Fixlet Site - EnterpriseSecurity Current Version: 835 Published: Thu, 15 Feb 2007 03:25:13 GMT *************************************************************** Title: MS07-010: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution - ForeFront Security for Exchange Server 10 - Windows XP/2003 (x64) Severity: Critical Fixlet ID: 701006 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-010.mspx Fixlet Description: This update resolves a newly discovered, privately reported vulnerability in the Microsoft Malware Protection Engine. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. *************************************************************** Title: MS07-012: CORRUPT PATCH - Visual Studio .NET 2002 Severity: Important Fixlet ID: 701208 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx *************************************************************** Title: MS07-012: CORRUPT PATCH - Visual Studio .NET 2002 SP1 Severity: Important Fixlet ID: 701210 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx *************************************************************** Title: MS07-012: CORRUPT PATCH - Visual Studio .NET 2003 Severity: Important Fixlet ID: 701212 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx *************************************************************** Title: MS07-012: CORRUPT PATCH - Visual Studio .NET 2003 SP1 Severity: Important Fixlet ID: 701214 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Office 2000 (Local Install) Severity: Important Fixlet ID: 701301 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Office 2000. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Network Install) Severity: Important Fixlet ID: 701302 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Office 2000. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Office 2000 - Windows 9x/ME (Network Install) Severity: Important Fixlet ID: 701303 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Office 2000. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Important Fixlet ID: 701304 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Office 2000. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Office 2000 - Windows 9x/ME (Administrative Install) Severity: Important Fixlet ID: 701305 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Office 2000. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Project 2000 (Network/Local Install) Severity: Important Fixlet ID: 701322 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Project 2000. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Project 2000, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution - Office 2003 - Learning Essentials Severity: Important Fixlet ID: 701323 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Learning Essentials for Microsoft Office. This update resolves a newly-discovered, privately reported vulnerability. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: 931836: Feb. 2007 Time Zone Update - Windows XP SP1/SP2 Severity: Fixlet ID: 93183601 Fixlet Link: http://support.microsoft.com/kb/931836 Fixlet Description: Starting in the spring of 2007, daylight saving time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This patch will change affected computers' time zone data to account for the 2007 US DST change. This update will also include changes for other related DST changes, time zone behavior, and settings. Important Note: BigFix has received reports of various issues associated with the deployment of this patch. In particular, the update may cause issues with IBM Lotus Notes under certain configurations. Please take extra caution to qualify this update in a test environment prior to use in a production environment. Important Note: Microsoft recommends running the Outlook Time Zone Update tool or its Exchange counterpart as soon as possible after applying the Windows operating system time zone updates. See the Microsoft web page on the 2007 DST changes here for more information. *************************************************************** Title: 931836: CORRUPT PATCH - Windows XP SP1/SP2 Severity: Fixlet ID: 93183602 Fixlet Link: http://support.microsoft.com/kb/931836 *************************************************************** Title: 931836: Feb. 2007 Time Zone Update - Windows Server 2003 Severity: Fixlet ID: 93183603 Fixlet Link: http://support.microsoft.com/kb/931836 Fixlet Description: Starting in the spring of 2007, daylight saving time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This patch will change affected computers' time zone data to account for the 2007 US DST change. This update will also include changes for other related DST changes, time zone behavior, and settings. Important Note: BigFix has received reports of various issues associated with the deployment of this patch. In particular, the update may cause issues with IBM Lotus Notes under certain configurations. Please take extra caution to qualify this update in a test environment prior to use in a production environment. Important Note: Microsoft recommends running the Outlook Time Zone Update tool or its Exchange counterpart as soon as possible after applying the Windows operating system time zone updates. See the Microsoft web page on the 2007 DST changes here for more information. *************************************************************** Title: 931836: CORRUPT PATCH - Windows Server 2003 Severity: Fixlet ID: 93183604 Fixlet Link: http://support.microsoft.com/kb/931836 *************************************************************** Title: 931836: Feb. 2007 Time Zone Update - Windows XP/2003 (x64) Severity: Fixlet ID: 93183605 Fixlet Link: http://support.microsoft.com/kb/931836 Fixlet Description: Starting in the spring of 2007, daylight saving time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This patch will change affected computers' time zone data to account for the 2007 US DST change. This update will also include changes for other related DST changes, time zone behavior, and settings. Important Note: BigFix has received reports of various issues associated with the deployment of this patch. In particular, the update may cause issues with IBM Lotus Notes under certain configurations. Please take extra caution to qualify this update in a test environment prior to use in a production environment. Important Note: Microsoft recommends running the Outlook Time Zone Update tool or its Exchange counterpart as soon as possible after applying the Windows operating system time zone updates. See the Microsoft web page on the 2007 DST changes here for more information. *************************************************************** Title: 931836: CORRUPT PATCH - Windows XP/2003 (x64) Severity: Fixlet ID: 93183606 Fixlet Link: http://support.microsoft.com/kb/931836