April 2007 Security Bulletins

This alert is to provide you with an overview of the new Security Bulletin being released on 10 April 2007.

New Security Bulletins

Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:

Bulletin Number

Maximum Severity

Affected Products

Impact

MS07-018

Critical

Content Management Server 2001 and Content Management Server 2002

Remote Code Execution

MS07-019

Critical

Windows XP

Remote Code Execution

MS07-020

Critical

Windows 2000, Windows XP, Windows Server 2003

Remote Code Execution

MS07-021

Critical

All current versions of Microsoft Windows

Remote Code Execution

MS07-022

Important

Windows 2000, Windows XP, Windows Server 2003

Elevation of Privilege

Summaries for these new bulletins may be found at the following pages:

http://www.microsoft.com/technet/security/bulletin/ms07-Apr.mspx

Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here:

http://go.microsoft.com/fwlink/?LinkId=40573

High-Priority Non-Security Updates on Microsoft Update (MU), Windows Update (WU), Windows Server Update Services (WSUS) and Software Update Services (SUS)

Microsoft is also releasing High-Priority NON-SECURITY updates today on WU, MU, SUS and WSUS. For complete details on non-security updates being released today please review the following KB Article:

http://support.microsoft.com/?id=894199

TechNet Webcast: Information about Microsoft April 2007 Security Bulletins (Level 200)

Wednesday, April, 11, 2007 at 11:00 AM PDT

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327017

The on-demand version of the Webcast will be available 24 hours after the live Webcast at:

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032327017

******************************************************************

Security Bulletin Details

MS06-018

Title:   Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)

Executive Summary: This update resolves two newly discovered, privately reported vulnerabilities. Each vulnerability is documented in the "Vulnerability Details" section of this bulletin. We recommend that customers apply the update immediately.

Affected Software:

· Microsoft Content Management Server 2001 Service Pack 1

· Microsoft Content Management Server 2002 Service Pack 2

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart requirement: To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).

Removal Information: After you install the update, you cannot remove it. To revert to an installation before the update was installed; you must remove the application, and then install it again from the original CD-ROM.

More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-018.mspx

******************************************************************

MS06-019

Title:   Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)

Executive Summary: This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. We recommend that customers apply the update immediately.

Affected Software:

· Microsoft Windows XP Service Pack 2

· Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2

 

Non-Affected Software:

· Microsoft Windows 2000 Service Pack 4

· Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2

· Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems

· Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2

· Windows Vista

· Windows Vista x64 Edition

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).

Removal Information: To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-019.mspx

******************************************************************

MS06-020

Title:   Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)

Executive Summary: This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. We recommend that customers apply the update immediately.

Affected Software:

· Microsoft Windows 2000 Service Pack 4

· Microsoft Windows XP Service Pack 2

· Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2

· Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 and Microsoft Server 2003 Service Pack 2

· Microsoft Windows Server 2003 x64 Edition with Service Pack 1 and Microsoft Windows Server 2003 x64 Edition with Service Pack 2

· Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems

 

Non-Affected Software:

· Windows Vista

· Windows Vista x64 Edition

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).

Removal Information: To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-020.mspx

******************************************************************

MS06-021

Title:   Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)

Executive Summary: This update resolves several newly discovered, privately and publicly disclosed vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.

Affected Software:

· Microsoft Windows 2000 Service Pack 4

· Microsoft Windows XP Service Pack 2

· Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2

· Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2

· Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems

· Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2

· Windows Vista

· Windows Vista x64 Edition

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).

Removal Information:

· Windows 2000, Windows XP and Windows Server 2003: To remove this security update use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

· Windows Vista: To remove this update, click Control Panel, click Security, then under Windows Update, click View installed updates and select from the list of updates.

More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-021.mspx

******************************************************************

MS06-022

Title:   Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)

Executive Summary: This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update at the earliest opportunity.

Affected Software:

· Microsoft Windows 2000 Service Pack 4

· Microsoft Windows XP Service Pack 2

· Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft 2003 Service Pack 2

Non-Affected Software:

· Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2

· Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2

· Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 and SP2 for Itanium-based Systems

· Windows Vista

· Windows Vista x64 Edition

Impact of Vulnerability: Elevation of Privilege

Maximum Severity Rating: Important

Restart Requirement: You must restart your system after you apply this security update. For more information about the reasons why you may be prompted to restart your computer, see Microsoft Knowledge Base Article 887012 (http://support.microsoft.com/kb/887012).

Removal Information: To remove this security update, use the Add or Remove Programs tool in Control Panel. System administrators can also use the Spuninst.exe utility to remove this security update.

More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS07-022.mspx