Windows Update (WU), Windows Server Update Services (WSUS) and Software Update Services (SUS).

 

Note that this information will pertain ONLY to updates on Microsoft Update, Windows Update, Windows Server Update Services and Software Update Services and only about High Priority, non-security updates being released on the same day as security updates. Information will NOT be provided about Non-security updates released on other days.

 

On 13 June 2006 Microsoft is planning to release:

 

=================================================

Security Updates

=================================================

 

* Nine Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Some of these updates will require a restart.

 

Note that, as discussed in Microsoft Security Bulletin MS06-013, with the release of one of these bulletins, support for the compatibility patch discussed in Microsoft Knowledge Base Article 917425 will cease.

 

This means that all users who apply this security update will receive the ActiveX update discussed in Microsoft Knowledge Base Article 912945 regardless of whether or not they have applied the compatibility patch discussed in Microsoft Knowledge Base Article 917425.

 

Administrators are encouraged to review the following articles prior to release and take appropriate steps for their environment:

 

- Microsoft Security Advisory 912945 - Non-Security Update for Internet Explorer:

http://www.microsoft.com/technet/security/advisory/912945.mspx

 

- Microsoft Knowledge Base Article 912945:

http://support.microsoft.com/kb/912945'>http://support.microsoft.com/kb/912945

(German: http://support.microsoft.com/kb/912945)

 

- Microsoft Knowledge Base Article 917425:

http://support.microsoft.com/kb/917425

(German: http://support.microsoft.com/kb/917425/de)

 

- Information for Developers about Internet Explorer:

http://msdn.microsoft.com/ieupdate

 

* One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.

 

Note that this update will include the functionality change discussed in Microsoft Knowledge Base Article 912918. Administrators are urged to review this Knowledge Base article prior to release and take steps appropriate for their environment.

 

* Two Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.

[Dr.Melzer 191]

=================================================

Microsoft Windows Malicious Software Removal Tool =================================================

 

* Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

 

Note that this tool will NOT be distributed using Software Update Services (SUS).

 

=================================================

Non-security High Priority updates on MU, WU, WSUS and SUS =================================================

 

* Microsoft will release 1 NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).

 

* Microsoft will release two NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

 

=================================================

Disclaimer and Webcast Information

=================================================

 

Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.

 

Microsoft will host a webcast next week to address customer questions on these bulletins. For more information on this webcast please see below:

 

* TechNet Webcast: Information about Microsoft's Security Bulletins (Level 100)

* Wednesday, 14 June 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)

* http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032297371&EventCategory=4&culture=en-US&CountryCode=US

 

At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 13 June 2006.

 

Thank you,

Microsoft PSS Security Team