2 Replies Latest reply on Nov 15, 2007 9:26 AM by HarryWaldron

    Microsoft Security Bulletins - November 2007

      MS07-061 is a "patch now" vulnerability with active in-the-wild exploits :eek:

      So far, so good on my 2 systems at work :)

      Microsoft Security Bulletins - November 2007
      https://www.microsoft.com/technet/security/bulletin/ms07-nov.mspx

      Microsoft is releasing the following two new security bulletins for newly discovered vulnerabilities:

      Bulletin Number: MS07-061 (Windows Shell vulnerabilities)
      http://www.microsoft.com/technet/security/Bulletin/MS07-061.mspx

      Maximum Severity: Critical
      Affected Products: Windows XP, Windows Server 2003
      Impact: Remote Code Execution

      Bulletin Number: MS07-062 (DNS spoofing vulnerabilities)
      http://www.microsoft.com/technet/security/Bulletin/MS07-062.mspx

      Maximum Severity: Important
      Affected Products: Windows 2000, Windows Server 2003
      Impact: Spoofing
        • 1. RE: Microsoft Security Bulletins - November 2007
          Just a note: " MS07-062 (DNS spoofing vulnerabilities) " is NOT for Windows 2000 PRO.. It's for Windows 2000 SERVER and Windows 2003 SERVER versions ONLY.

          None of the Security Bulletins were related to Windows 2000 except for the "Malicious Software Removal Tool" and only one was related to Windows XP. (MS07-061 (Windows Shell vulnerabilities)).. As such, the lighter Windows/Office update load allowed me to spend some time updating other program vulnerability issues which have recently come to light.. For those that have a little extra time, it might be worth checking some of the common programs below.:

          1. Adobe Reader is now version 8.11

          2. Quicktime Player is now version 7.3 on XP and later.

          3. Real Player can be updated to the newest version or simply patched for a vulnerability.

          4. Update Firefox to the newest 2.0.09 version.

          5. Make sure all installed antispyware programs are current and up to date.

          6. HOSTS files have been updated recently.

          7. Sun Java has new versions as well.

          Hope this helps.

          Grif
          • 2. Thanks Grif - EXCELLENT Advice
            Grif shares some wise advice of staying up-to-date on all products beyond just the Microsoft updates. If the bad guys can find any way into a vulnerable system, they will do so.