Security Bulletin: January 2007
Hi folks,
Well it's that time again! Time for another round of Security Updates. Please review the bulletin below and apply to your environement where necessary.
As part of Microsoft’s commitment to deliver security updates on a predictable and consistent monthly schedule, Microsoft released four security bulletins today, 09 January 2007. Here is an overview of these new security bulletins:
Bulletin Number |
Title |
Maximum Severity |
Products Affected |
MS07-001 |
Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker That Could Allow Remote Code Execution (921585) |
Important |
Office 2003, Project 2003, Visio 2003 |
MS07-002 |
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198) |
Critical |
Excel 2000, 2002, 2003, Excel for Mac |
MS07-003 |
Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938) |
Critical |
Outlook 2000, 2002, 2003 |
MS07-004 |
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969) |
Critical |
Windows 2000, XP, 2003 |
All recent updates are available for download at here:
Summaries for these new bulletins may be found at the following here:
Microsoft continues to urge all customers to update to the latest version of Windows XP, Windows XP Service Pack 2 with Advanced Security Technologies. More information is available at https://www.microsoft.com/security/. We also encourage customers to deploy Windows Server 2003 Service Pack 1 which provides customers with significant security enhancements and reliability and performance improvements. More information about Windows Server 2003 Service Pack 1 is available at https://www.microsoft.com/technet/downloads/winsrvr/servicepacks/sp1/.
Microsoft recommends that all customers sign up for Microsoft Update (MU) and enable its Automatic Updates functionality to receive all updates available this month and to help make their systems more secure. MU is a service offered at no charge that gives customers everything they get through Windows Update (WU), plus high priority updates for Office and other Microsoft applications. MU includes the Automatic Updates functionality already found in WU so users can choose to automatically install high-priority updates. Customers can sign up for MU by following the steps at: https://update.microsoft.com/microsoftupdate.
Additional Resources
Microsoft encourages system administrators to join the monthly technical webcast to learn more about this month’s security updates, the Malicious Software Removal Tool and the TechNet IT Pro Security Newsletter column on Principles of Patch Management.
The webcast is scheduled for Wednesday, January 10th, 2006 at 11:00 AM PDT. Registration is available here:
Cheers, Jeffa