Microsoft Security Bulletin Advance Notification - April 2007

On Tuesday 3 April 2007 Microsoft is planning to release:

Security Updates
* One Microsoft Security Bulletin affecting Microsoft Windows. The highest
Maximum Severity rating for these is Critical. These updates will require a
restart. These updates will be detectable using the Microsoft Baseline
Security Analyzer.


Microsoft Windows Malicious Software Removal Tool
* Microsoft will not release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows
Server Update Services and the Download Center on Tuesday 3 April 2007.

Non-security High Priority updates on MU, WU, WSUS and SUS
* Microsoft will not release any NON-SECURITY High-Priority Updates for
Windows on Windows Update (WU) and Software Update Services (SUS) on Tuesday
3 April 2007.

* Microsoft will not release any NON-SECURITY High-Priority Updates on
Microsoft Update (MU) and Windows Server Update Services (WSUS) on Tuesday 3
April 2007.

http://www.microsoft.com/technet/sec...n/advance.mspx

--
Regards,

Donna Buenaventura
Windows Security MVP
w: http://cou.dozleng.com
b: http://msmvps.com/donna

"Donna Buenaventura" <dbuenaventura@mvps.org> schrieb:

> On Tuesday 3 April 2007 Microsoft is planning to release:
>
> Security Updates
> * One Microsoft Security Bulletin affecting Microsoft Windows. The highest
> Maximum Severity rating for these is Critical. These updates will require a
> restart. These updates will be detectable using the Microsoft Baseline
> Security Analyzer.

This will be a very, very important patch to be released out of the
normal Patch Day cycle. For more details see
http://www.microsoft.com/technet/sec...ry/935423.mspx
http://blogs.technet.com/msrc/archiv...ry-935423.aspx
http://isc.sans.org/diary.html?storyid=2534 and
http://www.kb.cert.org/vuls/id/191609

Bye,
Freudi

"Donna Buenaventura" <dbuenaventura@mvps.org> wrote
> On Tuesday 3 April 2007 Microsoft is planning to release:
>
> Security Updates
> * One Microsoft Security Bulletin affecting Microsoft Windows. The highest
> Maximum Severity rating for these is Critical. These updates will require
> a restart. These updates will be detectable using the Microsoft Baseline
> Security Analyzer.
>
>
> Microsoft Windows Malicious Software Removal Tool
> * Microsoft will not release an updated version of the Microsoft Windows
> Malicious Software Removal Tool on Windows Update, Microsoft Update,
> Windows Server Update Services and the Download Center on Tuesday 3 April
> 2007.
>
> Non-security High Priority updates on MU, WU, WSUS and SUS
> * Microsoft will not release any NON-SECURITY High-Priority Updates for
> Windows on Windows Update (WU) and Software Update Services (SUS) on
> Tuesday 3 April 2007.
>
> * Microsoft will not release any NON-SECURITY High-Priority Updates on
> Microsoft Update (MU) and Windows Server Update Services (WSUS) on Tuesday
> 3 April 2007.
>
> http://www.microsoft.com/technet/sec...n/advance.mspx

Shouldn't that be April 10th, the second Tuesday of the month?

--
Rock [MS-MVP User/Shell]

"Rock" <Rock@nospam.net> schrieb:

> Shouldn't that be April 10th, the second Tuesday of the month?

April 10th is/will be the regular Patch Day, while MS is going to
release a very, very important security update out of the normal
Patch Day cycle on April 3rd. That does *not* mean, that there won't
be any other updates to be released on April 10th.

http://blogs.technet.com/msrc/archiv...ry-935423.aspx

| This update was previously scheduled for release as part of the
| April monthly release on April 10, 2007. Due to the increased risk
| to customers from these latest attacks, we were able to expedite
| our testing to ensure an update is ready for broad distribution
| sooner than April 10.

Bye,
Freudi

Maybe they change the plan because of Vulnerability in Windows Animated
Cursor
Handling -http://www.microsoft.com/technet/security/advisory/935423.mspx
I'm not sure though but the above security issue made Infocon turn Yellow -
http://isc.sans.org/diary.html

MS said "no additional information on these bulletins such as details
regarding severity or details regarding the vulnerability will be made
available until 3 April 2007." so the above is just a guess.

:-)
Donna

"Rock" <Rock@nospam.net> wrote in message
news:O%23qLu7NdHHA.4868@TK2MSFTNGP06.phx.gbl...
> Shouldn't that be April 10th, the second Tuesday of the month?
>
> --
> Rock [MS-MVP User/Shell]

"Donna Buenaventura" <dbuenaventura@mvps.org> wrote in message
news:5B841E04-A76C-458A-AEE3-CE34D2616ECF@microsoft.com...
> Maybe they change the plan because of Vulnerability in Windows Animated
> Cursor
> Handling -http://www.microsoft.com/technet/security/advisory/935423.mspx
> I'm not sure though but the above security issue made Infocon turn
> Yellow - http://isc.sans.org/diary.html
>
> MS said "no additional information on these bulletins such as details
> regarding severity or details regarding the vulnerability will be made
> available until 3 April 2007." so the above is just a guess.
>
> :-)
> Donna
>
> "Rock" <Rock@nospam.net> wrote in message
> news:O%23qLu7NdHHA.4868@TK2MSFTNGP06.phx.gbl...
>> Shouldn't that be April 10th, the second Tuesday of the month?



Ahh I see it's one of those non monthly releases. Thanks.

--
Rock [MS-MVP User/Shell]

Ottmar Freudenberger wrote:
> "Donna Buenaventura" <dbuenaventura@mvps.org> schrieb:
>
>> On Tuesday 3 April 2007 Microsoft is planning to release:
>>
>> Security Updates
>> * One Microsoft Security Bulletin affecting Microsoft Windows. The
>> highest
>> Maximum Severity rating for these is Critical. These updates will require
>> a
>> restart. These updates will be detectable using the Microsoft Baseline
>> Security Analyzer.
>
> This will be a very, very important patch to be released out of the
> normal Patch Day cycle. For more details see
> http://www.microsoft.com/technet/sec...ry/935423.mspx
> http://blogs.technet.com/msrc/archiv...ry-935423.aspx
> http://isc.sans.org/diary.html?storyid=2534 and
> http://www.kb.cert.org/vuls/id/191609

We might /assume/ that
http://blogs.technet.com/msrc/archiv...ry-935423.aspx
is related to this Security Bulletin Advanced Notification, but...
--
~PA Bear

"PA Bear" <PABearMVP@gmail.com> schrieb:

> We might /assume/ that
> http://blogs.technet.com/msrc/archiv...ry-935423.aspx
> is related to this Security Bulletin Advanced Notification, but...

.... we *know* that this will be the update to be released. Yes, indeed ;-)

| In light of these points, and based on customer feedback, we have
| been working around the clock to test this update and are currently
| planning to release the security update that addresses this issue on
| Tuesday April 3, 2007.
[...]
| This update was previously scheduled for release as part of the
| April monthly release on April 10, 2007. Due to the increased risk
| to customers from these latest attacks, we were able to expedite
| our testing to ensure an update is ready for broad distribution
| sooner than April 10.

Bye,
Freudi

I /swear/ that the content you quoted was *not* on the blog page when I read
it c. 0500 UTC, 02 Apr-07 (c. 10:00 PM Pacific Time, 01 Apr-07) and posted
my reply to this thread, nor did
http://www.microsoft.com/technet/sec...n/advance.mspx contain "On
Tuesday 3 April 2007 Microsoft is planning to release" and below when I
viewed the page around the same time.

/Mea culpa/. <w>
--
~Robear

Ottmar Freudenberger wrote:
> "PA Bear" <PABearMVP@gmail.com> schrieb:
>
>> We might /assume/ that
>> http://blogs.technet.com/msrc/archiv...ry-935423.aspx
>> is related to this Security Bulletin Advanced Notification, but...
>
> ... we *know* that this will be the update to be released. Yes, indeed ;-)
>
>> In light of these points, and based on customer feedback, we have
>> been working around the clock to test this update and are currently
>> planning to release the security update that addresses this issue on
>> Tuesday April 3, 2007.
> [...]
>> This update was previously scheduled for release as part of the
>> April monthly release on April 10, 2007. Due to the increased risk
>> to customers from these latest attacks, we were able to expedite
>> our testing to ensure an update is ready for broad distribution
>> sooner than April 10.
>
> Bye,
> Freudi

"PA Bear" <PABearMVP@gmail.com> schrieb:

>I /swear/ that the content you quoted was *not* on the blog page when I read
> it c. 0500 UTC, 02 Apr-07 (c. 10:00 PM Pacific Time, 01 Apr-07) and posted
> my reply to this thread,

Well, are you accessing "the web" via a proxy server? That one may not
have had the actual version of the sit|de. I can only assure you, that
the content didn't change since at least 0245 UTC. Really. I did update
the info on my site at that time and informed some german languaged
newsgroups (news:euq22g.1ao.1@news.messageid.de), ISC and US-CERT after-
wards by mail. Mark H from ISC replied on 0400 UTC that he has updated
the diary (which he really did, although this has been superseded without
further notice by an entry of Kevin dated 1245 UTC lately with the same
content, claiming to be Version 1 of the entry for whatever reason),
while US-CERT played dead man and still doesn't mention the announced
update "planned" to be released via WU/MU/AU some 13 hours or so from now.

> nor did
> http://www.microsoft.com/technet/sec...n/advance.mspx contain "On
> Tuesday 3 April 2007 Microsoft is planning to release" and below when I
> viewed the page around the same time.

See above. I've received the mail announcement of the Advance Notification
on 0142 UTC and it has been there on the web side too at that time (at
least an hour later when I "waked" up).

> /Mea culpa/. <w>

Nothing to apologize for or feel sorry about. It's just strange. Remake
of "X-Files" anyone?

FWIW,
Freudi