Microsoft Security Bulletin Summary for December 2007http://www.microsoft.com/technet/securi ... 7-dec.mspxCritical Security Bulletins (3)============================================================
MS07-064 Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)http://www.microsoft.com/technet/securi ... 7-064.mspx - Affected Software:
- DirectX 7.0 on Microsoft Windows 2000 Service Pack 4
- DirectX 8.1 on Microsoft Windows 2000 Service Pack 4
- DirectX 9.0* on Microsoft Windows 2000 Service Pack 4
- DirectX 9.0* on Windows XP Service Pack 2
- DirectX 9.0* on Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
- DirectX 9.0* on Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- DirectX 9.0* on Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
- DirectX 9.0* on Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
- DirectX 10.0 on Windows Vista
- DirectX 10.0 on Windows Vista x64 Edition
* The update for DirectX 9.0 also applies to DirectX 9.0b and DirectX 9.0c.
- Impact: Remote Code Execution
- Version 2.0 (January 23, 2008): Bulletin updated to reflect that the update for DirectX 9.0 also applies to DirectX 9.0b and DirectX 9.0c.
MS07-068 Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275)http://www.microsoft.com/technet/securi ... 7-068.mspx - Affected Software:
- Windows Media Format Runtime 7.1 on Microsoft Windows 2000 Service Pack 4 (KB941569)
- Windows Media Format Runtime 9 on Microsoft Windows 2000 Service Pack 4 (KB941569)
- Windows Media Format Runtime 9 on Windows XP Service Pack 2 (KB941569)
- Windows Media Format Runtime 9.5 on Windows XP Service Pack 2 (KB941569)
- Windows Media Format Runtime 9.5 on Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (KB941569)
- Windows Media Format Runtime 9.5 on Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (KB941569)
- Windows Media Format Runtime 9.5 on Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 (KB941569)
- Windows Media Format Runtime 9.5 x64 Edition on Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 (KB941569)
- Windows Media Format Runtime 9.5 x64 Edition on Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (KB941569)
- Windows Media Format Runtime 11 on Windows XP Service Pack 2 (KB941569)
- Windows Media Format Runtime 11 on Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (KB941569)
- Windows Media Format Runtime 11 on Windows Vista (KB941569)
- Windows Media Format Runtime 11 on Windows Vista x64 Edition (KB941569)
- Windows Media Services 9.1 on Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (KB944275)
- Windows Media Services 9.1 x64 Edition on Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 (KB944275)
- Impact: Remote Code Execution
- Version Number: Revision: V2.2 (August 20, 2008); Bulletin updated to change Windows Media Format Runtime 9 to a non-affected component for WinXP SP3.
MS07-069 Cumulative Security Update for Internet Explorer (942615)http://www.microsoft.com/technet/securi ... 7-069.mspx - Affected Software:
- Internet Explorer 5.01 Service Pack 4 on Microsoft Windows2000 Service Pack 4
- Internet Explorer 6 Service Pack 1 when installed on MicrosoftWindows 2000 Service Pack 4
- Internet Explorer 6 for Windows XP Service Pack 2
- Internet Explorer 6 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- Internet Explorer 6 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 for Windows XP Service Pack 2
- Internet Explorer 7 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- Internet Explorer 7 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 in Windows Vista
- Internet Explorer 7 in Windows Vista x64 Edition
- Impact: Remote Code Execution
- Version Number: 1.0
Important Security Bulletins (4)============================================================
MS07-063 Vulnerability in SMBv2 Could Allow Remote Code Execution (942624)http://www.microsoft.com/technet/securi ... 7-063.mspx - Affected Software:
- Windows Vista
- Windows Vista x64 Edition
- Impact: Remote Code Execution
- Version Number: 1.0
MS07-065 Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)http://www.microsoft.com/technet/securi ... 7-065.mspx - Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Impact: Remote Code Execution
- Version Number: 1.0
MS07-066 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)http://www.microsoft.com/technet/securi ... 7-066.mspx - Affected Software:
- Windows Vista
- Windows Vista x64 Edition
- Impact: Elevation of Privilege
- Version Number: 1.0
MS07-067 Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)http://www.microsoft.com/technet/securi ... 7-067.mspx - Affected Software:
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition
- Windows Server 2003 x64 Edition Service Pack 2
- Impact: Local Elevation of Privilege
- Version Number: 1.0
Other Information
=================Microsoft Windows Malicious Software Removal Tool:
==================================================Microsoft has released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
Note that this tool will not be distributed using Software Update Services (SUS).
Non-Security, High-Priority Updates on MU, WU, WSUS and SUS:
============================================================For this month:
* Microsoft has released three
non-security, high-priority updates
and Microsoft Office 2007 Service Pack 1 [emphasis added] on Microsoft Update (MU) and Windows Server Update Services (WSUS).
* Microsoft has released three
non-security, high-priority updates for Windows and Windows SharePoint Services 3.0 Service Pack 1 on Windows Update (WU) and WSUS.
Note that this information pertains only to
non-security, high-priority updates on Microsoft Update, Windows Update, Windows Server Update Services, and Software Update Services released on the same day as the Security Bulletin Summary. Information will
not be provided about
non-security updates released on other days.
© 2007 Microsoft Corporation. All rights reserved.
Login
Register
FAQ
Search
