# Microsoft Security Updates planned for May 2007



## Zazula (Apr 27, 2006)

On Tuesday 8 May 2007 Microsoft is planning to release:

*Security Updates*

.	Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

.	Three Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

.	One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

.	One Microsoft Security Bulletin affecting CAPICOM and BizTalk. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.

*Microsoft Windows Malicious Software Removal Tool*

.	Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS).

*Non-security High Priority updates on MU, WU, WSUS and SUS*

.	Microsoft will release 1 NON-SECURITY High-Priority Update for Windows on Windows Update (WU) and Software Update Services (SUS).

.	Microsoft will release 6 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS). 

Microsoft will host a webcast next week to address customer questions on these bulletins. For more information on this webcast please see below:
.	*TechNet Webcast*: Information about Microsoft's Security Bulletins (Level 100)
.	Wednesday, 9 May 2007 11:00 AM (GMT-08:00) Pacific Time (US & Canada) http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US

At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 8 May 2007.


----------



## chauffeur2 (Feb 7, 2006)

Thanks for this update Zaz. :wave:

Kind Regards,


----------



## Mrs. Blaileen (Jan 28, 2007)

Do you know if any of those security updates, and/or any future updates will address the spoofed-Microsoft trojan "updates" that some of us have mistakenly let into our computers? :sigh: Thanks.


----------



## Zazula (Apr 27, 2006)

Mrs. Blaileen, have you followed the suggestion I gave you in your original thread http://www.techsupportforum.com/f10...icrosoft-patches-updates-hotfixes-151258.html


----------



## Zazula (Apr 27, 2006)

********************************************************************
Title: Microsoft Security Bulletin Summary for May 2007
Issued: May 8, 2007
Version Number: 1.0
Bulletin Summary: http://www.microsoft.com/technet/security/bulletin/ms07-may.mspx
******************************************************************** 

Summary:
========
This Bulletin Summary contains information about all security updates released this month. Their security bulletins, in order of severity, are as follows: 

*Critical Security Bulletins
=========================== *

*MS07-023 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)* 
Affected Software:
- Excel 2000 Service Pack 3 
- Excel 2002 Service Pack 3
- Excel 2003 Service Pack 2 
- Excel 2003 Viewer 
- Office Excel 2007 
- Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats 
- Microsoft Office 2004 for Mac 
Impact: Remote Code Execution
Version Number: 1.0 

*MS07-024 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)* 
Affected Software: 
- Word 2000 Service Pack 3 
- Word 2002 Service Pack 3 
- Word 2003 Service Pack 2 
- Word Viewer 2003 
- Microsoft Office 2004 for Mac 
- Microsoft Works Suite 2004 
- Microsoft Works Suite 2005 
- Microsoft Works Suite 2006 
Impact: Remote Code Execution
Version Number: 1.0 

*MS07-025 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)* 
Affected Software: 
- Office 2000 Service Pack 3 
- Office XP Service Pack 3 
- Office 2003 Service Pack 2 
- 2007 Microsoft Office System 
- Microsoft Office 2004 for Mac 
Impact: Remote Code Execution
Version Number: 1.0 

*MS07-026 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)* 
Affected Software: 
- Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup 
- Microsoft Exchange Server 2003 Service Pack 1 
- Microsoft Exchange Server 2003 Service Pack 2 
- Microsoft Exchange Server 2007 
Impact: Remote Code Execution
Version Number: 1.0 

*MS07-027 - Cumulative Security Update for Internet Explorer (931768)* 
Affected Software: 
- Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 
- Internet Explorer 6 Service Pack 1 when installed on Windows 2000 Service Pack 4 
- Internet Explorer 6 for Windows XP Service Pack 2 
- Internet Explorer 6 for Windows XP Professional x64 Edition 
- Internet Explorer 6 for Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 
- Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems 
- Internet Explorer 6 for Windows Server 2003 x64 Edition Service Pack 1 and Windows Server 2003 x64 Edition Service Pack 2 
- Internet Explorer 7 for Windows XP Service Pack 2 
- Internet Explorer 7 for Windows XP Professional x64 Edition 
- Internet Explorer 7 for Windows XP Professional x64 Edition Service Pack 2
- Windows Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 
- Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems 
- Internet Explorer 7 for Windows Server 2003 x64 Edition Service Pack 1 and Windows Server 2003 x64 Edition Service Pack 2 
- Windows Internet Explorer 7 in Windows Vista 
- Windows Internet Explorer 7 in Windows Vista x64 Edition 
Impact: Remote Code Execution 
Version Number: 1.0 

*MS07-028 - Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)* 
Affected Software: 
- CAPICOM 
- Platform SDK Redistributable: CAPICOM 
- BizTalk Server 2004 Service Pack 1 
- BizTalk Server 2004 Service Pack 2 
Impact: Remote Code Execution 
Version Number: 1.0 

*MS07-029 - Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution (935966)* 
Affected Software: 
- Windows 2000 Server Service Pack 4 
- Windows Server 2003 Service Pack 1 
- Windows Server 2003 Service Pack 2 
- Windows Server 2003 with SP1 for Itanium-based Systems 
- Windows Server 2003 with SP2 for Itanium-based Systems 
- Windows Server 2003 x64 Edition Service Pack 1 
- Windows Server 2003 x64 Edition Service Pack 2 
Impact: Remote Code Execution 
Version Number: 1.0 

Update Availability:
===================
Updates are available to address these issues. For additional information, including Technical Details, Workarounds, answers to Frequently Asked Questions, and Update Deployment Information please read the Microsoft Security Bulletin Summary for this month at: http://go.microsoft.com/fwlink/?LinkId=89795


----------

