Microsoft KB Archive/930858

From BetaArchive Wiki
Knowledge Base


Description of Software Update Services and Windows Server Update Services changes in content for 2006

Article ID: 930858

Article Last Modified on 10/18/2007



APPLIES TO

  • Microsoft Software Update Services 1.0
  • Microsoft Software Update Services 1.0



Important It is time to move to Windows Server Update Services (WSUS). Software Update Services (SUS) 1.0 support time is running out. In addition to the current capabilities in SUS 1.0, WSUS updates more than just Windows, provides reporting capabilities, provides targeting capabilities, and gives administrators more control over the update process. For more information about WSUS, visit the following Microsoft Web site:

Note This article applies only to releases on the Microsoft Windows Update Web site. This article does not apply to security releases for products that are not supported by Windows Update.

SUMMARY

This article is intended for use by administrators of Microsoft Software Update Services (SUS) and Windows Server Update Services (WSUS) servers. This article contains a cumulative list of content changes that have been made available for SUS and WSUS servers. Administrators can use this list both as a quick reference to content changes that have been made during routine synchronizations and as an explanation of these changes. This information will be updated either during our regular update releases on the second Tuesday of every month or whenever an unscheduled update is released. This article lists changes that were made on or after January 5, 2006, and does not list changes that were made before that date.

INTRODUCTION

This article contains a cumulative list of content changes that have been made available to Microsoft Software Update Services (SUS) and Windows Server Update Services (WSUS) servers on or after January 5, 2006.

MORE INFORMATION

Thursday, December 14, 2006

Changes to existing security content

  • MS06-078: Security Update for Windows 2000 (KB923689) – Korean only
    • The Korean binary has changed to resolve reported installation failures.
    • This update does not have to be reinstalled.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

923689 MS06-078: Vulnerability in Windows Media Player could allow remote code execution


Tuesday, December 12, 2006

New security content

  • MS06-072: Cumulative Security Update for Internet Explorer (KB925454)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating:
    • Critical: Internet Explorer 6 Service Pack 1 for Windows 2000, Internet Explorer 6 for Windows Server 2003 and Windows XP
    • Moderate: Internet Explorer 6 for Windows Server 2003 IA-64 and Internet Explorer 6 for Windows Server 2003 x64
    • Important: Internet Explorer 5.01 Service Pack 4 for Windows 2000

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes:

    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 Update: ~3152 KB
    • Internet Explorer 6 Service Pack 1 for Windows 2000 Update: ~4177 KB
    • Internet Explorer 6 Service Pack 1 for Windows XP Update: ~4674 KB
    • Internet Explorer 6 for Windows Server 2003 Update: ~7046 KB
    • Internet Explorer 6 for Windows Server 2003 IA-64 Update: ~47296 KB
    • Internet Explorer 6 for Windows Server 2003 x64 and Windows XP x64 Update: ~20397 KB

    Description:
    Security issues have been identified that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it. You can help protect the system by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-074: Security Update for Windows (KB926247)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating: Important
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 Update: ~503 KB
    • Windows XP Update: ~505 KB
    • Windows Server 2003 Update: ~515 KB
    • Windows Server 2003 IA-64 Update: ~1027 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~706 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-075: Security Update for Windows (KB926255)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating: Important
    Target platforms: Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:
    • Windows XP Update: ~740 KB
    • Windows Server 2003 Update: ~748 KB
    • Windows Server 2003 IA-64 Update: ~2450 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-076: Cumulative Security Update for Outlook Express (KB923694)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Important
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes:
    • Outlook Express 5.5 Service Pack 2 Update: ~1505 KB
    • Outlook Express 6 Service Pack 1 Update: ~2373 KB
    • Windows XP Update: ~1601 KB
    • Windows Server 2003 Update: ~2120 KB
    • Windows Server 2003 IA-64 Update: ~16507 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~6138 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Outlook Express. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-077: Security Update for Windows 2000 (KB926121)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating: Important
    Target platforms: Microsoft Windows 2000
    Approximate file sizes:
    • Security Update for Windows 2000 Update: ~489 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-078: Security Update for Windows (KB923689)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes:
    • Windows Media Format 9.5 Series x64 Update: ~1869 KB
    • Windows 2000 Update: ~1739 KB
    • Windows XP Update: ~2388 KB
    • Windows Server 2003 Update: ~1684 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~2196 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Windows Media file formats and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-078: Security Update for Windows Media Player 6.4 (KB925398)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000, Windows XP and Windows Server 2003 Update: ~792 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~917 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Windows Media Player and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

New non-security content

  • Windows Malicious Software Removal Tool - December 2006 (KB890830) and Windows Malicious Software Removal Tool - December 2006 (KB890830) - Internet Explorer Version

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, and WSUS
    Classification: High Priority, Non-Security, Update Rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer Version Update: ~696 KB
    • Internet Explorer Version Update: ~4814 KB

    Description:
    After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool does not replace an antivirus product. To help protect your computer, you should use an antivirus product.

  • Definition Update for Windows Mail [December 2006] (KB905866)

    Locale: Vista released locales
    Deployment: Windows Update, Microsoft Update, WSUS, and Catalog
    Classification: Updates, Non-Security
    Target platforms: Windows Vista, Windows Vista x64
    Approximate file sizes:
    • Windows Mail Update: ~2189 KB
    • Windows Mail for x64 Update: ~2190 KB

    Description:
    Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

  • Update for Windows Server 2003 (KB911897)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: High Priority, Non-Security
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP
    Approximate file sizes:
    • Windows Server 2003 Update: ~532 KB
    • Windows Server 2003 IA-64 Update: ~1064 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~704 KB

    Description:
    Install this update to resolve an issue in which files can be corrupted when they are copied over a network that uses IPv6. After you install this update, you may have to restart the computer.

  • Update for Windows XP Media Center Edition 2005 (KB926251)

    Locale: French, Chinese (Simplified), Korean, Italian, Polish, German, English, Japanese
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: High Priority, Non-Security
    Target platforms: Windows XP Media Center Edition 2005
    Approximate file sizes:
    • Windows XP Media Center Edition 2005: ~730 KB

    Description:
    Install this update to address Windows Media Player 10 automatic update failures after the installation of Update for Windows XP Media Center Edition 2005 (913800). After you install this update, you may have to restart the computer.

  • Update for Windows Server 2003 and Windows XP (KB931836)

    Locale: All
    Deployment: Windows Update, Microsoft Update, WSUS, and Catalog
    Classification: Updates, Non-Security
    Target platforms: Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:
    • Windows XP Update: ~501 KB
    • Windows Server 2003 Update: ~518 KB
    • Windows Server 2003 IA-64 Update: ~1056 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~721 KB

    Description:
    Installing this update enables your computer to automatically adjust the computer clock on the correct date in 2007 because of revised Daylight Saving Time laws in many countries. After you install this update, you may have to restart the computer.

  • Update for Windows Server 2003 and Windows XP (KB929120)

    Locale:
    • All platforms (High Priority, Non-Security): English
    • All platforms (Updates, Non-Security): All

    Deployment:

    • All platforms (High Priority, Non-Security): Windows Update, Microsoft Update, Auto Update, WSUS, and Catalog
    • All platforms (Updates, Non-Security): Windows Update, Microsoft Update, WSUS, and Catalog

    Classification: Each platform has both

    • High Priority, Non-Security
    • Updates, Non-Security

    Target platforms: Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:

    • Windows XP Update: ~513 KB
    • Windows Server 2003 Update: ~520 KB
    • Windows Server 2003 IA-64 Update: ~1054 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~716 KB

    Description:
    Australia has implemented Daylight Saving Time in the West Australia (Perth) time zone starting in December 2006 for a trial period of three years. Install this update to enable your computer to automatically adjust the computer clock on the correct date. After you install this item, you may have to restart the computer.

Changes to existing security content

  • MS06-066: Security Update for Windows XP (KB923980)
    • Updated detection targeting to Microsoft Windows XP Home Edition and Windows XP Professional Edition.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    923980 MS06-066: Vulnerability in the Client Service could allow remote code execution

Tuesday, November 28, 2006

New non-security content

  • Windows Rights Management Services Client with Service Pack 2 for Windows (KB917275)

    Locale: All
    Deployment: Windows Update, Microsoft Update, WSUS, Catalog
    Classification: Service Packs, Non-Security
    Target Platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows Rights Management Services Client with Service Pack 2 for Windows x86 Editions Update: ~2425 KB
    • Windows Rights Management Services Client with Service Pack 2 for Windows x64 Editions Update: ~5009 KB
    • Windows Rights Management Services Client with Service Pack 2 for Windows Itanium-based Systems Update: ~7202 KB

    Description:
    Rights Management Services (RMS) Client Service Pack 2 contains software updates for RMS Client v1.0 and RMS Client v1.0 SP1. These updates provide support for Microsoft new Exchange and Office SharePoint technologies, support for future implementations of ADFS clients, and improvements in security processor functionality. Native 64-bit execution for X64 and IA-64 platforms is also supported in this release.

  • Windows Media Player 11 / Windows Media Player 11 (for Windows Media Center Edition 2005) / Windows Media Player 11 (for Windows XP Professional x64 Edition)

    Locale:
    • Windows XP x86: English, German, French, Spanish, Italian, Dutch, Russian, Brazilian, Korean, Chinese (Simplified), Chinese (Traditional)
    • Windows Media Center Edition 2005: English, German, French, Korean, Chinese (Simplified), Dutch, Italian
    • Windows XP Professional x64 Edition: English

    Deployment: Windows Update, Microsoft Update, WSUS, Catalog and Dynamic Update
    Classification: Updates, Non-Security
    Target platforms: Microsoft Windows XP, Microsoft Windows XP Media Center Edition 2005, Microsoft Windows XP Professional x64 Edition
    Approximate file sizes:

    • Windows XP Update: ~25755 KB
    • Windows XP Media Center Edition 2005 Update: ~25755 KB
    • Windows XP Professional x64 Update: ~27936 KB

    Description:
    Windows Media Player 11 offers great new ways to store and enjoy digital media. It is easier than ever to access all the video, pictures, and recorded TV on a computer. Play it, view it, organize it, sync it to a portable device for viewing on the go, or share with devices around the home—all from one location. After you install this item, you may have to restart the computer.

  • Remote Desktop Connection (Terminal Services Client 6.0) for Windows (KB925876)

    Locale: English
    Deployment: Windows Update, Microsoft Update, WSUS, and Catalog
    Classification: Updates, Non-Security
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP
    Approximate file sizes:
    • Windows XP Update: ~1620 KB
    • Windows Server 2003 Update: ~1517 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~4662 KB

    Description:
    Remote Desktop Connection (Terminal Services Client 6.0) lets you to use any new Terminal Services features that are introduced in Windows Vista and in Microsoft Windows Server Code Name "Longhorn" from a computer that is running Microsoft Windows XP with Service Pack 2 or that is running Microsoft Windows Server 2003 with Service Pack 1.

  • Windows Internet Explorer 7

    Locale: English
    Deployment: Windows Update, Microsoft Update, Auto Update and WSUS
    Classification:
    • WSUS: Update Rollups, Non-Security

    Target Platforms: Users of Internet Explorer 7 on Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:

    • Windows Internet Explorer 7 for Windows XP Update: ~15505 KB
    • Windows Internet Explorer 7 for Windows Server 2003 Update: ~15478 KB
    • Windows Internet Explorer 7 for Windows Server 2003 (IA-64) Update: ~37548 KB
    • Windows Internet Explorer 7 for Windows Server 2003 (x64) and Windows XP 64-bit Edition Version 2003 Update: ~29724 KB

    Description:
    This free upgrade to Internet Explorer is for genuine Windows customers. It offers improvements such as enhanced security to help protect you from malicious software and fraudulent Web sites, a cleaner look that includes tabs for browsing multiple pages in one window, and features to make everyday tasks such as printing and searching the Web easier. This upgrade preserves the current home page, search settings, favorites, and compatible toolbars. This upgrade can be uninstalled. This update includes Windows Genuine Advantage validation.

  • Windows Genuine Advantage Notification (KB905474)
    Locale: English
    Deployment: Windows Update, Microsoft Update, and Automatic Updates
    Classification: High priority update, Non-Security
    Target Platforms: Microsoft Windows XP
    Approximate file sizes:
    • ~934 KB

    Description:
    The Windows Genuine Advantage Notification tool notifies you if a copy of Windows is not genuine. If the copy is found to be non-genuine, the tool will help you obtain a licensed copy of Windows.

Changes to existing security content

  • MS06-005: Security Update for Windows Media Player 10 for Windows XP (KB911565)
    • Updated detection to prevent offering of this update after Microsoft Windows Media Player 11 is installed.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911565 MS06-005: Vulnerability in Windows Media Player could allow remote code execution

Tuesday, November 21, 2006

New security content

  • MS06-071: MSXML 4.0 SP2 Security Update (KB927978) New for SUS 1.0 only and unchanged for all other deployments (originally released to WSUS, Windows Update, Microsoft Update, and Automatic Update on November 14, 2006)

    Locale: English, Japanese, Chinese (Simplified), Chinese (Traditional), French, German, Italian, Korean, Spanish
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target components: MSXML 4.0
    Approximate file sizes:
    • MSXML 4.0 update: ~5629 KB

    Description:
    A vulnerability exists in the XMLHTTP ActiveX control in Microsoft XML Core Services. This vulnerability could allow for remote code execution.

  • MS06-071: MSXML 6.0 RTM Security Update (KB927977) New for SUS 1.0 only and unchanged for all other deployments (originally released to WSUS, Windows Update, Microsoft Update, and Automatic Update on November 14, 2006)

    Locale: English, Japanese, Korean, Chinese (Traditional), Chinese (Simplified), Italian, German, Spanish, French, Brazilian, Dutch, Russian, Swedish
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target components: MSXML 6.0
    Approximate file sizes:
    • MSXML 6.0 RTM Security update: ~910 KB
    • MSXML 6.0 RTM Security IA-64 Update: ~2527 KB
    • MSXML 6.0 RTM Security AMD64 Update: ~1833 KB

    Description:

Changes to existing security content

  • MS06-067: Cumulative Security Update for Internet Explorer (KB922760)
    • Updated More Information URL
    • Binaries have not changed
    • This update does not have to be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    922760 MS06-067: Cumulative security update for Internet Explorer

  • MS06-069: Security Update for Flash Player (KB923789)
    • Updated More Information URL
    • Binaries have not changed
    • This update does not have to be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    923789 MS06-069: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution

Changes to existing non-security content

  • Windows Malicious Software Removal Tool - November 2006 (KB890830) and Windows Malicious Software Removal Tool - November 2006 (KB890830) - Internet Explorer Version
    • Updated target platforms to support Windows Vista and Windows Internet Explorer 7 Dynamic Installer
    • Updated newly-rebuilt binaries
    • This update will be reoffered and should be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Tuesday, November 14, 2006

New security content

  • MS06-066: Security Update for Windows (KB923980)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Moderate : Microsoft Windows Server 2003
    • Important : Microsoft Windows 2000, Microsoft Windows XP

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~647 KB
    • Windows XP update: ~681 KB
    • Windows Server 2003 update: ~604 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-067: Cumulative Security Update for Internet Explorer (KB922760)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 6 Service Pack 1 for Windows 2000, Internet Explorer 5.01 Service Pack 4 for Windows 2000
    Approximate file sizes:
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 update: ~3147 KB
    • Internet Explorer 6 Service Pack 1 for Windows 2000 update: ~4184 KB
    • Windows XP update: ~4661 KB
    • Windows Server 2003 update: ~7041 KB
    • Windows Server 2003 IA-64 update: ~47287 KB
    • Windows Server 2003 x64 and Windows XP x64 update: ~20387 KB

    Description:
    Security issues have been identified that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it. You can help protect the system by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-068: Security Update for Windows (KB920213)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Critical : Microsoft Windows XP, Microsoft Windows 2000
    • Moderate : Microsoft Windows Server 2003

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~1094 KB
    • Windows XP update: ~685 KB
    • Windows Server 2003 update: ~695 KB
    • Windows Server 2003 IA-64 update: ~1798 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~1035 KB

    Description:
    A security issue has been identified in MSAgent that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-069: Security Update for Flash Player (KB923789)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows XP
    Approximate file sizes:
    • Windows XP and Windows XP x64 update: ~555 KB

    Description:
    Security issues have been identified in Macromedia Flash Player from Adobe that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the system by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-070: Security Update for Windows (KB924270)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Critical : Microsoft Windows 2000
    • Low : Microsoft Windows XP

    Target platforms: Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~1360 KB
    • Windows XP update: ~1002 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-071: MSXML 4.0 SP2 Security Update (KB927978)

    Locale: ENU, JPN, CHS, CHT, FRN, GER, ITA, KOR, ESN
    Deployment: Windows Update, Microsoft Update, Auto Update, and WSUS
    Note The target deployment date for SUS 1.0, and Catalog is Tuesday, November 21, 2006
    Classification: Security update
    Security severity rating: Critical
    Target components: MSXML 4.0
    Approximate file sizes:
    • MSXML 4.0 update: ~5629 KB

    Description:
    A vulnerability exists in the XMLHTTP ActiveX control within Microsoft XML Core Services that could allow for remote code execution.

  • MS06-071: MSXML 6.0 RTM Security Update (KB927977)

    Locale: ENU, JPN, KOR, CHT, CHS, ITA, DEU, ESN, FRN, BRZ, DUT, RUS, SWE
    Deployment: Windows Update, Microsoft Update, Auto Update, and WSUS
    Note The target deployment date for SUS 1.0, and Catalog is Tuesday, November 21, 2006
    Classification: Security update
    Security severity rating: Critical
    Target components: MSXML 6.0
    Approximate file sizes:
    • MSXML 6.0 RTM Security update: ~910 KB
    • MSXML 6.0 RTM Security IA-64 update: ~2527 KB
    • MSXML 6.0 RTM Security AMD64 update: ~1833 KB

    Description:
    A vulnerability exists in the XMLHTTP ActiveX control within Microsoft XML Core Services that could allow for remote code execution.

New non-security content

  • Windows Malicious Software Removal Tool - November 2006 (KB890830) / Windows Malicious Software Removal Tool - November 2006 (KB890830) - Internet Explorer Version

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS
    Classification: High priority, non-security update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer version update: ~989 KB
    • Internet Explorer version update: ~4606 KB

    Description:
    After the download, this tool runs one time to check the computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom). The update helps remove any infection that is found. If an infection is found, the tool displays a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center. Alternatively, you can run an online version from the Microsoft.com Web site. This tool does not replace an antivirus product. To help protect the computer, use an antivirus product.

Changes to existing security content

  • MS05-004: Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903)
    • Updated detection to allow offering of update on Windows XP x86 (SUS 1.0 only)
    • Binaries have not changed
    • This update does not have to be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    886903 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.1 Service Pack 1

  • MS06-055: Security Update for Internet Explorer 6 Service Pack 1 (KB925486)
    • Updated metadata to prevent WSUS from reporting MS04-028 as required after MS06-055 is installed
    • Binaries have not changed
    • This update does not have to be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    925486 MS06-055: Vulnerability in Vector Markup Language could allow remote code execution

Tuesday, October 24, 2006

New non-security content

  • Update Rollup for Windows XP Media Center Edition 2005 (KB925766)

    Locale: All
    Deployment: Windows Update, Microsoft Update, WSUS, and Catalog
    Classification: Update rollups, non-security
    Target platforms: Microsoft Windows XP Media Center Edition 2005
    Approximate file sizes: ~3510 KB
    Description:
    Microsoft has released Update Rollup 925766. This update is intended for systems that are running Update Rollup 2 for Microsoft Windows XP Media Center Edition 2005 (900325). This update rollup is cumulative and supersedes update 908250, update 912067, update 914548 and update 919803. For more information about this update rollup, see Microsoft Knowldge Base article 925766. After you install this update, you may have to restart the computer.
  • Update for Windows XP (KB920342)

    Locale: All
    Deployment: Windows Update, Microsoft Update, WSUS, and Catalog
    Classification: Update, Non-security
    Target platforms: Microsoft Windows XP Service Pack 2
    Approximate file sizes: ~972 KB
    Description:
    Peer Name Resolution Protocol (PNRP) version 2.0 enables you to publish and resolve peer names togetherwith other PNRP nodes that are running v2.0. This is important for peer-to-peer applications on the system. After you install this item, you may have to restart the computer.

Changes to existing non-security content

  • Network Diagnostic Tool (KB914440)
    • Updated newly rebuilt binaries for all locales.
    • This update will be reoffered and should be reinstalled.

    Approximate File Sizes: ~682 KB
    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    914440 Network Diagnostics for Windows XP is available to help identify and fix network connection problems

  • Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325)
    • Republished item to prevent co-install failures
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    900325 Update Rollup 2 for Windows XP Media Center Edition 2005

Thursday, October 19, 2006

Changes to existing security content

  • MS06-061: Security Update for Windows 2000 (KB924191)
    • Updated newly rebuilt binaries for all locales.
    • This update will be reoffered and should be reinstalled.

    Approximate file sizes: ~927 KB

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    924191 MS06-061: Vulnerabilities in Microsoft XML Core Services could allow remote code execution

Tuesday, October 10, 2006

New security content

  • MS06-056: Security Update for the Microsoft .NET Framework Version 2.0 (KB922770)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Moderate
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows Server 2003 Update / Windows XP Update / Windows 2000 Update: ~2280 KB
    • Windows Server 2003 Service Pack 1 IA-64 Update: ~3972 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~3829 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system that is running the Microsoft .NET Framework and gain access to restricted data. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-057: Security Update for Windows (KB923191)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Critical: Microsoft Windows XP x64, Microsoft Windows XP, Microsoft Windows 2000
    • Moderate: Microsoft Windows Server 2003 x86, Microsoft Windows Server 2003 IA-64, Microsoft Windows Server 2003 x64

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 Update: ~791 KB
    • Windows XP Update: ~4238 KB
    • Windows Server 2003 Update: ~1253 KB
    • Windows Server 2003 IA-64 Update: ~6320 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~2556 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-061: Security Update for Windows (KB924191)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 Update: ~926 KB
    • Windows XP Update: ~1109 KB
    • Windows Server 2003 Update: ~1185 KB
    • Windows Server 2003 IA-64 Update: ~6299 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~2762 KB

    Description:
    A security issue has been identified in the way Microsoft XML Core Services (MSXML) is handled that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-063: Security Update for Windows (KB923414)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Important
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 Update: ~615 KB
    • Windows XP Update: ~725 KB
    • Windows Server 2003 Update: ~816 KB
    • Windows Server 2003 IA-64 Update: ~1926 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~1033 KB

    Description:
    A security issue has been identified in the Server service that could allow a remote user to cause an affected Windows-based system to stop responding. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-064: Security Update for Windows (KB922819)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Low
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP
    Approximate file sizes:
    • Windows XP Update: ~856 KB
    • Windows Server 2003 Update: ~677 KB
    • Windows Server 2003 IA-64 Update: ~1622 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~898 KB

    Description:
    A security issue has been identified that could allow an attacker to cause Denial of Service conditions on Windows-based systems. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-065: Security Update for Windows (KB924496)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Moderate
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP
    Approximate file sizes:
    • Windows XP Update: ~1677 KB
    • Windows Server 2003 Update: ~1734 KB
    • Windows Server 2003 IA-64 Update: ~8130 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~3127 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

New non-security content

  • Windows Malicious Software Removal Tool - October 2006 (KB890830) / Windows Malicious Software Removal Tool - October 2006 (KB890830) - Internet Explorer Version

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS
    Classification: High priority, non-security update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer Version Update: ~754 KB
    • Internet Explorer Version Update: ~4258 KB

    Description:
    After the download, this tool runs one time to check the computer for infection by specific, prevalent, malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection found. If an infection is found, the tool displays a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center or run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect the computer, you should use an antivirus product.

Changes to existing security content

  • MS05-030: Security Update for Outlook Express 6 Service Pack 1 (KB897715)
    • Updated detection to prevent offering on systems that have Internet Explorer 6.x and Outlook Express 5.x installed.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    897715 MS05-030: Vulnerability in Outlook Express could allow remote code execution

Changes to existing non-security content

  • Update for Windows 2000 (KB922582)
    • Updated detection to prevent False Positive issues.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    922582 Error message when you try to update a Microsoft Windows-based computer: "0x80070002"

Tuesday, September 26, 2006

New security content

  • MS06-055: Security Update for Windows (KB925486) / Security Update for Internet Explorer (KB925486)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security Update
    Security severity rating: Critical
    • Internet Explorer Service Pack 1 for Windows XP Update, Internet Explorer Service Pack 1 for Windows 2000 Update, Internet Explorer 5.01 Service Pack 4 for Windows 2000 Update, Windows XP Update, Windows XP x64 Update: Critical
    • Windows Server 2003 Update, Windows Server 2003 IA-64 Update, Windows Server 2003 x64 Update: Moderate


    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 5.01 Service Pack 4 for Windows 2000, Internet Explorer 6 Service Pack 1 for Windows XP, Internet Explorer 6 Service Pack 1 for Windows 2000
    Approximate file sizes:

    • Internet Explorer 6 Service Pack 1 for Windows XP Update: ~822 KB
    • Internet Explorer 6 Service Pack 1 for Windows 2000 Update: ~1491 KB
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 Update: ~1281 KB
    • Windows XP Update: ~802 KB
    • Windows Server 2003 Update: ~913 KB
    • Windows Server 2003 IA-64 Update: ~4773 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~1984 KB

    Description:
    A security issue has been identified in the way that Vector Markup Language (VML) is handled. This issue could enable an attacker to compromise a computer that is running Microsoft Windows and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

Changes to existing security content

  • MS06-049: Security Update for Windows 2000 (KB920958)
    • Updated newly rebuilt binaries for all locales
    • This update will be reoffered and should be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    920958 MS06-049: Vulnerability in Windows kernel could allow elevation of privilege

Changes to existing non-security content

  • Root Certificates Update
    • Updated newly rebuilt binaries for all locales
    • This update will be reoffered and should be reinstalled.

    Approximate file sizes: ~239 KB
    For more information, visit the following Microsoft Web site:

Tuesday, September 12, 2006

New security content

  • MS06-052: Security Update for Windows XP (KB919007)

    Locale: All
    Deployment: WU/MU Site, Auto Update, WSUS, SUS 1.0 and Catalog
    Classification: Security Update
    Security severity rating: Important
    Target platforms: Microsoft Windows XP
    Approximate file sizes: ~567 KB
    Description:
    A security issue has been identified in Pragmatic General Multicast (PGM) for Microsoft Windows XP-based systems that could result in a denial of service. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.
  • MS06-053: Security Update for Windows (KB920685)

    Locale: All
    Deployment: WU/MU Site, Auto Update, WSUS, SUS 1.0 and Catalog
    Classification: Security Update
    Security severity rating: Moderate
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 Update: ~1047 KB
    • Windows XP Update: ~1303 KB
    • Windows Server 2003 Update: ~1276 KB
    • Windows Server 2003 IA-64 Update: ~8614 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~3499 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system and to gain access to restricted data. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

New non-security content

  • Update for Windows (KB922582)

    Locale: All
    Deployment: WU/MU Site, Auto Update, WSUS, SUS 1.0 and Catalog
    Classification: High priority, non-security update
    Target platforms: Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows XP Service Pack 2, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 Update: ~554 KB
    • Windows XP Service Pack 2 Update: ~563 KB
    • Windows Server 2003 Service Pack 1 Update: ~550 KB
    • Windows Server 2003 Service Pack 1 IA-64 Update: ~1119 KB
    • Windows Server 2003 x64 / Windows XP x64 Update: ~763 KB

    Description:
    A problem has been identified in Filter Manager that can prevent you from installing updates from Windows Update. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • Update for Windows XP (KB920872)

    Locale: All
    Deployment: WU/MU Site, Auto Update, WSUS, SUS 1.0 and Catalog
    Classification: High priority, non-security update
    Target platforms: Microsoft Windows XP Service Pack 2
    Approximate file sizes: ~617 KB
    Description:
    This is a reliability update for Windows XP computers. Install this audio component update to help prevent memory corruption issues which may cause an unstable state on a computer that is running Windows XP Service Pack 2. After you install this update, you may have to restart the computer.
  • Windows Malicious Software Removal Tool - September 2006 (KB890830) and Windows Malicious Software Removal Tool - September 2006 (KB890830) - Internet Explorer Version

    Locale: All
    Deployment: WU/MU Site, Auto Update, WSUS
    Classification: High priority, non-security, update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer Version Update: ~3125 KB
    • Internet Explorer Version Update: ~3824 KB

    Description:
    After the download, this tool runs one time to check the computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection found. If an infection is found, the tool will display a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center or run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect the computer, you should use an antivirus product.

Changes to existing security content

  • MS06-034: Security Update for Windows 2000 (KB917537)
    • Updated detection metadata to prevent continuous reoffering when Asp.dll is not present on the system.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    917537 Microsoft Security Bulletin MS06-034: Vulnerability in Internet Information Services that use Active Server Pages could allow remote code execution

  • MS06-040: Security Update for Windows (KB921883)
    • Updated newly rebuilt binaries for Windows Server 2003 x86, Windows Server 2003 versions, Windows Server 2003 x64 Edition, and Windows XP x64 Edition
    • This update will be reoffered and should be reinstalled.

    Approximate file sizes:

    • Windows Server 2003 x86 Update: ~725 KB
    • Windows Server 2003 IA-64 Update: ~1816 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~1049 KB

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    921883 MS06-040: Vulnerability in Server service could allow remote code execution

  • MS06-042: Cumulative Security Update for Internet Explorer (KB918899)
    • Updated newly rebuilt binaries for Windows Server 2003 x86, Windows Server 2003 IA-64, Internet Explorer 5.01 Service Pack 4 for Windows 2000, and Internet Explorer 6 Service Pack 1 for Windows 2000 and for Windows XP
    • This update will be reoffered and should be reinstalled.

    Approximate file sizes:

    • Internet Explorer 6 Service Pack 1 for Windows 2000 and for Windows XP Update: ~4188 KB
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 Update: ~3146 KB
    • Windows Server 2003 Update: ~7038 KB
    • Windows Server 2003 IA-64 Update: ~47277 KB

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    918899 MS06-042: Cumulative security update for Internet Explorer

Changes to existing non-security content

  • Korean Fair Trade Commission Promotional Links (KB922476)
    • Updated newly rebuilt binaries for all locales
    • Updated detection to offer an update after an in-place upgrade from the original Release to Manufacturing (RTM) version of Windows XP to Windows XP Service Pack 2 or from Windows XP Service Pack 1 to Windows XP Service Pack 2
    • This update will be reoffered and should be reinstalled.
    Approximate file sizes: ~491 KB
  • Update for Windows XP (KB916595)
    • Metadata was updated to reflect correct classification on WSUS.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    916595 Stop error message on a Windows XP-based computer: "STOP 0x000000D1"

Thursday, August 24, 2006

Changes to existing security content

  • MS06-042: Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB918899)
    • Updated newly rebuilt binary files for all locales.
    • This update will be reoffered and should be reinstalled.

    Approximate file sizes: ~4,187 KB For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    918899 MS06-042: Cumulative security update for Internet Explorer

Removed: The following superseded items have been permanently removed from WSUS:

  • MS02-008: Security Update, February 13, 2002 (MSXML 4.0)
  • MS02-009: Security Update, February 14, 2002 (Internet Explorer 5.01)
  • MS02-012: Security Update, February 22, 2002
  • MS02-024: Q320206: Security Update
  • MS02-042: Security Update (326886)
  • MS02-050: Q329115: Security Update (Windows 2000)
  • MS02-055: Q323255: Security Update (Windows 2000)
  • MS02-063: Security Update for Windows 2000 (329834)
  • MS02-065: Q329414: Security Update (MDAC 2.6)
  • MS02-070: 329170: Security Update (Windows 2000)
  • MS03-008: 814078: Security Update (Microsoft Jscript version 5.5, Windows 2000)
  • MS03-021: Flaw In Windows Media Player May Allow Media Library Access (819639)
  • MS03-024: 817606: Security Update (Windows XP) / 817606: Security Update (Windows 2000)
  • MS03-026: Security Update for Windows Server 2003 (823980) / Security Update for Windows XP (823980) / Security Update for Windows 2000 (823980)
  • MS03-030: Security Update for Windows XP (819696)
  • MS03-040: October 2003, Cumulative Patch for Internet Explorer 6 (828750) / October 2003, Cumulative Patch for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (828750) / October 2003, Cumulative Patch for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (828750) / October 2003, Cumulative Patch for Internet Explorer for Windows Server 2003 (828750)
  • MS03-044: Security Update for Microsoft Windows XP (825119)
  • MS03-045: Security Update for Microsoft Windows (824141)
  • MS03-048: Cumulative Security Update for Internet Explorer 6 (824145) / Cumulative Security Update for Internet Explorer 5.01 SP3 (824145)
  • MS04-004: Cumulative Security Update for Internet Explorer 6 (832894) / Cumulative Security Update for Internet Explorer 5.01 Service Pack 3 (832894)
  • MS04-025: Cumulative Security Update for Internet Explorer 6 (867801) / Cumulative Security Update for Internet Explorer 5.01 Service Pack 3 (867801)
  • MS04-038: Cumulative Security Update for Internet Explorer 6 (834707) / Cumulative Security Update for Internet Explorer 5.01 Service Pack 3 (834707)
  • MS05-014: Cumulative Security Update for Internet Explorer 5.01 Service Pack 3 (867282)
  • MS05-020: Cumulative Security Update for Internet Explorer 5.01 Service Pack 3 (890923)
  • MS05-025: Cumulative Security Update for Internet Explorer 5.01 Service Pack 3 (883939)
  • Windows Blaster Worm Removal Tool (833330)
  • Sasser (A-D) Worm Removal Tool (841720)
  • Mydoom, Zindos, and Doomjuice Worm Removal Tool (836528)
  • Malicious Software Removal Tool - January 2005 (890830)
  • Windows Malicious Software Removal Tool - February 2005 (890830)
  • Windows Malicious Software Removal Tool - March 2005 (890830)
  • Windows Malicious Software Removal Tool - April 2005 (890830)
  • Windows Malicious Software Removal Tool - May 2005 (890830)
  • Windows Malicious Software Removal Tool - June 2005 (890830)
  • Windows Malicious Software Removal Tool - July 2005 (890830)
  • Windows Malicious Software Removal Tool - August 2005 (890830)
  • Windows Malicious Software Removal Tool - September 2005 (890830)
  • Windows Malicious Software Removal Tool - October 2005 (890830)
  • Windows Malicious Software Removal Tool - November 2005 (890830)
  • Windows Malicious Software Removal Tool - December 2005 (890830)
  • Windows Malicious Software Removal Tool - January 2006 (890830)
  • Windows Malicious Software Removal Tool - February 2006 (890830)
  • Windows Malicious Software Removal Tool - March 2006 (890830)
  • Windows Malicious Software Removal Tool - April 2006 (890830)
  • Windows Malicious Software Removal Tool - May 2006 (890830)
  • Windows Malicious Software Removal Tool - June 2006 (890830)

Tuesday, August 22, 2006

New non-security content

  • Korean Fair Trade Commission Promotional Links (KB922476)


Locale: Korean
Deployment: Windows Update/Microsoft Update sites, Auto Update, WSUS, SUS 1.0, and Catalog
Classification: High priority update, non-security
Target platforms: Microsoft Windows XP Professional with Service Pack 2, Microsoft Windows XP Home Edition with Service Pack 2
Approximate file sizes: ~563 KB
Description:
The Korean Fair Trade Commission requires that Microsoft make available an update that adds two links to the All Programs menu in Korean-language versions of Windows XP Home Edition and Windows XP Professional. These links direct customers to the Windows Media Player Center Web site and to the Messenger Center Web site. After customers install this update, they might have to restart the computer.


Thursday, August 10, 2006

Changes to existing content

  • Windows Malicious Software Removal Tool - August 2006 (KB890830) and Windows Malicious Software Removal Tool - August 2006 (KB890830) - Internet Explorer Version

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS
    Classification: High priority update, non-security, update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer version update: ~3444 KB
    • Internet Explorer version update: ~3444 KB

    Description:
    This is an updated version of the Windows Malicious Software Removal Tool (August 2006 release). This updated version addresses a detection issue that was found shortly following the release of the tool. The issue affects a very limited number of customers.

Tuesday, August 8, 2006

New security content

  • MS06-040: Security Update for Windows (KB921883)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~616 KB
    • Windows XP update: ~702 KB
    • Windows Server 2003 Update: ~725 KB
    • Windows Server 2003 IA-64 update: ~1815 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~1049 KB

    Description:
    A security issue has been identified in the Server service that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-041: Security update for Windows (KB920683)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~573 KB
    • Windows XP update: ~608 KB
    • Windows Server 2003 update: ~626 KB
    • Windows Server 2003 IA-64 update: ~1414 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~899 KB

    Description:
    A security issue has been identified in DNS Resolution that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-042: Cumulative Security Update for Internet Explorer (KB918899)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 5.01 Service Pack 4 for Windows 2000, Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP
    Approximate file sizes:
    • Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP update: ~4187 KB
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 update: ~3146 KB
    • Windows XP update: ~4621 KB
    • Windows Server 2003 update: ~7038 KB
    • Windows Server 2003 IA-64 update: ~47294 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~20379 KB

    Description:
    Security issues have been identified that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it. You can help protect a system by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-043: Security Update for Outlook Express (KB920214)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows XP Service Pack 2
    Approximate file sizes:
    • Windows XP Service Pack 2 Update: ~790 KB
    • Windows Server 2003 Service Pack 1 Update: ~789 KB
    • Windows Server 2003 Service Pack 1 IA-64 update: ~2987 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~1421 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

  • MS06-044: Security Update for Windows 2000 (KB917008)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows 2000
    Approximate file sizes: ~1338 KB
    Description:
    A security issue has been identified in Microsoft Management Console that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.
  • MS06-045: Security Update for Windows (KB921398)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Moderate
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~1243 KB
    • Windows XP update: ~4479 KB
    • Windows Server 2003 update: ~3761 KB
    • Windows Server 2003 IA-64 update: ~26681 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~12410 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise the Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer.

  • MS06-046: Security Update for Windows (KB922616)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Critical: Microsoft Windows XP, Microsoft Windows 2000
    • Moderate: Microsoft Windows Server 2003

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~716 KB
    • Windows XP update: ~824 KB
    • Windows Server 2003 update: ~823 KB
    • Windows Server 2003 IA-64 update: ~3096 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~1227 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system using a vulnerability in HTML Help and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer.

  • MS06-049: Security Update for Windows 2000 (KB920958)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Important
    Target platforms: Microsoft Windows 2000
    Approximate file sizes: ~1603 KB
    Description:
    A security issue has been identified in the Windows Kernel that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer.
  • MS06-050: Security Update for Windows (KB920670)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Important
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~521 KB
    • Windows XP update: ~524 KB
    • Windows Server 2003 update: ~541 KB
    • Windows Server 2003 IA-64 update: ~1145 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~755 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer.

  • MS06-051: Security Update for Windows (KB917422)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~740 KB
    • Windows XP update: ~943 KB
    • Windows Server 2003 update: ~1094 KB
    • Windows Server 2003 IA-64 update: ~4117 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~1891 KB

    Description:
    A security issue has been identified in the Windows Kernel that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart the computer.

New non-security content

  • Windows Malicious Software Removal Tool - August 2006 (KB890830) and Windows Malicious Software Removal Tool - August 2006 (KB890830) - Internet Explorer Version

    Locale: All
    Deployment: Windows Update, Microsoft Update, Auto Update, WSUS
    Classification: High priority update, non-security, update rollup
    Target Platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer version update: ~3444 KB
    • Internet Explorer version update: ~3444 KB

    Description:
    After you download this tool, it runs one time to check your computer for infection by specific, prevalent malicious software. This malicious software includes Blaster, Sasser, and Mydoom. This tool helps remove any infection that it finds. If it finds an infection, the tool displays a status report the next time that you start the computer. A new version of the tool is offered each month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center. You can also run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect the computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Changes to existing security content

  • MS05-004: Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903)
    • Updated binaries for Windows Server 2003 SP1 IA-64, Windows Server 2003 x64 edition, and Windows XP x64 edition
    • This update will be reoffered and should be reinstalled.

    Approximate file sizes:

    • Windows Server 2003 Service Pack 1 IA-64 update: ~1577 KB
    • Windows Server 2003 x64 and Windows XP x64 update: ~1577 KB

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    886903 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.1 Service Pack 1

  • MS05-030: Security Update for Outlook Express 6 Service Pack 1 (KB897715)
    • Updated detection to offer update to Windows XP Service Pack 1.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    897715 MS05-030: Vulnerability in Outlook Express could allow remote code execution

Tuesday, July 25, 2006

New non-security content

  • Update Rollup for Microsoft Windows XP Media Center Edition 2005 (KB919803)

    Locale: All
    Deployment: Windows Update, Microsoft Update, WSUS, and Windows Update Catalog
    Classification: Update rollups, non-security
    Target platforms: Windows XP Media Center Edition 2005
    Approximate file sizes: ~3506 KB
    Description:
    Microsoft has released update rollup 919803. This update is intended for systems that are running update rollup 2 for Microsoft Windows XP Media Center Edition 2005 (900325). This update rollup is cumulative and supersedes updates 908250, 912067, and 914548. After you install this update, you may have to restart the computer.
    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    919803 July 2006 Update Rollup for Windows XP Media Center Edition 2005

  • Update for Windows Server 2003 for Itanium-based systems (KB898715)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, and WSUS
    Classification: High priority update, non-security
    Target Platforms: Windows Server 2003 for Itanium-based systems
    Approximate file sizes: ~5906 KB
    Description:
    This update addresses application compatibility issues that exist when Windows Installer 3.1 is used together with certain applications. After you install this update, you may have to restart the computer.
    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    898715 An update for Windows Installer 3.1 is available for Windows Server 2003 SP1 and for the 64-bit editions of Windows XP

  • Update for Microsoft Internet Explorer 7 Beta 3 for Windows (KB922880)

    Locale: All
    Deployment: Windows Update, Microsoft Update
    Classification: Update, non-security
    Target platforms: Microsoft Windows Server 2003, Windows XP Service Pack 2
    Approximate file sizes:
    • Windows XP Service Pack 2 Update: ~834 KB
    • Windows Server 2003 update: ~834 KB
    • Windows Server 2003 ia-64 Update: ~1961 KB
    • Windows Server 2003 x64 and Windows XP x64 Update: ~1385 KB

    Description:
    This update resolves an application compatibility problem when pluggable security managers are used in Internet Explorer. This update must be installed for the Yahoo! Toolbar to function correctly when Internet Explorer 7 Beta 3 is installed. After you install this item, you may have to restart the computer.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    922880 FIX: The various dialog boxes that are displayed when you use Yahoo! Toolbar do not work correctly together with Internet Explorer 7 Beta 3

Changes to existing non-security content

  • Network Diagnostic Tool (KB914440)
    • Updated newly rebuilt binaries for all locales

    Approximate file sizes: ~649 KB
    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    914440 Network Diagnostics for Windows XP is available to help identify and fix network connection problems

Monday, July 17, 2006

Changes to existing security content

  • Security Update for Windows (KB917537)
    • Updated detection metadata to prevent continuous reoffering when Asp.dll was not present on the system.
    • Binaries have not changed.
    • This update does not have to be reinstalled.
    • Target platforms: Microsoft Windows Server 2003 using Microsoft Internet Information Services and Microsoft Windows XP Professional using Microsoft Internet Information Services
    • Not affected by this change: Microsoft Windows 2000 using Microsoft Internet Information Services
    • To prevent this update from being offered to non-vulnerable systems, WSUS administrators must resynch to obtain the new WSUSScan.cab file.
    • Changes do not apply to SUS 1.0. No new SUS 1.0 cabs will be released for this change.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    917537 Microsoft Security Bulletin MS06-034: Vulnerability in Internet Information Services that use Active Server Pages could allow remote code execution

Wednesday, July 12, 2006

Note A new SUS 1.0 cab file was released today to resolve an issue in the previous version. In the previous version, some updates for Windows Server 2003 were missing. Re-sync and download the file again to obtain the latest version.

Tuesday, July 11, 2006

Note If you downloaded the WSUSscan.cab file before 6:30 P.M. Pacific time on July 11, 2006, download the file again to obtain the latest version.

New security content

  • MS06-033: Security Update for the Microsoft .NET Framework version 2.0 (KB917283)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Important

    Target platforms: Microsoft Windows Server 2003 using the Microsoft .NET Framework 2.0, Microsoft Windows XP using the Microsoft .NET Framework 2.0, Microsoft Windows 2000 using the Microsoft .NET Framework 2.0
    Approximate file sizes:

    • Windows Server 2003 / Windows XP / Windows 2000 Update: ~772 KB
    • Windows Server 2003 IA-64 Update: ~916 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~789 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain access to restricted data. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-034: Security Update for Windows (KB917537)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Important: Microsoft Windows XP Professional, Microsoft Windows 2000
    • Moderate: Microsoft Windows Server 2003

    Target platforms: Microsoft Windows Server 2003 using Microsoft Internet Information Services, Microsoft Windows XP Professional using Microsoft Internet Information Services, Microsoft Windows 2000 using Microsoft Internet Information Services
    Approximate file sizes:

    • Windows 2000 update: ~626 KB
    • Windows XP Professional Update: ~698 KB
    • Windows Server 2003 update: ~781 KB
    • Windows Server 2003 IA-64 Update: ~1949 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~1186 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Microsoft Internet Information Services and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-035: Security Update for Windows (KB917159)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Critical

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~614 KB
    • Windows XP update: ~725 KB
    • Windows Server 2003 update: ~801 KB
    • Windows Server 2003 IA-64 Update: ~1922 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~1033 KB

    Description:
    A remote code execution security issue has been identified in the Server service that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-036: Security Update for Windows (KB914388)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Catalog
    Classification: Security update
    Security severity rating:
    • Critical

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~618 KB
    • Windows XP update: ~1018 KB
    • Windows Server 2003 update: ~646 KB
    • Windows Server 2003 IA-64 Update: ~1505 KB
    • Windows Server 2003 x64 editions update and Windows XP x64 editions update: ~926 KB

    Description:
    A remote code execution security issue has been identified in the DHCP Client service that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

New non-security content

  • Update for Windows XP (KB916595)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Catalog
    Classification: High priority update, non-security
    Target platforms: Microsoft Windows XP Service Pack 2
    Approximate file sizes: ~611 KB
    Description:
    This is a reliability update for Windows XP computers. Install this update to prevent an issue in which you may receive a "Stop 0xD" error message on a computer that is running Windows XP Service Pack 2. The error may occur during startup, or after the system has started. After you install this item, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    916595 Stop error message on a Windows XP-based computer: "STOP 0x000000D1"

  • Windows Malicious Software Removal Tool - July 2006 (KB890830) / Windows Malicious Software Removal Tool - July 2006 (KB890830) - Internet Explorer version

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, and WSUS
    Classification: High priority, non-security, update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Non-Internet Explorer version update: ~832 KB
    • Internet Explorer version update: ~2600 KB

    Description:
    After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection found. If an infection is found, the tool will display a status report the next time that you start your computer. A new version of the tool will be offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool does not replace an antivirus product. To help protect your computer, you should use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Changes to existing non-security content

  • Update for Windows (KB904942)
    • Updated IsInstallable logic based on feedback from Internet Explorer.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    904942 Authentication fails when you use Outlook or Outlook Express to try to log on to a HTTP-based mail server if you use Internet Explorer version 7.0

Tuesday, June 27, 2006

New non-security content

  • Update for Windows (KB913670)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, and SUS 1.0
    Classification: High priority update, nonsecurity
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~52 KB
    • Windows XP update: ~55 KB
    • Windows Server 2003 update: ~55 KB
    • Windows Server 2003 IA-64 update: ~64 KB
    • Windows Server 2003 and Windows XP x64 update: ~56 KB

    Description:
    Australia changed the regularly scheduled end of daylight saving time (DST) in five states because of the 2006 Commonwealth Games. Microsoft issued an update to adjust those settings. This update will return your computer to the correct DST settings for those time zones by removing the previous update. After you run this item, you may have to restart your computer.

  • Network Diagnostic Tool (KB914440)

    Locale: All
    Deployment: Windows Update, Microsoft Update, WSUS, and Dynamic Update
    Classification: Tools, nonsecurity
    Target platforms: Microsoft Windows XP Service Pack 2 with Internet Explorer 7 Beta1, Beta2, or Beta3
    Approximate file sizes: ~649 KB
    Description:
    The Network Diagnostics for Windows XP tool analyzes information about the network connectivity to help you troubleshoot network-related problems with your computer. Typically, you will do this together with a support professional, either on the telephone or over the Internet. After you install this item, you may have to restart your computer.
  • Windows Genuine Advantage Notification (KB905474)

    Locale: All
    deployment: Windows Update, Microsoft Update, and Automatic Updates
    Classification: High priority update, nonsecurity
    Target platforms: Microsoft Windows XP
    Approximate file sizes: ~1024 KB
    Description:
    The Windows Genuine Advantage Notification tool notifies you if your copy of Windows is not genuine. If the system is found to be a non-genuine, the tool will help you obtain a licensed copy of Windows.

Changes to existing security content

  • MS06-020: Security Update for Flash Player (KB913433)
    • Updated detection to prevent continuous reoffering and install failures.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913433 MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution

  • MS06-025: Security Update for Windows (KB911280)
    • Updated binaries.
    • This update will not be reoffered and does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911280 MS06-025: Vulnerability in Routing and Remote Access could allow remote code execution

Changes to existing non-security content

  • Critical Update for Windows (KB833407)
    • Added the targets to support Windows Server 2003 Service Pack 1 and any operating system and future service pack that contains the bad font.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    833407 A critical update is available to remove unacceptable symbols from the Bookshelf Symbol 7 font

  • Windows Server Update Services Service Pack 1 (KB919004)
    • Added Auto Update support.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    919004 Description of Windows Server Update Services Service Pack 1

Tuesday, June 13, 2006

New security content

  • MS06-021: Cumulative Security Update for Internet Explorer (KB916281)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 5.01 Service Pack 4 for Windows 2000, Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP, Internet Explorer 6 Service Pack 1 for Windows 98 Second Edition and Windows Millennium Edition
    Approximate file sizes:

    • Internet Explorer 6 Service Pack 1 for Windows 98 Second Edition and Windows Millennium Edition Update: ~3684 KB
    • Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP update: ~4089 KB
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 Update: ~3072 KB
    • Windows XP update: ~4501 KB
    • Windows Server 2003 update: ~6865 KB
    • Windows Server 2003 IA-64 Update: ~46174 KB
    • Windows Server 2003 / Windows XP x64 Update: ~19894 KB

    Description:
    Security issues have been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-022: Security Update for Internet Explorer (KB918439)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP, Internet Explorer 6 Service Pack 1 for Windows 98 Second Edition and Windows Millennium Edition
    • Important: Internet Explorer 5.01 Service Pack 4 for Windows 2000

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 5.01 Service Pack 4 for Windows 2000, Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP, Internet Explorer 6 Service Pack 1 for Windows 98 Second Edition and Windows Millennium Edition
    Approximate file sizes:

    • Internet Explorer 6 Service Pack 1 for Windows 98 Second Edition and Windows Millennium Edition Update: ~177 KB
    • Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP update: ~558 KB
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 Update: ~558 KB
    • Windows XP update: ~554 KB
    • Windows Server 2003 update: ~554 KB
    • Windows Server 2003 IA-64 Update: ~1007 KB
    • Windows Server 2003 / Windows XP x64 Update: ~725 KB

    Description:
    A security issue has been identified in the way ART images are handled that could allow an attacker to compromise a computer that is running Microsoft Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-023: Security Update for Windows (KB917344) / Security update for (Jscript Version 5.1) for Windows 2000 (KB917344)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical: Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition
    • Moderate: Microsoft Windows Server 2003

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition
    Approximate file sizes:

    • Windows 98 Second Edition / Windows Millennium Edition Update: ~328 KB
    • Windows 2000 update: ~659 KB
    • Windows XP update: ~747 KB
    • Windows Server 2003 update: ~795 KB
    • Windows Server 2003 IA-64 Update: ~2113 KB
    • Windows Server 2003 / Windows XP x64 Update: ~1200 KB

    Description:

    • Windows 98 Second Edition / Windows Millennium Edition Update:
      A security issue has been identified in the Windows Script Host that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. After you have installed this item, it cannot be removed.
    • Others:
      A security issue has been identified in the Windows Script Host that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
  • MS06-023: Security update for (Jscript Version 5.6) for Windows 2000 (KB917344)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical

    Target platforms: Microsoft Windows 2000
    Approximate file sizes: ~336 KB
    Description:
    A security issue has been identified in the Windows Script Host that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. After you have installed this item, it cannot be removed.

  • MS06-024: Security Update for Windows Media Player (KB917734)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical: Windows Media Player 10 (all versions), Windows Media Player 9 (all versions)
    • Important: Windows Media Player for XP, Windows Media Player 7.1

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition
    Approximate file sizes:

    • Windows Media Player 10 for Windows XP update: ~2493 KB
    • Windows Media Player 9 for the original release version of Windows Server 2003 / Windows XP / Windows 2000 Update: ~2242 KB
    • Windows Media Player 8 for Windows XP Service Pack 1 Update: ~953 KB
    • Windows Media Player 7.1 for Windows 2000 Update: ~867 KB
    • Windows Media Player 9 for Windows 98 Second Edition / Windows Millennium Edition Update: ~1903 KB
    • Windows Server 2003 Service Pack 1 Update: ~2336 KB
    • Windows Server 2003 / Windows XP x64 Update: ~4380 KB

    Description:
    A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Windows Media Player and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-025: Security Update for Windows (KB911280)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical: Microsoft Windows XP, Microsoft Windows 2000
    • Important: Microsoft Windows Server 2003

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~907 KB
    • Windows XP update: ~1068 KB
    • Windows Server 2003 update: ~594 KB
    • Windows Server 2003 IA-64 Update: ~1351 KB
    • Windows Server 2003 / Windows XP x64 Update: ~829 KB

    Description:
    A remote code execution security issue has been identified in the Routing and Remote Access service that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-026: Security Update for Windows (KB918547)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical

    Target platforms: Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition
    Approximate file sizes:

    • Windows 98 Second Edition Update: ~148 KB
    • Windows Millennium Edition Update: ~153 KB

    Description:
    A security issue has been identified in the Microsoft Graphics Rendering Engine that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect the system by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-030: Security Update for Windows (KB914389)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Important

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: ~1198 KB
    • Windows XP update: ~973 KB
    • Windows Server 2003 update: ~955 KB
    • Windows Server 2003 IA-64 Update: ~2258 KB
    • Windows Server 2003 / Windows XP x64 Update: ~1178 KB

    Description:
    A local elevation of privilege security issue has been identified in the Server Message Block that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-031: Security Update for Windows 2000 (KB917736)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Moderate

    Target platforms: Microsoft Windows 2000
    Approximate file sizes: ~684 KB
    Description:
    A security issue has been identified in Windows-based systems that could allow an attacker to impersonate a valid client when they access resources that require certificate authentication over RPC. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

  • MS06-032: Security Update for Windows (KB917953)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Important: Microsoft Windows Server 2003, Microsoft Windows Server 2003 IA-64, Microsoft Windows XP, Microsoft Windows 2000
    • Moderate: Microsoft Windows Server 2003, Microsoft Windows XP x64

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 Update: ~623 KB
    • Windows XP update: ~771 KB
    • Windows Server 2003 update: ~863 KB
    • Windows Server 2003 IA-64 Update: ~2103 KB
    • Windows Server 2003 / Windows XP x64 Update: ~1143 KB

    Description:
    A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

New non-security content

  • Update for Windows (KB914784)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: High priority, nonsecurity
    Target platforms: Microsoft Windows Server 2003 x64 Edition, Microsoft Windows XP x64 Edition
    Approximate file sizes: ~7533 KB
    Description:
    Install this update to improve kernel patch protection. Kernel patch protection in versions of Windows for x64-based systems protects code and critical structures in the Windows kernel from modification by unknown code or data. After you install this item, you may have to restart your computer.
  • Windows Malicious Software Removal Tool - June 2006 (KB890830)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS
    Classification: High priority, nonsecurity, update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes: ~2104 KB
    Description:
    After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection found. If an infection is found, the tool will display a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool does not replace an antivirus product. To help protect your computer, you should use an antivirus product.

Changes to existing security content

  • MS06-011: Security Update for Windows XP (KB914798)

    Approximate file sizes: ~477 KB
    • Updated binaries.
    • This update will be reoffered and should be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    914798 MS06-011: Permissive Windows services DACLs could lead to elevation of privilege

  • MS06-018: Security Update for Windows (KB913580)
    • Binaries have not changed.
    • This update does not have to be reinstalled.
    • Updated Windows Update description to resolve discrepancies with the MSRC security bulletin.

    Description:
    A security issue has been identified in Windows-based systems that could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913580 MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator could allow denial of service

  • MS03-008: 814078: Security Update (Microsoft Jscript version 5.1, Windows 2000) / 814078: Security Update (Microsoft Jscript version 5.6, Windows 2000, Windows XP)
    • Updated detection to prevent this update from offering after "Security update for (Jscript Version 5.1) for Windows 2000 (917344)" / "Security update for (Jscript Version 5.6) for Windows 2000 (917344)" is installed.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    814078 MS03-008: Flaw in Windows Script Engine may allow code to run

Changes to existing non-security content

  • Critical Update for Windows Media Player Script Commands (KB828026)
    • Updated detection to prevent this update from offering after "Security Update for Windows Media Player 9 for Windows 98 and Windows ME (917734)" is installed.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    828026 Update for Windows Media Player URL script command behavior

Wednesday, June 7, 2006

New non-security content

  • Windows Server Update Services Service Pack 1 (KB919004)

    Deployment: Windows Update Web site, Microsoft Update Web site, and WSUS 1.0
    Classification: Service packs, nonsecurity
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows 2000 (applies only to x86 platforms)
    Approximate file sizes: ~61083 KB
    Description:
    Windows Server Update Services Service Pack 1 (WSUS SP1) delivers updates for WSUS. This service pack includes support for Microsoft SQL Server 2005 and the forthcoming Windows Vista operating system, and provides additional stability and performance improvements. This service pack contains the WSUS full product and SP1. Systems with WSUS installed will install only the service pack, while systems without WSUS installed, will have both WSUS and SP1 installed by this service pack. The WSUS with SP1 package is approximately 160 MBs in size. After you install this item, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    919004 Description of Windows Server Update Services Service Pack 1

Tuesday, May 23, 2006

New non-security content

  • Windows Genuine Advantage Validation Tool (KB892130)

    Deployment: Windows Update Web site, Microsoft Update Web site
    Classification: High priority update, nonsecurity
    Target platforms: Microsoft Windows XP
    Approximate file sizes: 727 KB
    Description:
    The Windows Genuine Advantage Validation Tool enables you to verify that a copy of Microsoft Windows is genuine. The tool validates a Windows installation by checking Windows Product Identification and Product Activation status.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    892130 Description of Windows Genuine Advantage (WGA)

Changes to existing non-security content

  • The Microsoft .NET Framework 2.0 Language Pack (KB829019)
    • Removed the duplicate sentence for the non-English locales.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    829019 Benefits of the Microsoft .NET Framework

  • Update for Windows Server 2003 (904942)
    • Approximate file sizes:
      • Windows Server 2003 update: 513 KB
      • Windows Server 2003 IA-64 Update: 1034 KB
      • Windows Server 2003 / Windows XP x64 Update: 741 KB
    • Updated binaries.
    • This update will be reoffered and should be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    904942 Authentication fails when you use Outlook or Outlook Express to try to log on to a HTTP-based mail server if you use Internet Explorer version 7.0

Thursday, May 11, 2006

New security content: None

New non-security content: None

Changes to existing security content:

MS06-020: Security update for Flash Player (KB913433)

  • Updated detection metadata to prevent the update from being offered to systems where Flash8a.ocx or Flash9.ocx (Beta) are installed.
  • Binaries have not changed.
  • This update does not have to be reinstalled.

Changes to existing non-security content: None

Tuesday, May 9, 2006

New security content

  • MS06-020: Security Update for Flash Player (KB913433)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Windows Automatic Updates feature, WSUS 1.0, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical

    Target platforms: Microsoft Windows XP Professional x64 Edition, Microsoft Windows XP, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition
    Approximate file sizes: 543 KB

    A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system by using a vulnerable version of the Flash Player and to gain control over the system. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913433 MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution

  • MS06-018: Security Update for Windows (KB913580)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Windows Automatic Updates feature, WSUS 1.0, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Moderate: Microsoft Windows 2000
    • Low: Microsoft Windows Server 2003, Microsoft Windows XP

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes:

    • Windows 2000 update: 5343 KB
    • Windows XP update: 1277 KB
    • Windows Server 2003 update: 1165 KB
    • Windows Server 2003 IA-64 Update: 3575 KB

    A security issue has been identified in the Microsoft Distributed Transaction Controller service that could allow an attacker to compromise a Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913580 MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator could allow denial of service

New non-security content

  • Windows Malicious Software Removal Tool – May 2006 (KB890830)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Windows Automatic Updates feature, and WSUS 1.0
    Classification: High priority, nonsecurity, update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes: 2104 KB

    After the download, this tool runs one time to examine a computer for infection by specific, prevalent malicious software and helps remove any infection that is found. (This malicious software includes Blaster, Sasser, and Mydoom.) If an infection is found, the tool displays a status report the next time that you start the computer. A new version of the tool is offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center or run an online version from the Microsoft.com Web site. This tool does not replace an antivirus product. To help protect your computer, you should use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Tuesday, April 25, 2006

New security content

There is no new security content at this point.

New non-security content

  • Update for Windows XP (KB900485)

    Locale: All
    Deployment: Windows Update and Microsoft Update Web site (Windows Update, Microsoft Update), Windows Automatic Updates feature, WSUS 1.0, and Windows Update Catalog
    Classification: High priority, nonsecurity
    Target platforms: Microsoft Windows XP
    Approximate File Size: ~585 KB

    Install this update to prevent an issue in which you may receive a "stop 0x7e in AEC.SYS" error message on a computer that is running Windows XP Service Pack 2. The error may occur during startup or after the system has started. Aec.sys is the acoustic echo canceling driver. After you install this item, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    900485 Error message in Windows XP Service Pack 2: "Stop 0x7E"

  • Windows Desktop Search 2.6.5

    Locale: All
    Deployment: Windows Update and Microsoft Update Web site (Windows Update, Microsoft Update), Windows Automatic Updates feature, WSUS, and Windows Update Catalog
    Classification: Update, nonsecurity
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP
    Approximate File Size: ~4374 KB

    Windows Desktop Search (WDS) helps you find almost anything on your computer and on your networked drives. These things include e-mail messages, calendar appointments, documents, and more. Searching your computer is now as fast and easy as searching the Web. After you install this item, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911993 Microsoft Windows Desktop Search 2.6.5

  • Update for Windows XP Media Center Edition 2005

    Locale: All
    Deployment:Windows Update and Microsoft Update Web site (Windows Update, Microsoft Update), Windows Automatic Updates feature, WSUS 1.0, and Windows Update Catalog
    Classification: High priority update, nonsecurity
    Target platforms: Microsoft Windows XP Media Center Edition 2005
    Approximate File Size: ~8043 KB

    Install this update to address digital rights management (DRM) protected content failures that occur after you install Update Rollup 2 for Windows XP Media Center Edition 2005 (900325). After you install this update, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913800 FIX: Windows Media Digital Rights Manager protected files may not correctly play back on Windows XP Media Center Edition 2005-based computers that have Update Rollup 2 installed

  • Update for LIP SP2 MUI Resource Loading

    Locale: English
    Deployment:Windows Update and Microsoft Update Web site (Windows Update, Microsoft Update), Windows Automatic Updates feature, WSUS, and Windows Update Catalog
    Classification: Update, nonsecurity
    Target platforms: Microsoft Windows XP Starter Edition Service Pack 2
    Approximate File Size: ~490 KB

    Install this update to enable the MUI resource to continue to load if the version of the base DLL has changed. This update targets customers who have installed the Language Interface Pack on Windows XP Service Pack 2. After you install this item, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913808 The embedded resource version of the LIP MUI files is incorrect in Windows XP Starter Edition

  • Update Rollup for Windows XP Media Center 2005

    Locale: All
    Deployment:Windows Update and Microsoft Update Web site (Windows Update, Microsoft Update), Windows Automatic Updates feature, WSUS, and Windows Update Catalog
    Classification: Update, nonsecurity
    Target platforms: Microsoft Windows XP Media Center Edition 2005
    Approximate File Size: ~3514 KB

    Microsoft has released Update Rollup 914548. This update is intended for systems that are running Update Rollup 2 for Microsoft Windows XP Media Center Edition 2005. This update rollup is cumulative and supersedes security update 908250 and security update 912067. For more information about this Update Rollup, see Microsoft Knowledge Base article 914548. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    914548 April 2006 Update Rollup for Windows XP Media Center Edition 2005

  • Windows Genuine Advantage Notification

    Locale: English - Chicago, Minneapolis, Omaha, New Zealand, Australia, United Kingdom and Malaysia.
    Deployment:Windows Update and Microsoft Update Web site and Windows Automatic Updates feature
    Classification: High priority update, nonsecurity
    Target platforms: Microsoft Windows XP
    Approximate File Size: ~849 KB

    The Windows Genuine Advantage Notification tool notifies you if your copy of Windows is not genuine. If the system is found to be a non-genuine, the tool will help you obtain a licensed copy of Windows. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    905474 Description of the Windows Genuine Advantage Notifications application

  • Windows Movie Maker Utility for Windows XP Home Edition N and Windows XP Professional N

    Locale: All
    Deployment:Windows Update and Microsoft Update Web site
    Classification: Update, nonsecurity
    Target platforms: Microsoft Windows XP
    Approximate File Size: ~480 KB

    Installation of the Windows Movie Maker Utility will enable users of Windows XP Home Edition N and Windows XP Professional N to access Windows Movie Maker. After you install this item, you may have to restart your computer. After you install this item, it cannot be removed.

Changes to existing Security content:



MS06-015: Security Update for Windows (KB908531)

  • Approximate file sizes:
    • Windows 2000 Update: ~1247 KB
    • Windows XP update: ~4659 KB
    • Windows Server 2003 update: ~4068 KB
    • Windows Server 2003 IA-64 Update: ~26853 KB
    • Windows Server 2003 / Windows XP x64 Update: ~12468 KB
  • Updated binaries
  • This update will be reoffered and should be reinstalled.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

908531 Vulnerability in Windows Explorer Could Lead to Remote Code Execution


Changes to existing Non-Security content:

Windows XP Service Pack 2

  • Added detectoid to prevent Chinese Hong Kong and Chinese Traditional XP SP2 packages from being offered at the same time to systems that have the Chinese Traditional operating system installed.
  • Binaries have not changed.
  • This update does not have to be reinstalled.

Tuesday, April 11, 2006

New security content

  • MS06-015: Security Update for Windows (KB908531)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: ~1218 KB
    • Windows XP update: ~4550 KB
    • Windows Server 2003 update: ~3973 KB
    • Windows Server 2003 IA-64 update: ~26224 KB
    • Windows Server 2003 and Windows XP x64 update: ~12176 KB

    A security issue has been identified in Windows Explorer that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    908531 MS06-015: Vulnerability in Windows Explorer could lead to remote code execution

  • MS06-017: Security Update for Windows (KB908981)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating: Moderate
    Target platform: Microsoft Windows Server 2003
    Approximate file sizes:
    • Windows Server 2003 update: ~1623 KB
    • Windows Server 2003 IA-64 update: ~11929 KB

    A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system that uses Microsoft Front Page Server Extensions and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    908981 Description of the security update for FrontPage 2002 Server Extensions for Microsoft Windows Server 2003-based computers: April 11, 2006

  • MS06-014: Security Update for Windows (KB911562)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:
    • Critical for Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, and Microsoft Windows 98 Second Edition
    • Moderate for Microsoft Windows Server 2003

    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, and Microsoft Windows 98 Second Edition
    Approximate file sizes:

    • Windows 98 Second Edition update and Windows Millennium Edition update:
      • Microsoft Data Access Components 2.8 RTM: ~1835 KB
      • Microsoft Data Access Components 2.8 SP1: ~815 KB
    • Windows 2000 Update:
      • Microsoft Data Access Components 2.5 SP3: ~2087 KB
      • Microsoft Data Access Components 2.7 SP1: ~2765 KB
      • Microsoft Data Access Components 2.8 RTM: ~2626 KB
      • Microsoft Data Access Components 2.8 SP1: ~1601 KB
    • Windows XP update: ~545 KB
    • Windows Server 2003 update: ~584 KB
    • Windows Server 2003 IA-64 Update: ~1249 KB
    • Windows Server 2003 and Windows XP x64 update: ~794 KB

    A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system using Microsoft Data Access Components and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911562 MS06-014: Vulnerability in Microsoft Data Access Components (MDAC) function could allow code execution

  • MS06-016: Cumulative Security Update for Outlook Express (KB911567)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating: Important
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Outlook Express 5.5 Service Pack 2 for Windows 2000, and Outlook Express 6 Service Pack 1 for Windows 2000 and Windows XP
    Approximate file sizes:
    • Outlook Express 5.5 Service Pack 2 for Windows 2000: ~1466 KB
    • Outlook Express 6 Service Pack 1 for Windows 2000 and Windows XP: ~2312 KB
    • Windows XP update: ~1546 KB
    • Windows Server 2003 update: ~2148 KB
    • Windows Server 2003 IA-64 update: ~15716 KB
    • Windows Server 2003 and Windows XP x64 update: ~5831 KB

    A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system that uses Outlook Express and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911567 MS06-016: Cumulative Security Update for Outlook Express

  • MS06-013: Cumulative Security Update for Internet Explorer (KB912812)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating: Critical
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, Internet Explorer 5.01 Service Pack 4 for Windows 2000, Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP, and Internet Explorer 6 Service Pack 1 for Windows 98 and Windows Millennium Edition
    Approximate file sizes:
    • Internet Explorer 6 Service Pack 1 for Windows 98 and Windows Millennium Edition update: ~3576 KB
    • Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP update: ~4079 KB
    • Internet Explorer 5.01 Service Pack 4 for Windows 2000 update: ~3139 KB
    • Windows XP update: ~4910 KB
    • Windows Server 2003 update: ~7494 KB
    • Windows Server 2003 IA-64 update: ~44839 KB
    • Windows Server 2003 and Windows XP x64 Update: ~19388 KB

    Security issues have been identified that could allow an attacker to remotely compromise a computer that is running Internet Explorer and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912812 MS06-013: Cumulative security update for Internet Explorer

New non-security content

  • Windows Malicious Software Removal Tool - April 2006 (KB890830)

    Locale: All
    Deployment: Windows Update Web site, Microsoft Update Web site, Automatic Updates, WSUS
    Classification: high priority, nonsecurity, update rollup
    Target platforms: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000

    After you download this tool, it runs one time to check your computer for infection by specific, prevalent malicious software. This malicious software includes Blaster, Sasser, and Mydoom. This tool helps remove any infection that it finds. If it finds an infection, the tool displays a status report the next time that you start the computer. A new version of the tool is offered each month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center. You can also run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect the computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Changes to existing security content

  • MS05-004: Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903)
    • Added specific 64-bit platforms: Windows Server 2003 IA-64 Service Pack 1, Windows Server 2003 x64 RTM, and Windows XP x64 RTM
    • Binaries have not changed.
    • Updated detection to offer this update on the 64-bit platforms
    • This update does not have to be reinstalled, except on the 64-bit platforms.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    886903 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.1 Service Pack 1

  • MS06-005: Security Update for Windows Media Player 10 for Windows XP (KB911565)
    • Approximate file sizes: ~2497 KB
    • Updated binaries
    • This update will be reoffered and should be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911565 MS06-005: Vulnerability in Windows Media Player could allow remote code execution

  • MS05-030: Security Update for Outlook Express (KB897715)
    • Updated detection to remove the dependency on security update 823353.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    897715 MS05-030: Vulnerability in Outlook Express could allow remote code execution

  • MS04-032: Security Update for Windows (KB840987)
    • Removed security update 328310 and security update 815021 from the superseded items list.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    840987 MS04-032: Security update for Microsoft Windows

  • MS04-018: Cumulative Security Update for Outlook Express (KB823353)
    • Updated detection to prevent reoffering after security update 911567 has been installed.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    823353 MS04-018: Cumulative security update for Outlook Express

Changes to existing non-security content

  • Update for Windows (KB904942)
    • Approximate file sizes:
      • Windows 2000 update: ~739 KB
      • Windows XP update: ~501 KB
      • Windows Server 2003 update: ~512 KB
      • Windows Server 2003 IA-64 update: ~1035 KB
    • Updated binaries
    • Add support for WSUS.
    • This update will be reoffered and should be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    904942 Authentication fails when you use Outlook or Outlook Express to try to log on to a HTTP-based mail server if you use Internet Explorer version 7.0

Tuesday, March 28, 2006

New security content: None

New non-security content

  • Microsoft .NET Framework 1.1 Service Pack 1 for x64-based computers and Itanium-based computers


Locale: All x64-based computers and Itanium-based computers
Deployment: Windows Update and Microsoft Update Web site (Windows Update, Microsoft Update), Windows Automatic Updates feature, WSUS
Classification: High priority, nonsecurity, service pack
Target platforms: Microsoft Windows Server 2003, x64-based versions, Microsoft Windows Server 2003,Itanium-based versions, Microsoft Windows XP Professional x64 Edition

Microsoft .NET Framework 1.1 Service Pack 1 resolves various issues found after the initial release of .NET Framework 1.1. These issues include both security-related and non-security-related issues. After you install this service pack, you may have to restart the computer. You cannot remove this service pack.

Changes to existing security content: None

Changes to existing non-security content

  • Update for Windows (KB904942)
    • Added this update to the new Microsoft Internet Explorer 7 Dynamic Setup Category and added detection to allow for the selective application of this update during the Microsoft Internet Explorer 7 installation process
    • Binaries have not changed
    • This update does not have to be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    904942 Authentication fails when you use Outlook or Outlook Express to try to log on to a HTTP-based mail server if you use Internet Explorer version 7.0

Tuesday, March 14, 2006

New security content

  • MS06-011: Security Update for Windows Server 2003 (KB914798) and Security Update for Windows XP (KB914798)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, SUS 1.0, and Windows Update Catalog
    Classification: Security update
    Security severity rating:

    Important: Windows XP

    Moderate: Windows Server 2003

    Target platforms: Windows Server 2003 and Windows XP
    Approximate file sizes: 500 KB

    A security issue has been identified in Windows-based systems that could allow an attacker to compromise the system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart your computer. After you have installed this update, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    914798 MS06-011: Permissive Windows services DACLs could lead to elevation of privilege

New non-security content

  • Windows Malicious Software Removal Tool - March 2006 (KB890830)
    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS
    Classification: High priority, nonsecurity, update rollup
    Target platforms: Windows Server 2003, Windows XP, Windows 2000

    A security issue has been identified in Windows-based systems that could allow an attacker to compromise a system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. After you have installed the update, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Changes to existing security content: None

Changes to existing non-security content

  • Update for Windows (KB912475)
    • Now available to WSUS
    • Binaries have not changed
    • This update does not have to be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912475 Australian daylight saving time 2006 update for environments that do not use Exchange Server has now expired

  • Update for Windows XP Media Center Edition 2005 (KB910393)
    • Updated binaries
    • This update will be reoffered and should be reinstalled

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    910393 FIX: Protected content may no longer play after you install Update Rollup 2 for Windows XP Media Center Edition 2005

Tuesday, February 28, 2006

New nonsecurity content

  • Update for Windows (KB912945)

    Locale: All
    Deployment: Windows Update and Microsoft Update
    Classification: Optional update
    Target operating systems: Microsoft Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1
    Approximate file sizes: 4,800 kilobytes ()

    This update includes minor changes to how Microsoft Internet Explorer handles some Web pages that use Microsoft ActiveX controls. Certain Web pages require users to manually enable ActiveX controls by clicking the control or by pressing TAB or ENTER. This update contains all previously released security updates. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912945 Internet Explorer ActiveX update

  • Update for Windows (KB904942)

    Locale: All
    Deployment: Windows Update and Microsoft Update
    Classification: Optional update
    Target operating systems: Microsoft Windows XP with Service Pack 2 and Microsoft Windows Server 2003 with Service Pack 1
    Approximate file sizes: 500 KB

    Install this update to resolve HTTP authentication issues on Windows-based systems that do not appear until Microsoft Internet Explorer 7 is installed. After you install this item, you may have to restart your computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    904942 Authentication fails when you use Outlook or Outlook Express to try to log on to a HTTP-based mail server if you use Internet Explorer version 7.0

  • Update for Windows (KB912475)

    Locale: English
    Deployment: Windows Update and Microsoft Update
    Classification:
    • High priority update for Australian time zone only
    • Optional update for all others

    Target operating systems: Microsoft Windows XP with Service Pack 2 and Microsoft Windows Server 2003 with Service Pack 1
    Approximate file sizes: 500 KB

    Australia has changed the regularly scheduled end of daylight saving time in five Australian states from March 2006 to the first Sunday of April 2006. This change is because of the 2006 Commonwealth Games. Install this update to enable a computer to automatically adjust the computer clock on the correct date. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912475 Australian daylight saving time 2006 update for environments that do not use Exchange Server has now expired

  • Microsoft .NET Framework 2.0 Language Packs (KB829019)

    Locale: All locales except German and Japanese locales. These locales were released previously.
    Deployment: Windows Update, Microsoft Update, and WSUS
    Classification: Update and nonsecurity
    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes: 970 KB

    The Microsoft .NET Framework version 2.0 improves scalability and performance by using improved caching, software installation, and ClickOnce updating. This update supports the broadest array of browsers and devices that have ASP.NET 2.0 controls and services. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    829019 Benefits of the Microsoft .NET Framework

  • Windows Genuine Advantage Notification (KB905474)

    Locale: Czech, Danish, Hebrew, Polish, and Chinese-Traditional
    Deployment: Windows Update, Microsoft Update, and Automatic Updates
    Classification: High priority update and nonsecurity
    Target operating systems: Microsoft Windows XP
    Approximate file sizes: 1,000 KB

    The Windows Genuine Advantage Notification tool notifies you if a copy of Windows is not genuine. If a system is found to be a non-genuine, the tool helps you obtain a licensed copy of Windows. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    905474 Description of the Windows Genuine Advantage Notifications application

  • Windows Genuine Advantage Validation Tool - Re-release (KB892130)

    Locale: All
    Deployment: Windows Update and Microsoft Update
    Classification: High priority update, nonsecurity, and mandatory
    Target operating systems: Microsoft Windows XP
    Approximate file sizes: 700 KB

    The Windows Genuine Advantage Validation Tool enables you to verify that a copy of Microsoft Windows is genuine. The tool validates a Windows installation by checking Windows Product Identification and Product Activation status. After you install this item, you may have to restart the computer. As soon as you have installed this item, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    892130 Description of Windows Genuine Advantage (WGA)

  • Update for Windows XP Media Center Edition 2005 (KB913437)

    Locale: Korean
    Deployment: Windows Update and Microsoft Update
    Classification: Optional update
    Target operating systems: Microsoft Windows XP Media Center Edition 2005
    Approximate file sizes: 500 KB

    With this update, Online Spotlight will accept input from the keyboard. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913437 HTML programs do not support non-English keyboard characters on a computer that is running the Korean version of Windows XP Media Center Edition 2005

  • Update for Windows XP Media Center Edition 2005 (KB912024)

    Locale: All
    Deployment: Windows Update and Microsoft Update
    Classification: Optional update
    Target operating systems: Microsoft Windows XP Media Center Edition 2005
    Approximate file sizes: 500 KB

    Install this update to receive the latest infrared receiver support for keyboards and remotes for Media Center Edition 2005. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912024 Update Rollup 2 for eHome Infrared Receiver for Windows XP Media Center Edition 2005

  • Root Certificates Update (Rerelease)


    Locale: All
    Deployment: Windows Update and Microsoft Update
    Classification: Optional update
    Target operating systems: Microsoft Windows 2000
    Approximate file sizes: 200 KB

    This item updates the list root certificates on a computer to the latest list that is accepted by Microsoft as part of the Microsoft Root Certificate Program. When you add more root certificates to a computer, you enable a larger range of security enhanced Web browsing, encrypted e-mail, and security enhanced code delivery applications to work seamlessly. After you install this item, you may have to restart the computer.

Changes to existing security content

  • MS06-005: Security Update for Windows Media Player 7.1 for Windows 2000 (KB911565)
    • Updated detection to prevent offering of this update to Microsoft Windows Media Player 7.0.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911565 MS06-005: Vulnerability in Windows Media Player could allow remote code execution

Tuesday, February 14, 2006--post-release update

Changes to existing security content

  • MS06-007: Security Update for Windows - WSUS only (KB913446)
    • Updated metadata to address reported installation failure.
    • The binary files have not changed.
    • You do not have to reinstall this update if you successfully installed it earlier.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913446 MS06-007: Vulnerability in TCP/IP could allow denial of service

Tuesday, February 14, 2006

New security content

  • MS06-004: Cumulative Security Update for Internet Explorer (KB910620)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating:
    • Critical

    Target operating systems: Internet Explorer 5.01 Service Pack 4 for Windows 2000
    Approximate file sizes:

    • Windows 2000 Update: 3100 kilobytes ()

    A security issue has been identified that could enable an attacker to remotely compromise a system that is running Internet Explorer and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    910620 MS06-004: Cumulative security update for Internet Explorer

  • MS06-005: Security Update for Windows Media Player (KB911565)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating:
    • Critical: Microsoft Windows Media Player 9 and Windows Media Player 10
    • Important: Windows Media Player 7 and Windows Media Player 8

    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition
    Approximate file sizes:

    • Windows Media Player 7, if applicable: 900 KB
    • Windows Media Player 8, if applicable: 1000 KB
    • Windows Media Player 9, if applicable: 2300 KB
    • Windows Media Player 10, if applicable: 2500 KB

    A security issue has been identified that could enable an attacker to remotely compromise a Windows-based system using Windows Media Player and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911565 MS06-005: Vulnerability in Windows Media Player could allow remote code execution

  • MS06-006: Security Update for Windows Media Player Plug-in (KB911564)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating: Important
    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000
    Approximate file sizes: 600 KB

    A security issue has been identified that could enable an attacker to remotely compromise a Windows-based system using the Windows Media Player Plug-in and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911564 MS06-006: Vulnerability in Windows Media Player plug-in with non-Microsoft Internet browsers could allow remote code execution

  • MS06-007: Security Update for Windows - WSUS only (KB913446)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating: Important
    Target operating systems: Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:
    • Others: 800 KB
    • Windows Server 2003 IA-64 Update: 1900 KB
    • Windows Server 2003 x64 & Windows XP x64 Updates: 1100 KB

    A security issue has been identified in Windows-based systems that could enable an attacker to cause the affected machine to stop responding to requests. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    913446 MS06-007: Vulnerability in TCP/IP could allow denial of service

  • MS06-008: Security Update for Windows (KB911927)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating:
    • Important

    Target operating systems: Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:

    • Windows Server 2003 IA-64 Update: 1400 KB
    • Others: 650 KB

    A security issue has been identified that could enable an attacker to remotely compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    911927 MS06-008: Vulnerability in WebClient could allow remote code execution

  • MS06-009: Security Update for Windows (KB901190)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating: Important
    Target operating systems: Microsoft Windows Server 2003 and Microsoft Windows XP
    Approximate file sizes:
    • Windows Server 2003 IA-64 Update: 1200 KB
    • Others: 600 KB

    A security issue has been identified that could enable an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    901190 MS06-009: Vulnerability in the Korean Input Method Editor (IME) could allow elevation of privilege

New nonsecurity content

  • Windows Malicious Software Removal Tool - February 2006 (KB890830)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, and WSUS
    Classification: High Priority, nonsecurity, update rollup
    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

    After the download, this tool runs one time to examine the computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection found. If an infection is found, the tool will display a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool does not replace an antivirus product. To help protect the computer, you should use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Changes to existing security content

  • MS03-042: Security Update for Microsoft Windows 2000 (KB826232)

    Updated detection to prevent reoffering.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    826232 MS03-042: Buffer overflow in Windows Troubleshooter ActiveX control could allow code execution

Changes to existing nonsecurity content

  • Windows SharePoint Services Language Template Pack Service Pack 2 (KB887624)

    Affected operating systems: Microsoft Windows Server 2003 x64
    Updated detection to prevent offering too many updates.
    • Binaries have not changed.
    • This update does not have to be reinstalled.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    887624 Description of Windows SharePoint Services Service Pack 2

Tuesday, January 24, 2006

New nonsecurity content

  • Protected content may no longer play after you install Update Rollup 2 for Windows XP Media Center Edition 2005 (KB910393)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: High priority, nonsecurity
    Target operating system: Windows XP Media Center Edition 2005
    Approximate file size: 1450 kilobytes ()

    Install this update to prevent Windows Media Player 10 Setup from overwriting digital rights management (DRM) files that are installed by Update Rollup 2 for Windows XP Media Center Edition 2005 (900325). After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    910393 FIX: Protected content may no longer play after you install Update Rollup 2 for Windows XP Media Center Edition 2005

  • January 2006 Update Rollup for Windows XP Media Center Edition 2005 (KB912067)

    Locale: All
    Deployment: Windows Update and Microsoft Update
    Classification: Update, nonsecurity
    Target operating system: Windows XP Media Center Edition 2005
    Approximate file size: 3060 KB

    Install this update rollup to resolve video issues in Windows XP Media Center 2005. This update rollup addresses issues that involve suspend and resume; video freezes; and black screens on computers that have Update Rollup 2 for Windows XP Media Center Edition 2005 installed. After you install this update rollup, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912067 January 2006 Update Rollup for Windows XP Media Center Edition 2005

  • Benefits of the Microsoft .NET Framework (KB829019)

    Locale: German and Japanese
    Deployment: Windows Update, Microsoft Update, and WSUS
    Classification: Update, nonsecurity
    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file size: 970 KB

    The Microsoft .NET Framework version 2.0 improves scalability and performance by providing improved caching, improved software installation and updating with ClickOnce, and improved ASP.NET 2.0 controls and services to support the broadest array of browsers and devices. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    829019 Benefits of the Microsoft .NET Framework

  • Description of the Windows Genuine Advantage Notifications application (KB905474)

    Locale: Norwegian
    Deployment: Windows Update, Microsoft Update, and Automatic Updates
    Classification: High priority update, nonsecurity
    Target operating system: Microsoft Windows XP
    Approximate file size: 940 KB

    The Windows Genuine Advantage Notification utility notifies you if your copy of Windows is not genuine. If your copy of Windows is not genuine, the tool helps you obtain a licensed copy of Windows. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    905474 Description of the Windows Genuine Advantage Notifications application

Tuesday, January 10, 2006

New security content

  • MS06-002: Vulnerability in embedded Web fonts could allow remote code execution (KB908519)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Microsoft Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating:
    • Critical: Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, and Microsoft Windows 98 Second Edition
    • Important: Microsoft Windows Server 2003

    Approximate file sizes:

    • Windows 2000 update: 565 kilobytes ()
    • Windows XP update: 584 KB
    • Windows Server 2003 (32-bit) update: 586 KB
    • Windows Server 2003 (Itanium-based) update: 1351 KB
    • Windows Server 2003 (x64-based) and Windows XP (x64-based) update: 837 KB
    • Windows 98 update: 210 KB
    • Windows Millennium Edition update: 215 KB

    A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based system and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    908519 MS06-002: Vulnerability in embedded Web fonts could allow remote code execution

New nonsecurity content

  • The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, and WSUS
    Classification: High priority, nonsecurity, update rollup
    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000

    After you download this tool, it runs one time to check the computer for infection by specific, prevalent malicious software. This software includes Blaster, Sasser, and Mydoom. The tool also helps remove any infection that it finds. If the tool finds an infection, the tool displays a status report the next time that you start the computer. We offer a new version of this tool every month. If you want to manually run the tool, you can download a copy from the Microsoft Download Center. You can also run an online version on the microsoft.com Web site. This tool does not replace an antivirus product. To help protect the computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

Changes to existing security content

  • MS05-052: Cumulative security update for Internet Explorer (KB896688)
    • Updated detection that affects only SUS 1.0 to resolve an issue in which this update is offered after the superceding 905915 update is installed on computers that are running Windows 2000 and the Multilingual User Interface Pack (MUI).
    • Binaries have not changed.
    • You do not have to reinstall this update.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    896688 MS05-052: Cumulative security update for Internet Explorer

  • MS05-054: Cumulative security update for Internet Explorer (KB905915)
    • Updated detection that affects only SUS 1.0 to remove an unnecessary detection string that may have caused this update to be repeatedly offered on computers that are running Windows 2000 and the Multilingual User Interface Pack (MUI).
    • Binaries have not changed.
    • You do not have to reinstall this update.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    905915 MS05-054: Cumulative security update for Internet Explorer

Thursday, January 5, 2006

New security content

  • MS06-001: Vulnerability in graphics rendering engine could allow code execution (KB912919)

    Locale: All
    Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Microsoft Update Catalog, Automatic Updates, SUS 1.0, and WSUS
    Classification: Security
    Security severity rating: Critical
    Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
    Approximate file sizes:
    • Windows 2000 update: 599 KB
    • Windows XP update: 711 KB
    • Windows Server 2003 (32-bit) update: 715 KB
    • Windows Server 2003 (Itanium-based) update: 1820 KB
    • Windows Server 2003 (x64-based) update: 1090 KB

    A remote code execution security issue has been identified in the graphics rendering engine that could allow an attacker to remotely compromise a Windows-based system and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    912919 MS06-001: Vulnerability in graphics rendering engine could allow remote code execution


REFERENCES

For more information about the description of Software Update Services and Windows Server Update Services changes in content for 2007, click the following article number to view the article in the Microsoft Knowledge Base:

894199 Description of Software Update Services and Windows Server Update Services changes in content for 2007


For more information about the description of Software Update Services and Windows Server Update Services changes in content for 2005, click the following article number to view the article in the Microsoft Knowledge Base:

918043 Description of Software Update Services and Windows Server Update Services changes in content for 2005


Keywords: kbhowto kbinfo kbsecurity KB930858