Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2007-05-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Announcement for next week's Microsoft patches

Published: 2007-05-03
Last Updated: 2007-05-03 23:43:38 UTC
by Mike Poor (Version: 3)
0 comment(s)
Microsoft has issued the advance warning on patches coming out next week.  Looks like security and system admins will have their work cut out for them.  We have Two Critical for Windows, two critical for Office, one Critical for Exchange and one critical patch for CAPICOM and BizTalk.  Two non-security patches are scheduled for Microsoft Update (MU) and Windows Server Update Services (WSUS).

Here is a link to the announcement:

http://www.microsoft.com/technet/security/bulletin/advance.mspx


And an excerpt on the patches:

Security Updates
•   
Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
•   
Three Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
•   
One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
•   
One Microsoft Security Bulletin affecting CAPICOM and BizTalk. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
Microsoft Windows Malicious Software Removal Tool
•   
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update Services (SUS).
Non-security High Priority updates on MU, WU, WSUS and SUS
•   
Microsoft will release 1 NON-SECURITY High-Priority Update for Windows on Windows Update (WU) and Software Update Services (SUS).
•   
Microsoft will release 6 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS)


Mike Poor
Intelguardians
Keywords:
0 comment(s)

Update on Apple fix

Published: 2007-05-03
Last Updated: 2007-05-03 21:09:15 UTC
by Mike Poor (Version: 3)
0 comment(s)
A number of readers wrote in to let us know that we had reported two updates for Apple, one for the Quicktime bug, and another Security Update.  When users clicked on Software Update, they only got the Quicktime patch.  From the Apple webstie describing the security update, it is indicated that Security Update 2007-004 v1.1 is just an updated patch to 2007-004.  If  Apple OSX (client) users already had that patch installed, there was no need to install the new one.  Read the official verbiage below, and the update below that:

"Mac OS X 10 .4.9 (client) and Mac OS X Server 10.3.9 systems that have installed Security Update 2007-004 do not require Security Update 2007-004 v1.1. If the security update has not yet been installed on these systems, then they should be updated using Security Update 2007-004 v1.1."

From: http://docs.info.apple.com/article.html?artnum=305445


Update:

If you are running OSX Server 10.4.9, it is critical to apply the new 2007-004 v.1.1 as noted as Jeroen Peters points out, and as mentioned in the aboe Apple doc:

Description: Security Update 2007-004 applied an incorrect ftp configuration file for Mac OS X Server v10.4.9 systems. Users with ftp access, who would normally be restricted to certain directories, may be able to access directories outside the normal scope. This update addresses the issue by restoring the correct version of the ftp configuration file. This issue only affects Mac OS X Server v10.4.9 with Security Update 2007-004.

Thanks Jeroen!

Mike Poor
Intelguardians
Keywords:
0 comment(s)
Diary Archives