Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > June 2006 > Microsoft Security Bulletin Advanced Notification

June 2006

Microsoft Security Bulletin Advanced Notification

ID: 00403
Ref: 392/06
Date: 09 June 2006:15:20:43
Version: 1
Title: Microsoft Security Bulletin Advanced Notification
Abstract: Advance notification of nine Microsoft Security Bulletins affecting Microsoft Windows.
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

********************************************************************
Title: Microsoft Security Bulletin Advanced Notification
Issued: June 08, 2006
********************************************************************

Summary
=======

On 13 June 2006 Microsoft is planning to release:

Security Updates

. Nine Microsoft Security Bulletins affecting Microsoft Windows. The
highest Maximum Severity rating for these is Critical. These updates
will be detectable using the Microsoft Baseline Security Analyzer and
the Enterprise Scan Tool. Some of these updates will require a
restart.

Note that, as discussed in Microsoft Security Bulletin MS06-013, with
the release of one of these bulletins, support for the compatibility
patch discussed in Microsoft Knowledge Base Article 917425 will
cease.

This means that all users who apply this security update will receive
the ActiveX update discussed in Microsoft Knowledge Base Article
912945 regardless of whether or not they have applied the
compatibility patch discussed in Microsoft Knowledge Base Article
917425.

Administrators are encouraged to review the following articles prior
to release and take appropriate steps for their environment:

- Microsoft Security Advisory 912945 - Non-Security Update for
Internet Explorer:
http://www.microsoft.com/technet/security/advisory/912945.mspx

- Microsoft Knowledge Base Article 912945:
http://support.microsoft.com/kb/912945

- Microsoft Knowledge Base Article 917425:
http://support.microsoft.com/kb/917425

- Information for Developers about Internet Explorer:
http://msdn.microsoft.com/ieupdate

. One Microsoft Security Bulletin affecting Microsoft Exchange. The
highest Maximum Severity rating for this is Important. These updates
will be detectable using the Microsoft Baseline Security Analyzer.
These updates may require a restart.

Note that this update will include the functionality change discussed
in Microsoft Knowledge Base Article 912918. Administrators are urged
to review this Knowledge Base article prior to release and take steps
appropriate for their environment.

. Two Microsoft Security Bulletins affecting Microsoft Office. The
highest Maximum Severity rating for these is Critical. These updates
will be detectable using the Microsoft Baseline Security Analyzer.
These updates may require a restart.


Microsoft Windows Malicious Software Removal Tool

. Microsoft will release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update
Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

. Microsoft will release 1 NON-SECURITY High-Priority Updates for
Windows on Windows Update (WU) and Software Update Services (SUS).

. Microsoft will release two NON-SECURITY High-Priority Updates on
Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins,
products affected, restart information and severities are subject to
change until released.

Microsoft will host a webcast next week to address customer questions
on these bulletins. For more information on this webcast please see
below:
. TechNet Webcast: Information about Microsoft's Security Bulletins
(Level 100)
. Wednesday, 14 June 2006 11:00 AM (GMT-08:00) Pacific Time (US &
Canada)
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=103
2297371&EventCategory=4&culture=en-US&CountryCode=US

At this time no additional information on these bulletins such as
details regarding severity or details regarding the vulnerability
will be made available until 13 June 2006.
********************************************************************

Support:
========
Technical support is available from Microsoft Product Support
Services at 1-866-PC SAFETY (1-866-727-2338). There is no
charge for support calls associated with security updates.
International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
valuable information to help you protect your network. This
newsletter provides practical security tips, topical security
guidance, useful resources and links, pointers to helpful
community resources, and a forum for you to provide feedback
and ask security-related questions.
You can sign up for the newsletter at:

http://www.microsoft.com/technet/security/secnews/default.mspx

* Protect your PC: Microsoft has provided information on how you
can help protect your PC at the following locations:

http://www.microsoft.com/security/protect/

If you receive an e-mail that claims to be distributing a
Microsoft security update, it is a hoax that may be distributing a
virus. Microsoft does not distribute security updates via e-mail.
You can learn more about Microsoft's software distribution
policies here:

http://www.microsoft.com/technet/security/topics/policy/swdist.mspx


********************************************************************
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBRIhohBCvwTv3q93mAQL/OQ//effoS4jdbjLt7id/EIxHEmB5fQFhjCeH
my35mBkzmRbTlc7QKENE1Dpp7kbC61vZwG4NpCneC5nMtZiq2phgL1XRt0ApSKfN
0ZTz+xqdp4hiLCv0o5ZZqNQoxZdHJrN8STa0jl9lliek6M7pMtM7lFSdnkVZMeKA
qOOaM1oyn3N9tgaPvQgBCLyJWgtNDoi4DTvT9hdpHbK+oErQIrdRKD/gjzZVQpUs
kCU5xkhjIwzUTeQ+w82WxC0Z20B1sWINL5J0HMXnubqOaY0eK235DIIgebv3ABWp
h75PlqSRmPqYNfch3mbOIqWji4YDWOV1NbCE9crWby4gmSwehp+sccpNJwjPMOVC
JSrNhbtLH++W5xawXniCi2T0YtT0WT/hrB6Gmp9Pkhl2InFHd0c21Fcbu8AQT16I
y4VAbTAKq8mSaWWSHAxev98J100QfnOAvmZGX1N5JIlKD1ZT+8Ebotjieii2XuOq
rzaoZ/7WCxAUt2SS1qaKZeQ/9/4wSe0t9ZzlsUHjfD+9Z1+sRtWYr907lcVddB4B
nDkA3Oh9ebvAKpViM/gi5S6WuUekm7IL+CYovg7gc1a6dKsc+52yjHQLFAxCb7Kl
YFD/nhd89ik8fzQN1qDUr0coUCaed1FdhP2JB/VxK/zfF8OcdOJDBhyYe0rVJkEk
kG5HfF7DKg8=
=CHTN
-----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |