What systems are primarily at risk from the vulnerability? This vulnerability requires that a user open a malicious XML file with an affected application for any malicious action to occur. Therefore, any systems where XML files frequently viewed, such as workstations or terminal servers, are at the most risk from this vulnerability. What does the update do?
The update addresses the vulnerability by correcting the manner in which the XML Editor resolves external entities within a Web Service Discovery. When this security bulletin was issued, had this vulnerability been publicly disclosed? Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers when this security bulletin was originally issued.
Manage the software and security updates you need to deploy to the servers, desktop, and mobile systems in your organization. Security updates are available from Microsoft Update and Windows Update. Security updates are also available from the Microsoft Download Center. You can find them most easily by doing a keyword search for "security update. Finally, security updates can be downloaded from the Microsoft Update Catalog. The Microsoft Update Catalog provides a searchable catalog of content made available through Windows Update and Microsoft Update, including security updates, drivers and service packs.
By searching using the security bulletin number such as, "MS" , you can add all of the applicable updates to your basket including different languages for an update , and download to the folder of your choosing. Microsoft provides detection and deployment guidance for security updates. This guidance contains recommendations and information that can help IT professionals understand how to use various tools for detection and deployment of security updates.
For more information, see Microsoft Knowledge Base Article Microsoft Baseline Security Analyzer MBSA allows administrators to scan local and remote systems for missing security updates as well as common security misconfigurations. Windows Server Update Services WSUS enables information technology administrators to deploy the latest Microsoft product updates to computers that are running the Windows operating system. Note Microsoft discontinued support for SMS 2.
Customers are encouraged to upgrade to System Center Configuration Manager See also Downloads for Systems Management Server For more detailed information, see Microsoft Knowledge Base Article : Summary list of monthly detection and deployment guidance articles.
Updates often write to the same files and registry settings required for your applications to run. This can trigger incompatibilities and increase the time it takes to deploy security updates. You can streamline testing and validating Windows updates against installed applications with the Update Compatibility Evaluator components included with Application Compatibility Toolkit.
The Application Compatibility Toolkit ACT contains the necessary tools and documentation to evaluate and mitigate application compatibility issues before deploying Microsoft Windows Vista, a Windows Update, a Microsoft Security Update, or a new version of Windows Internet Explorer in your environment. For information about the specific security update for your affected software, click the appropriate link:.
The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information , in this section. When you install this security update, the installer checks to see if one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix. For more information about the terminology that appears in this bulletin, such as hotfix , see Microsoft Knowledge Base Article Note You can combine these switches into one command.
For backward compatibility, the security update also supports many of the setup switches that the earlier version of the Setup program uses.
For more information about the supported installation switches, see Microsoft Knowledge Base Article For more information about the Update. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps. You can install the update from the appropriate download link in the Affected and Non-Affected Software section.
If you installed your application from a server location, the server administrator must instead update the server location with the administrative update and deploy that update to your system.
This security update requires that Windows Installer 2. Install Instructions To start the download, click the Download button and then do one of the following, or select another language from Change Language and then click Change. Click Run to start the installation immediately. Click Save to copy the download to your computer for installation at a later time. Additional Information Other critical security updates are available: To find the latest security updates for you, visit Windows Update and click Express Install.
To have the latest security updates delivered directly to your computer, visit the Security At Home web site and follow the steps to ensure you're protected. Related Resources Microsoft Security Bulletin. You may have to restart the computer after you install this security update. In some cases, this update does not require a restart.
If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart the computer. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install this security update.
For more information about why you may be prompted to restart, click the following article number to view the article in the Microsoft Knowledge Base:. Note We do not recommend that you remove any security update. Note When you remove this security update, you may be prompted to insert the disc that contains the Microsoft Office system. Additionally, you may not have the option to uninstall this security update from the Add or Remove Programs item or the Programs and Features item in Control Panel.
There are several possible causes of this issue. For more information about the removal, click the following article number to view the article in the Microsoft Knowledge Base:. The English United States version of this security update has the file attributes or later file attributes that are listed in the following table.
When you view the file information, it is converted to local time.
0コメント