June 2007 Monthly Security Bulletin Release

I’m Simon, Release Manager in the MSRC.  The June security release also marks 1 year for me here, so I figured it was high time that I should take my turn posting.


June’s release contains 6 new bulletins, 4 of which have maximum severities of “Critical”. 

  • MS07-030            Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)

  • MS07-031            Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)

  • MS07-032            Vulnerability in Windows Vista Could Allow Information Disclosure (931213)

  • MS07-033            Cumulative Security Update for Internet Explorer (933566)

  • MS07-034            Cumulative Security Update for Outlook Express and Windows Mail (929123)

  • MS07-035            Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)

 Additionally we are re-releasing two bulletins: 

  • MS07-012            Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667) (Updated to v2.0 to reflect applicability to Windows Server 2003 Service Pack 2, and explicitly noting that Platform SDK is not affected)

  • MS07-018            Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939) Updated to fix an issue whereby custom CMS2002 install paths could be reset in the registry to the default paths, as noted in KB article 924429 “known issues” section) 

Please refer to the bulletin revision notes for more detail.


We hope that the new bulletin design helps you to quickly understand the issues addressed by each bulletin.  Please see the earlier blog entry for some more background on the redesign.


Also, please join us for the regular Monthly Security Bulletin Release Technet Webcast, Wednesday June 13 11:00 AM PT (GMT -8). We’ll have an overview of the June release, and you’ll have the opportunity to ask us questions around the release.





*This posting is provided “AS IS” with no warranties, and confers no rights.*