********************************************************************
Title: Microsoft Security Advisory Notification
Issued: December 30, 2008
********************************************************************
Security Advisories Updated or Released Today
==============================================
* Microsoft Security Advisory (961509)
- Title: Research proves feasibility of collision
attacks against MD5
- http://www.microsoft.com/technet/security/advisory/961509.mspx
- Revision Note: Advisory published
Showing posts with label Microsoft Security Bulletin. Show all posts
Showing posts with label Microsoft Security Bulletin. Show all posts
Tuesday, December 30, 2008
Wednesday, December 24, 2008
Microsoft announces SQL-injection Exploit
On Monday Microsoft warned that a security researcher had published an exploit for an un-patched flaw in the SQL database software.
SecurityOrb.com researchers published:
"The information could allow malicious attackers the ability to compromise Web sites that use Microsoft's software to serve up dynamic Web pages. The vulnerability affects older versions of the software, including Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine, Microsoft SQL Server 2000 Desktop Engine and Windows Internal Database, the company said in an advisory."
SecurityOrb.com researchers published:
"The information could allow malicious attackers the ability to compromise Web sites that use Microsoft's software to serve up dynamic Web pages. The vulnerability affects older versions of the software, including Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine, Microsoft SQL Server 2000 Desktop Engine and Windows Internal Database, the company said in an advisory."
Thursday, December 18, 2008
Microsoft Security Bulletin Minor Revisions
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: December 17, 2008
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-072 - Critical
* MS08-069 - Critical
Bulletin Information:
=====================
* MS08-072 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx
- Reason for Revision: V1.1 (December 17, 2008): Changed the
Microsoft Baseline Security Analyzer deployment summary to
"no" for Microsoft Office Word 2000 Service Pack 3 in the
Detection and Deployment Tools and Guidance section. Also,
revised the bulletins replaced by this update for Microsoft
Office Outlook 2007 and Microsoft Office Outlook 2007 Service
Pack 1 in the Affected Software table. There were no changes
to the security update binaries.
- Originally posted: December 9, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-069 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- Reason for Revision: V1.2 (December 17, 2008): Added log file
entries in the Security Update Deployment section Reference
table for Microsoft XML Core Services 6.0 when installed on
Windows Server 2003 Service Pack 1, Windows Server 2003
Service Pack 2, Windows Server 2003 x64 Edition, and Windows
Server 2003 x64 Edition Service Pack 2.
- Originally posted: November 11, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.2
Title: Microsoft Security Bulletin Minor Revisions
Issued: December 17, 2008
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-072 - Critical
* MS08-069 - Critical
Bulletin Information:
=====================
* MS08-072 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx
- Reason for Revision: V1.1 (December 17, 2008): Changed the
Microsoft Baseline Security Analyzer deployment summary to
"no" for Microsoft Office Word 2000 Service Pack 3 in the
Detection and Deployment Tools and Guidance section. Also,
revised the bulletins replaced by this update for Microsoft
Office Outlook 2007 and Microsoft Office Outlook 2007 Service
Pack 1 in the Affected Software table. There were no changes
to the security update binaries.
- Originally posted: December 9, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-069 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- Reason for Revision: V1.2 (December 17, 2008): Added log file
entries in the Security Update Deployment section Reference
table for Microsoft XML Core Services 6.0 when installed on
Windows Server 2003 Service Pack 1, Windows Server 2003
Service Pack 2, Windows Server 2003 x64 Edition, and Windows
Server 2003 x64 Edition Service Pack 2.
- Originally posted: November 11, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.2
Microsoft Security Bulletin Minor Revisions
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: December 17, 2008
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-072 - Critical
* MS08-069 - Critical
Bulletin Information:
=====================
* MS08-072 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx
- Reason for Revision: V1.1 (December 17, 2008): Changed the
Microsoft Baseline Security Analyzer deployment summary to
"no" for Microsoft Office Word 2000 Service Pack 3 in the
Detection and Deployment Tools and Guidance section. Also,
revised the bulletins replaced by this update for Microsoft
Office Outlook 2007 and Microsoft Office Outlook 2007 Service
Pack 1 in the Affected Software table. There were no changes
to the security update binaries.
- Originally posted: December 9, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-069 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- Reason for Revision: V1.2 (December 17, 2008): Added log file
entries in the Security Update Deployment section Reference
table for Microsoft XML Core Services 6.0 when installed on
Windows Server 2003 Service Pack 1, Windows Server 2003
Service Pack 2, Windows Server 2003 x64 Edition, and Windows
Server 2003 x64 Edition Service Pack 2.
- Originally posted: November 11, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.2
Title: Microsoft Security Bulletin Minor Revisions
Issued: December 17, 2008
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-072 - Critical
* MS08-069 - Critical
Bulletin Information:
=====================
* MS08-072 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx
- Reason for Revision: V1.1 (December 17, 2008): Changed the
Microsoft Baseline Security Analyzer deployment summary to
"no" for Microsoft Office Word 2000 Service Pack 3 in the
Detection and Deployment Tools and Guidance section. Also,
revised the bulletins replaced by this update for Microsoft
Office Outlook 2007 and Microsoft Office Outlook 2007 Service
Pack 1 in the Affected Software table. There were no changes
to the security update binaries.
- Originally posted: December 9, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-069 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- Reason for Revision: V1.2 (December 17, 2008): Added log file
entries in the Security Update Deployment section Reference
table for Microsoft XML Core Services 6.0 when installed on
Windows Server 2003 Service Pack 1, Windows Server 2003
Service Pack 2, Windows Server 2003 x64 Edition, and Windows
Server 2003 x64 Edition Service Pack 2.
- Originally posted: November 11, 2008
- Updated: December 17, 2008
- Bulletin Severity Rating: Critical
- Version: 1.2
Wednesday, December 10, 2008
Microsoft Security Advisory (960906)
Microsoft Security Advisory (960906)
Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
Published: December 9, 2008
Microsoft is investigating new reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Windows XP Service Pack 3, Windows Vista, and Windows Server 2008 are not affected as these operating systems do not contain the vulnerable code.
Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. Additionally, as the issue has not been publicly disclosed broadly, we believe the risk at this time to be limited.
We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.
Customers who believe that they have been attacked can obtain security support at Get security support and should contact the national law enforcement agency in their country. Customers in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-PCSAFETY. Additionally, customers in the United States should contact their local FBI office or report their situation at Internet Crime Complaint Center.
Microsoft continues to encourage customers to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additional information can be found at Security at home.
Mitigating Factors:
•
This issue does not affect Windows XP Service Pack 3, Windows Vista, and Windows Server 2008.
•
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
•
The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must open an attachment that is sent in an e-mail message.
•
When Microsoft Office Word is installed, Word 97 documents are by default opened using Microsoft Office Word, which is not affected by this vulnerability. However, an attacker could rename a malicious file to have a Windows Write (.wri) extension, which would still invoke WordPad. This file type can be blocked at the Internet perimeter.
Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
Published: December 9, 2008
Microsoft is investigating new reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Windows XP Service Pack 3, Windows Vista, and Windows Server 2008 are not affected as these operating systems do not contain the vulnerable code.
Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. Additionally, as the issue has not been publicly disclosed broadly, we believe the risk at this time to be limited.
We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.
Customers who believe that they have been attacked can obtain security support at Get security support and should contact the national law enforcement agency in their country. Customers in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-PCSAFETY. Additionally, customers in the United States should contact their local FBI office or report their situation at Internet Crime Complaint Center.
Microsoft continues to encourage customers to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additional information can be found at Security at home.
Mitigating Factors:
•
This issue does not affect Windows XP Service Pack 3, Windows Vista, and Windows Server 2008.
•
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
•
The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must open an attachment that is sent in an e-mail message.
•
When Microsoft Office Word is installed, Word 97 documents are by default opened using Microsoft Office Word, which is not affected by this vulnerability. However, an attacker could rename a malicious file to have a Windows Write (.wri) extension, which would still invoke WordPad. This file type can be blocked at the Internet perimeter.
Microsoft Security Bulletin Major RevisionsIssued: December 9, 2008
********************************************************************
Title:
********************************************************************
Summary=======
The following bulletins have undergone a major revision increment.Please see the appropriate bulletin for more details.
* MS08-052 - Critical
Bulletin Information:=====================
* MS08-052 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-052.mspx - Reason for Revision: V3.0 (December 9, 2008): Added Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1, Microsoft Expression Web and Microsoft Expression Web 2, and Microsoft Office Groove Server 2007 as Affected Software. Also detailed a detection change for Microsoft SQL Server 2005 Service Pack 2 in the "Why was this bulletin revised on December 9, 2008?" entry in the Frequently Asked Questions (FAQ) Related to this Security Update section. - Originally posted: September 9, 2008 - Updated: December 9, 2008 - Bulletin Severity Rating: Critical - Version: 3.0
Title:
********************************************************************
Summary=======
The following bulletins have undergone a major revision increment.Please see the appropriate bulletin for more details.
* MS08-052 - Critical
Bulletin Information:=====================
* MS08-052 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-052.mspx - Reason for Revision: V3.0 (December 9, 2008): Added Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1, Microsoft Expression Web and Microsoft Expression Web 2, and Microsoft Office Groove Server 2007 as Affected Software. Also detailed a detection change for Microsoft SQL Server 2005 Service Pack 2 in the "Why was this bulletin revised on December 9, 2008?" entry in the Frequently Asked Questions (FAQ) Related to this Security Update section. - Originally posted: September 9, 2008 - Updated: December 9, 2008 - Bulletin Severity Rating: Critical - Version: 3.0
Friday, May 9, 2008
Microsoft Security Bulletin Advance Notification for May 2008
********************************************************************
Microsoft Security Bulletin Advance Notification for May 2008
Issued: May 8, 2008
********************************************************************
This is an advance notification of security bulletins that
Microsoft is intending to release on May 13, 2008.
The full version of the Microsoft Security Bulletin Advance
Notification for May 2008 can be found at
http://www.microsoft.com/technet/security/bulletin/ms08-may.mspx.
This bulletin advance notification will be replaced with the
May bulletin summary on May 13, 2008. For more information
about the bulletin advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.
To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.
Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, May 14, 2008,
at 11:00 AM Pacific Time (US & Canada). Register for the May
Security Bulletin Webcast at
http://www.microsoft.com /technet/security/bulletin/summary.mspx.
Microsoft also provides information to help customers prioritize
monthly security updates with any non-security, high-priority
updates that are being released on the same day as the monthly
security updates. Please see the section, Other Information.
This advance notification provides the software subject as the
bulletin identifier, because the official Microsoft Security
Bulletin numbers are not issued until release. The bulletin summary
that replaces this advance notification will have the proper
Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the
bulletin identifier. The security bulletins for this month are as
follows, in order of severity:
Critical Security Bulletins
===========================
Word Bulletin
- Affected Software:
- Microsoft Word 2000 Service Pack 3
- Microsoft Word 2002 Service Pack 3
- Microsoft Word 2003 Service Pack 2
- Microsoft Word 2003 Service Pack 3
- Microsoft Word 2007
- Microsoft Outlook 2007
- Microsoft Word 2007 Service Pack 1
- Microsoft Outlook 2007 Service Pack 1
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Word Viewer 2003
- Microsoft Word Viewer 2003 Service Pack 3
- Microsoft Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats
- Microsoft Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0
Publisher Bulletin
- Affected Software:
- Microsoft Publisher 2000 Service Pack 3
- Microsoft Publisher 2002 Service Pack 3
- Microsoft Publisher 2003 Service Pack 2
- Microsoft Publisher 2003 Service Pack 3
- Microsoft Publisher 2007
- Microsoft Publisher 2007 Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0
Jet Bulletin
- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003 Service Pack 1
- Windows Server 2003 x64 Edition
- Windows Server 2003 with SP1 for Itanium-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
Moderate Security Bulletins
============================
Security Software Bulletin
- Affected Software:
- Windows Live OneCare
- Microsoft Antigen for Exchange
- Microsoft Antigen for SMTP Gateway
- Microsoft Windows Defender
- Microsoft Forefront Client Security
- Microsoft Forefront Security for Exchange Server
- Microsoft Forefront Security for SharePoint
- Standalone System Sweeper located in Diagnostics and Recovery
Toolset 6.0
- Impact: Denial of Service
- Version Number: 1.0
Other Information
=================
Microsoft Windows Malicious Software Removal Tool:
==================================================
Microsoft will release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services, and the Download Center.
Non-Security, High-Priority Updates on MU, WU, and WSUS:
========================================================
Please see:
* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
Article 894199, Description of Software Update Services and
Windows Server Update Services changes in content for 2008.
Includes all Windows content.
* http://technet.microsoft.com/en-us/wsus/bb466214.aspx: New,
Revised, and Released Updates for Microsoft Products Other Than
Microsoft Windows
Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.
The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.
To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.
********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************
Microsoft Security Bulletin Advance Notification for May 2008
Issued: May 8, 2008
********************************************************************
This is an advance notification of security bulletins that
Microsoft is intending to release on May 13, 2008.
The full version of the Microsoft Security Bulletin Advance
Notification for May 2008 can be found at
http://www.microsoft.com/technet/security/bulletin/ms08-may.mspx.
This bulletin advance notification will be replaced with the
May bulletin summary on May 13, 2008. For more information
about the bulletin advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.
To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.
Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, May 14, 2008,
at 11:00 AM Pacific Time (US & Canada). Register for the May
Security Bulletin Webcast at
http://www.microsoft.com /technet/security/bulletin/summary.mspx.
Microsoft also provides information to help customers prioritize
monthly security updates with any non-security, high-priority
updates that are being released on the same day as the monthly
security updates. Please see the section, Other Information.
This advance notification provides the software subject as the
bulletin identifier, because the official Microsoft Security
Bulletin numbers are not issued until release. The bulletin summary
that replaces this advance notification will have the proper
Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the
bulletin identifier. The security bulletins for this month are as
follows, in order of severity:
Critical Security Bulletins
===========================
Word Bulletin
- Affected Software:
- Microsoft Word 2000 Service Pack 3
- Microsoft Word 2002 Service Pack 3
- Microsoft Word 2003 Service Pack 2
- Microsoft Word 2003 Service Pack 3
- Microsoft Word 2007
- Microsoft Outlook 2007
- Microsoft Word 2007 Service Pack 1
- Microsoft Outlook 2007 Service Pack 1
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Word Viewer 2003
- Microsoft Word Viewer 2003 Service Pack 3
- Microsoft Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats
- Microsoft Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0
Publisher Bulletin
- Affected Software:
- Microsoft Publisher 2000 Service Pack 3
- Microsoft Publisher 2002 Service Pack 3
- Microsoft Publisher 2003 Service Pack 2
- Microsoft Publisher 2003 Service Pack 3
- Microsoft Publisher 2007
- Microsoft Publisher 2007 Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0
Jet Bulletin
- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003 Service Pack 1
- Windows Server 2003 x64 Edition
- Windows Server 2003 with SP1 for Itanium-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
Moderate Security Bulletins
============================
Security Software Bulletin
- Affected Software:
- Windows Live OneCare
- Microsoft Antigen for Exchange
- Microsoft Antigen for SMTP Gateway
- Microsoft Windows Defender
- Microsoft Forefront Client Security
- Microsoft Forefront Security for Exchange Server
- Microsoft Forefront Security for SharePoint
- Standalone System Sweeper located in Diagnostics and Recovery
Toolset 6.0
- Impact: Denial of Service
- Version Number: 1.0
Other Information
=================
Microsoft Windows Malicious Software Removal Tool:
==================================================
Microsoft will release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services, and the Download Center.
Non-Security, High-Priority Updates on MU, WU, and WSUS:
========================================================
Please see:
* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
Article 894199, Description of Software Update Services and
Windows Server Update Services changes in content for 2008.
Includes all Windows content.
* http://technet.microsoft.com/en-us/wsus/bb466214.aspx: New,
Revised, and Released Updates for Microsoft Products Other Than
Microsoft Windows
Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.
The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.
To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.
********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************
Subscribe to:
Posts (Atom)
Posts
