It’s time to check Windows Update again because just a few moments ago, Microsoft has released Windows Search 4.0 to Windows Update as Recommended update for Windows XP, Windows Vista and Windows Server 2008 based computers. Windows Search 4.0 lets you perform an instant search of your computer. Windows Search 4.0 helps you find and preview documents, e-mail messages, music files, photos, and other items on the computer.
Improvements:
• Support for indexing encrypted documents of local file systems
• Reduced affect on Microsoft Exchange when you index e-mail in online mode, and there is no local cache (.ost)
• Support for indexing online delegate mailboxes
• Support for client-to-client remote query to shared indexed locations
• Improved indexing performance
• Faster previewer updates for Windows XP
• Per-user Group Policy settings
• Windows software updates for Watson errors
• You can view the complete KB article here: http://support.microsoft.com/kb/940157
Download: Vista and Windows Server 2008 (32-bit) | Windows XP (32-bit) | Vista (64-bit) | XP (64-bit)
Source Redmond Pie
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Issued: July 10, 2008
Summary
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.
* MS08-037 - Important
Bulletin Information:
* MS08-037 - Important
- http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
- Reason for Revision: V2.0 (July 10, 2008): Bulletin revised to
inform users of ZoneAlarm and Check Point Endpoint Security
of an Internet connectivity issue detailed in the section,
Frequently Asked Questions (FAQ) Related to this Security
Update. The revision did not change the security update files
in this bulletin, but users of ZoneAlarm and Check Point
Endpoint Security should read the FAQ entries for guidance.
- Originally posted: July 8, 2008
- Updated: July 10, 2008
- Bulletin Severity Rating: Important
- Version: 2.0
Source- MSMVP’s Blog
As part of Microsoft’s routine, monthly security update cycle, they released 4 new security bulletins:
- MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)
- MS08-038 - Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
- MS08-039 - Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
- MS08-040 - Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
You can view this month’s Security Bulletins Summary at their website. Visit also the MSCRC blog for further notes or details on the said security bulletins.
For information about non-security releases on Windows Update and Microsoft update, please see http://support.microsoft.com/kb/894199/en-us
Don’t forget to scan the system using Microsoft Baseline Security Analyzer (MBSA) to check for missing and mis-configured patches.
Security Updates support is free of charge. Contact MS at 1-866-CSAFETY if you are in the US or Canada. International users, please go to http://go.microsoft.com/fwlink/?LinkId=21155
Source- Donna’s Security Flash
The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder.
This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product.
Please review KB890830 for the list of malicious software that the current version of the tool is capable of removing as well as usage instructions. Also, please be aware that this tool reports anonymous information back to Microsoft in the event that an infection is found or an error is encountered. The above KB article contains information on how to disable this functionality and what specific information is sent to Microsoft.
Windows Malicious Software Removal Tool x64
Windows Malicious Software Removal Tool
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, July 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Four Microsoft Security Bulletins rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.
We are also planning to release high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS). For additional information, please see the Other Information section of the Advanced Notification.
Finally, in late July, we’ll also be releasing KB946928 which updates the infrastructure of the Windows Update client itself. For more information on this update, please visit the Microsoft Update blog.
As always, we’ll be holding the July edition of the monthly security bulletin webcast on Wednesday, July 9, 2008 at 11 a.m., Pacific Standard Time. We will review this month’s release and take your questions live on-air with answers from our panel of experts. As a friendly reminder, if you can’t make the live webcast, you can listen to it on-demand as well. You can register for the webcast here: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032374629&Culture=en-US
Source- Technet Blog
I’d like to let you know that, beginning at the end of this month and continuing over the next few months, we’ll be rolling out an infrastructure update to the Windows Update agent (client). I wanted to take this opportunity to provide some background on the update and discuss the value these updates bring to you.
How Windows Update Keeps Itself Up-to-Date
Occasionally, we must update the infrastructure of Windows Update in order to ensure a high level of service quality, reliability, and operation. As part of this process, we update both the back-end infrastructure that supports the service as well as the client side code (i.e. the Windows Update agent, or client).
So what are we doing this time? Well, this particular update won’t really change the way the client looks or feels to you, but you may notice some improvements in the length of time it takes Windows Update to scan for updates and how quickly you’ll receive signature updates. For example, in this update, we’ve invested heavily in reducing the amount of time it takes the Windows Update agent to scan to see if new updates are available. In this case, we’ve seen some instances of the scan times on some machines decreasing almost 20 percent.
Source- Microsoft update Team Blog
Microsoft is investigating public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft is aware of reports from customers who are experiencing this issue.
Upon completing the investigation, Microsoft will take appropriate action to resolve the issue within Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1.
Note The issue affecting System Center Configuration Manager 2007 first described in Microsoft Security Advisory 954474, where System Center Configuration Manager 2007 systems were blocked from deploying security updates, is separate from the issue described in this advisory.
Source- Technet
This update resolves two newly discovered vulnerabilities. These vulnerabilities are documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. We recommend that customers apply the update immediately.
Source: Microsoft Security Bulletin MS06-078
Download: Microsoft Security Bulletin MS06-078
Ankur Mittal | July 23, 2008
