Information about Today’s Bulletin Release and MS06-007 on Microsoft Update/Windows Update

Hey folks Craig here taking a step away from the Tuesday release.

So, we’ve released seven Security Bulletins today. Real quick, I wanted to give you an overview of them.

* MS06-004 only applies to IE5.01 SP4 and is rated as Critical.

* MS06-005 is rated critical and applies to Windows Media Player on Microsoft Windows.

* MS06-006 is rated Important and affects the Windows Media Player plug-in when used with Non-Microsoft Internet Browsers.

* MS06-007 is rated Important Denial of Service vulnerability in and IGMP v3 in TCP/IP.

* MS06-008 is rated Important and addresses a vulnerability in Webclient.

* MS06-009 is rated Important and affects Korean Language Input Method Editor (IME). Note that this only affects Korean Language systems and systems with East Asian Language Support installed.

* MS06-010 is rated Important and affects PowerPoint 2000 only.

I also wanted to give you some information on an issue we’re working on that is affecting the installation of MS06-007. First, I want to be clear that the update itself is fine and protects against the IGMP vulnerability: the issue only affects the installation of the update through some distribution channels. Also, the issue only affects MS06-007; no other updates are affected by this.

Our folks are investigating this and have determined that MS06-007 isn’t successfully installing when users try to install it through Automatic Updates, Windows Update, and Windows Server Update Services and through Systems Management Server 2003 when using the ITMU. The other updates are successfully installing through these channels ands: again, this is only impacting MS06-007.

The issue does not affect manually installing the update from the Download Center. It also does not affect installations through Software Update Services or through Systems Management Server when not using ITMU. Also, because this is an installation issue, it doesn’t impact MBSA at all.

We’re working hard on a solution for this and we’ll post more information on this as we have it. When we resolve this issue a new version of the ITMU will be made available to customers that includes updated logic for MS06-007.

For now, customers who encounter this issue can download and deploy the update available on the Download Center by following the links in the Security Bulletin MS06-007 or from the Windows Update Catalog.


*This posting is provided “AS IS” with no warranties, and confers no rights.*