Security Bulletin: January 2007

  • Article

Hi folks,

Well it's that time again! Time for another round of Security Updates. Please review the bulletin below and apply to your environement where necessary.

As part of Microsoft’s commitment to deliver security updates on a predictable and consistent monthly schedule, Microsoft released four security bulletins today, 09 January 2007. Here is an overview of these new security bulletins:

Bulletin Number

Title

Maximum Severity

Products Affected

MS07-001

Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker That Could Allow Remote Code Execution (921585)

Important

Office 2003, Project 2003, Visio 2003

MS07-002

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)

Critical

Excel 2000, 2002, 2003, Excel for Mac

MS07-003

Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)

Critical

Outlook 2000, 2002, 2003

MS07-004

Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)

Critical

Windows 2000, XP, 2003

All recent updates are available for download at here:

Summaries for these new bulletins may be found at the following here:

Microsoft continues to urge all customers to update to the latest version of Windows XP, Windows XP Service Pack 2 with Advanced Security Technologies. More information is available at https://www.microsoft.com/security/. We also encourage customers to deploy Windows Server 2003 Service Pack 1 which provides customers with significant security enhancements and reliability and performance improvements. More information about Windows Server 2003 Service Pack 1 is available at https://www.microsoft.com/technet/downloads/winsrvr/servicepacks/sp1/.

Microsoft recommends that all customers sign up for Microsoft Update (MU) and enable its Automatic Updates functionality to receive all updates available this month and to help make their systems more secure. MU is a service offered at no charge that gives customers everything they get through Windows Update (WU), plus high priority updates for Office and other Microsoft applications. MU includes the Automatic Updates functionality already found in WU so users can choose to automatically install high-priority updates. Customers can sign up for MU by following the steps at: https://update.microsoft.com/microsoftupdate.

Additional Resources

Microsoft encourages system administrators to join the monthly technical webcast to learn more about this month’s security updates, the Malicious Software Removal Tool and the TechNet IT Pro Security Newsletter column on Principles of Patch Management.

 

The webcast is scheduled for Wednesday, January 10th, 2006 at 11:00 AM PDT. Registration is available here:

 

Cheers, Jeffa