Microsoft Security Bulletin Advance Notification - April 2007

[Donna Buenaventura]

On Tuesday 3 April 2007 Microsoft is planning to release:

Security Updates
* One Microsoft Security Bulletin affecting Microsoft Windows. The highest
Maximum Severity rating for these is Critical. These updates will require a
restart. These updates will be detectable using the Microsoft Baseline
Security Analyzer.


Microsoft Windows Malicious Software Removal Tool
* Microsoft will not release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows
Server Update Services and the Download Center on Tuesday 3 April 2007.

Non-security High Priority updates on MU, WU, WSUS and SUS
* Microsoft will not release any NON-SECURITY High-Priority Updates for
Windows on Windows Update (WU) and Software Update Services (SUS) on Tuesday
3 April 2007.

* Microsoft will not release any NON-SECURITY High-Priority Updates on
Microsoft Update (MU) and Windows Server Update Services (WSUS) on Tuesday 3
April 2007.

http://www.microsoft.com/technet/security/bulletin/advance.mspx

--
Regards,

Donna Buenaventura
Windows Security MVP
w: http://cou.dozleng.com
b: http://msmvps.com/donna

 

[Ottmar Freudenberger]

On Tuesday 3 April 2007 Microsoft is planning to release:

Security Updates
* One Microsoft Security Bulletin affecting Microsoft Windows. The highest
Maximum Severity rating for these is Critical. These updates will require a
restart. These updates will be detectable using the Microsoft Baseline
Security Analyzer.

This will be a very, very important patch to be released out of the
normal Patch Day cycle. For more details see
http://www.microsoft.com/technet/security/advisory/935423.mspx
http://blogs.technet.com/msrc/archi...e-for-microsoft-security-advisory-935423.aspx
http://isc.sans.org/diary.html?storyid=2534 and
http://www.kb.cert.org/vuls/id/191609

Bye,
Freudi

 

[Rock]

On Tuesday 3 April 2007 Microsoft is planning to release:

Security Updates
* One Microsoft Security Bulletin affecting Microsoft Windows. The highest
Maximum Severity rating for these is Critical. These updates will require
a restart. These updates will be detectable using the Microsoft Baseline
Security Analyzer.


Microsoft Windows Malicious Software Removal Tool
* Microsoft will not release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services and the Download Center on Tuesday 3 April
2007.

Non-security High Priority updates on MU, WU, WSUS and SUS
* Microsoft will not release any NON-SECURITY High-Priority Updates for
Windows on Windows Update (WU) and Software Update Services (SUS) on
Tuesday 3 April 2007.

* Microsoft will not release any NON-SECURITY High-Priority Updates on
Microsoft Update (MU) and Windows Server Update Services (WSUS) on Tuesday
3 April 2007.

http://www.microsoft.com/technet/security/bulletin/advance.mspx

Shouldn't that be April 10th, the second Tuesday of the month?

 

[Ottmar Freudenberger]

Shouldn't that be April 10th, the second Tuesday of the month?

April 10th is/will be the regular Patch Day, while MS is going to
release a very, very important security update out of the normal
Patch Day cycle on April 3rd. That does *not* mean, that there won't
be any other updates to be released on April 10th.

http://blogs.technet.com/msrc/archi...e-for-microsoft-security-advisory-935423.aspx

| This update was previously scheduled for release as part of the
| April monthly release on April 10, 2007. Due to the increased risk
| to customers from these latest attacks, we were able to expedite
| our testing to ensure an update is ready for broad distribution
| sooner than April 10.

Bye,
Freudi

 

[Donna Buenaventura]

Maybe they change the plan because of Vulnerability in Windows Animated
Cursor
Handling -http://www.microsoft.com/technet/security/advisory/935423.mspx
I'm not sure though but the above security issue made Infocon turn Yellow -
http://isc.sans.org/diary.html

MS said "no additional information on these bulletins such as details
regarding severity or details regarding the vulnerability will be made
available until 3 April 2007." so the above is just a guess.


Donna

 

[Rock]

Maybe they change the plan because of Vulnerability in Windows Animated
Cursor
Handling -http://www.microsoft.com/technet/security/advisory/935423.mspx
I'm not sure though but the above security issue made Infocon turn
Yellow - http://isc.sans.org/diary.html

MS said "no additional information on these bulletins such as details
regarding severity or details regarding the vulnerability will be made
available until 3 April 2007." so the above is just a guess.


Donna

Ahh I see it's one of those non monthly releases. Thanks.

 

[PA Bear]

This will be a very, very important patch to be released out of the
normal Patch Day cycle. For more details see
http://www.microsoft.com/technet/security/advisory/935423.mspx
http://blogs.technet.com/msrc/archi...e-for-microsoft-security-advisory-935423.aspx
http://isc.sans.org/diary.html?storyid=2534 and
http://www.kb.cert.org/vuls/id/191609

We might /assume/ that
http://blogs.technet.com/msrc/archi...e-for-microsoft-security-advisory-935423.aspx
is related to this Security Bulletin Advanced Notification, but...

 

[Ottmar Freudenberger]

We might /assume/ that
http://blogs.technet.com/msrc/archi...e-for-microsoft-security-advisory-935423.aspx
is related to this Security Bulletin Advanced Notification, but...

.... we *know* that this will be the update to be released. Yes, indeed ;-)

| In light of these points, and based on customer feedback, we have
| been working around the clock to test this update and are currently
| planning to release the security update that addresses this issue on
| Tuesday April 3, 2007.
[...]
| This update was previously scheduled for release as part of the
| April monthly release on April 10, 2007. Due to the increased risk
| to customers from these latest attacks, we were able to expedite
| our testing to ensure an update is ready for broad distribution
| sooner than April 10.

Bye,
Freudi

 

[PA Bear]

I /swear/ that the content you quoted was *not* on the blog page when I read
it c. 0500 UTC, 02 Apr-07 (c. 10:00 PM Pacific Time, 01 Apr-07) and posted
my reply to this thread, nor did
http://www.microsoft.com/technet/security/bulletin/advance.mspx contain "On
Tuesday 3 April 2007 Microsoft is planning to release" and below when I
viewed the page around the same time.

/Mea culpa/. <w>
--
~Robear

We might /assume/ that
http://blogs.technet.com/msrc/archi...e-for-microsoft-security-advisory-935423.aspx
is related to this Security Bulletin Advanced Notification, but...

... we *know* that this will be the update to be released. Yes, indeed ;-)

In light of these points, and based on customer feedback, we have
been working around the clock to test this update and are currently
planning to release the security update that addresses this issue on
Tuesday April 3, 2007. [...]
This update was previously scheduled for release as part of the
April monthly release on April 10, 2007. Due to the increased risk
to customers from these latest attacks, we were able to expedite
our testing to ensure an update is ready for broad distribution
sooner than April 10.

Bye,
Freudi

 

[Ottmar Freudenberger]

I /swear/ that the content you quoted was *not* on the blog page when I read
it c. 0500 UTC, 02 Apr-07 (c. 10:00 PM Pacific Time, 01 Apr-07) and posted
my reply to this thread,

Well, are you accessing "the web" via a proxy server? That one may not
have had the actual version of the sit|de. I can only assure you, that
the content didn't change since at least 0245 UTC. Really. I did update
the info on my site at that time and informed some german languaged
newsgroups (ISC and US-CERT after-
wards by mail. Mark H from ISC replied on 0400 UTC that he has updated
the diary (which he really did, although this has been superseded without
further notice by an entry of Kevin dated 1245 UTC lately with the same
content, claiming to be Version 1 of the entry for whatever reason),
while US-CERT played dead man and still doesn't mention the announced
update "planned" to be released via WU/MU/AU some 13 hours or so from now.

nor did
http://www.microsoft.com/technet/security/bulletin/advance.mspx contain "On
Tuesday 3 April 2007 Microsoft is planning to release" and below when I
viewed the page around the same time.

See above. I've received the mail announcement of the Advance Notification
on 0142 UTC and it has been there on the web side too at that time (at
least an hour later when I "waked" up).

/Mea culpa/. <w>

Nothing to apologize for or feel sorry about. It's just strange. Remake
of "X-Files" anyone?

FWIW,
Freudi

 

[Smirnoff]

Well, are you accessing "the web" via a proxy server? That one may not
have had the actual version of the sit|de. I can only assure you, that
the content didn't change since at least 0245 UTC. Really. I did
update the info on my site at that time and informed some german
languaged newsgroups (ISC and
US-CERT after- wards by mail. Mark H from ISC replied on 0400 UTC
that he has updated the diary (which he really did, although this has
been superseded without further notice by an entry of Kevin dated
1245 UTC lately with the same content, claiming to be Version 1 of
the entry for whatever reason), while US-CERT played dead man and
still doesn't mention the announced update "planned" to be released
via WU/MU/AU some 13 hours or so from now.


See above. I've received the mail announcement of the Advance
Notification on 0142 UTC and it has been there on the web side too at
that time (at least an hour later when I "waked" up).


Nothing to apologize for or feel sorry about. It's just strange.
Remake of "X-Files" anyone?

FWIW,
Freudi

Have any critical updates been released today?
Have just checked MS Updates and nothing there for XP Pro SP2.

 

[Donna Buenaventura]

They plan to release today. Maybe not ready yet

 

[Ottmar Freudenberger]

Have any critical updates been released today?

Not yet. I'ld assume the update (only one is announced to be
released today out of the Patch Day cycle) to be availble via
AU/WU/MU at around 17:00 UTC (18:00 in your time zone).

Bye,
Freudi

 

[Pulse]

When is 17:00 UTC in UK's British Summer time which we entered last weekend?
i.e.GMT + 1hour.

Thanks

 

[Smirnoff]

Not yet. I'ld assume the update (only one is announced to be
released today out of the Patch Day cycle) to be availble via
AU/WU/MU at around 17:00 UTC (18:00 in your time zone).

Bye,
Freudi

I see, thanks

 

[PA Bear]

Donna and some others saw the same contents that I did, Freudi. I suppose
it was a replication issue.

Best regards,

 

[Pulse]

moot question as update out and in-stalled

B

Donna and some others saw the same contents that I did, Freudi. I suppose
it was a replication issue.

Best regards,

 

[Ottmar Freudenberger]

Donna and some others saw the same contents that I did, Freudi.

Strange. Both of you aren't using a proxy, right?

I suppose it was a replication issue.

Although I have some difficulties in understanding what exactly you
mean here (issue on the server or client end?), I can only once again
assure you that the content I've cited has been on the site when I
vistited the site and when I quoted from the site later on too.

Anyway, the patch is out and that's the main reason for anyone.

Bye,
Freudi

 

[Guest]

I Received This from emergency email Network thast i subcribe to for such
warnings So I Went to the MS update Website. but no update needed
http://www.emergencyemail.org/newsemergency/anmviewer.asp?a=186&z=1 THE
EMERGENCY EMAIL & WIRELESS NETWORKA Service of The Emergency Email Network
since 1999http://www.emergencyemail.org

whats up with this update?

 

[PA Bear]

Windows version?