Guest

Cisco Unity

Software Installed by the Cisco Unity Server Updates Wizard in 2011

  • Viewing Options

  • PDF (197.2 KB)
  • Feedback
Software Installed by the Cisco Unity Server Updates Wizard in 2011

Table Of Contents

Software Installed by the Cisco Unity Server Updates Wizard in 2011

What You Need to Know About the Wizard

Running the Server Updates Wizard

Servers on Which the Wizard Can Be Run

Only English-Language Versions of Updates Provided

Wizard Version 3.0(22), December 2011


Software Installed by the Cisco Unity Server Updates Wizard in 2011


Revised December 20, 2011

Caution Wizard development related to Cisco Unity 4.x and Cisco Unity Connection 1.x has ceased as of July 27, 2009 and March 12, 2009, respectively. For more information, see the Cautions at the end of the "Servers on Which the Wizard Can Be Run" section.

This document lists the Microsoft updates that are installed automatically when you run the Cisco Unity Server Updates wizard. The following information is provided for each update: the update number, related Knowledge Base article ID, severity rating, and Microsoft document title. For more information on an update, refer to the Microsoft website.

In addition, this document lists the version of Cisco Security Agent for Cisco Unity that the Cisco Unity Server Updates wizard can optionally install.


Note Before you download and use the wizard, familiarize yourself with the information in the "What You Need to Know About the Wizard" section.


On the second Tuesday of each month, Microsoft releases its list of new security updates. We review the list and, if the updates are sufficiently important, create a new wizard. (On average, we create a new wizard about every two months.) The new wizard contains the existing updates from previous wizard versions and the new updates that are applicable to the supported versions of the following software on any of the Cisco Unity-related servers:

Windows Server 2003

Windows 2000 Server

SQL Server 2005 and SQL Server 2000

SQL Server 2005 Express and MSDE 2000

Exchange Server 2003

Exchange 2000 Server

Internet Explorer

This means that you need to run only the latest wizard version to get all of the updates that are currently recommended for use with any of the applicable servers.

For support-policy information on Microsoft service packs and updates, and on Windows Automatic Updates, see Supported Hardware and Software, and Support Policies for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html.

What You Need to Know About the Wizard

The following three sections contain important information about the Cisco Unity Server Updates wizard:

Running the Server Updates Wizard

Servers on Which the Wizard Can Be Run

Only English-Language Versions of Updates Provided

Running the Server Updates Wizard

To ensure the best possible security for the third-party applications installed on Cisco Unity and Cisco Unity-related servers, we recommend that you do the following tasks once a month:

1. Download the latest Cisco Unity Server Updates wizard.

Go to the Voice and Unified Communications Downloads page at http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278875240. In the tree control on the Downloads page, expand Unified Communications Applications > Voice Mail and Unified Messaging > Cisco Unity, then click the latest version of Cisco Unity and browse to the Microsoft Updates download page.


Note To access the software download page, you must be logged on to Cisco.com as a registered user.


2. During nonbusiness hours, log on to the server from the console or by using a VNC viewer. Other remote-access applications are not supported.

See also the "Servers on Which the Wizard Can Be Run" section.

3. If you plan to install a new version of Cisco Security Agent for Cisco Unity on a server on which it is already installed: Uninstall the existing version and restart the server before you run the Server Updates wizard.


Note Beginning in January 2010, the Server Updates wizard installs version 3.1(7) of the Cisco Security Agent for Cisco Unity.


For information on uninstalling Cisco Security Agent for Cisco Unity, see the applicable version of Release Notes for Cisco Security Agent for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_release_notes_list.html.

4. If you uninstalled Cisco Security Agent for Cisco Unity version 3.1(5) or earlier in Task 3. and if the Cisco Unity server is running Windows Server 2003: Check the status of the Windows firewall and, if it is enabled, disable it. In some configurations, uninstalling Cisco Security Agent for Cisco Unity version 3.1(5) or earlier causes the Windows firewall to be enabled, which causes Cisco Unity to function improperly.

5. If you are running the wizard on a Cisco Unity server: Use the Cisco Unity tray icon to stop the Cisco Unity software.

6. Stop antivirus services, if any.


Note If you plan to skip installing a new version of Cisco Security Agent for Cisco Unity on a server on which it is already installed, the Server Updates wizard automatically stops the agent before installing the updates.


7. Run the wizard, and follow the on-screen prompts to install updates for the software installed on the server. At the end of the wizard, choose the option to restart the server.

Progress information displayed by the individual updates is sometimes inaccurate. Do not assume that an apparent lack of progress is an indication that the installation of an update has failed. (The wizard saves detailed installation logs to C:\WINDOWS\SUWlogs.)

8. Restart antivirus services, if any.

9. Repeat Task 2. through Task 8. on the remaining servers on which the wizard can be run.

Servers on Which the Wizard Can Be Run

The Cisco Unity Server Updates wizard can be run on the following Cisco Unity and Cisco Unity-related servers:

Cisco Unity 5.x, 7.x, and 8.x servers.

Cisco Unity 5.x and 7.x voice-recognition servers.


Note Beginning with Cisco Unity 8.x, the Cisco Unity voice-recognition application runs on a Linux-based server.


Cisco Unity Bridge servers.

In a Cisco Unity Voice Messaging configuration, you can also run the wizard on dedicated Exchange servers and domain controllers/global catalog servers.


Caution Wizard development related to Cisco Unity 4.x has ceased as of July 27, 2009, as documented in the "End of Software Maintenance Releases Date" milestone in the EoS and EoL Announcement for Cisco Unity 4.x document at http://www.cisco.com/en/US/prod/collateral/voicesw/ps6789/ps5745/ps2237/end_of_life_notice_cisco_unity_version_4x.html. The Cisco Unity 4.x support policy for Microsoft service packs and updates allows the installation of all Microsoft updates when they are released. Although using the Cisco Unity Server Updates wizard to install the updates may continue to work, we are no longer testing the wizard with Cisco Unity 4.x. As a result, if you encounter any problems with the wizard, Cisco TAC will not be able to help you resolve them. For the Cisco Unity 4.x support policy for Microsoft service packs and updates, see Supported Hardware and Software, and Support Policies for Cisco Unity 4.2 and Later at http://www.cisco.com/en/US/docs/voice_ip_comm/unity/42/support/42lsupp.html.


Caution Wizard development related to Cisco Unity Connection 1.x has ceased as of March 12, 2009, as documented in the "End of Software Maintenance Releases Date" milestone in the EoS and EoL Announcement for Cisco Unity Connection 1.x document at https://www.cisco.com/en/US/prod/collateral/voicesw/ps6789/ps5745/ps6509/prod_end-of-life_notice0900aecd806c3d64.html. The Connection 1.x support policy for Microsoft service packs and updates allows the installation of all Microsoft updates when they are released. Although using the Cisco Unity Server Updates wizard to install the updates may continue to work, we are no longer testing the wizard with Connection 1.x. As a result, if you encounter any problems with the wizard, Cisco TAC will not be able to help you resolve them. For the Connection 1.x support policy for Microsoft service packs and updates, see Cisco Unity Connection 1.x System Requirements, and Supported Hardware and Software at http://www.cisco.com/en/US/docs/voice_ip_comm/connection/1x/requirements/1xsysrq.html.

Only English-Language Versions of Updates Provided

The Cisco Unity Server Updates wizard contains only the English-language version of Microsoft updates. Therefore, you can use the wizard to update a server only when Windows was installed in one of the following ways:

By using the Platform Configuration discs that are included with a Cisco Unity server purchased from Cisco.


Note Windows Server 2003 Platform Configuration discs include the Microsoft Multilingual User Interface, which allows you to localize the Windows user interface into the languages supported for use with Cisco Unity.


By using a retail, English-language Windows disc.

You cannot use the Cisco Unity Server Updates wizard to install Microsoft updates when a localized version of Windows was installed on the server. If you installed a non-English-language version of Windows, we recommend that you use another process to download and install the Microsoft updates listed in this document (for example, Windows Automatic Update).

Wizard Version 3.0(22), December 2011

Revised December 20, 2011

Cisco Unity Server Updates wizard version 3.0(22) installs the following software:

Cisco Security Agent for Cisco Unity version 3.1(7).

The Microsoft security updates listed below.

In addition, when this version of the wizard runs on Windows Server 2003 SP1 or SP2, it applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

December 2011

MS11-087, KB 2639417 (Critical), Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

MS11-090, KB 2618451 (Critical), Cumulative Security Update for ActiveX Kill Bits

MS11-093, KB 2624667 (Important), Vulnerability in Microsoft Windows OLE32 Could Allow Remote Code Execution

MS11-095, KB 2640045 (Important), Vulnerability in Active Directory Could Allow Remote Code Execution

MS11-097, KB 2620712 (Important), Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege

MS11-098, KB 2633171 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS11-099, KB 2618444 (Important), Cumulative Security Update for Internet Explorer

November 2011

MS11-075, KB 2623699 (Important), Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution

MS11-077, KB 2567053 (Important), Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

MS11-078, KB 2604930 (Critical), Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution

MS11-080, KB 2592799 (Important), Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege

MS11-081, KB 2586448 (Critical), Cumulative Security Update for Internet Explorer

MS11-086, KB 2630837 (Important), Vulnerability in Active Directory Could Allow Elevation of Privilege

September 2011

MS11-070, KB 2571621 (Important), Vulnerability in WINS Could Allow Elevation of Privilege

MS11-071, KB 2570947 (Important), Vulnerability in Windows Components Could Allow Remote Code Execution

August 2011

MS11-057, KB 2559049 (Critical), Cumulative Security Update for Internet Explorer

MS11-058, KB 2562485 (Important), Vulnerabilities in DNS Server Could Allow Remote Code Execution

MS11-062, KB 2566454 (Important), Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege

MS11-063, KB 2567680 (Important), Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege

MS11-065, KB 2570222 (Important), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS11-069, KB 2567951 (Moderate), Vulnerability in .NET Framework Could Allow Information Disclosure

July 2011

MS11-054, KB 2555917 (Important), Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

MS11-056, KB 2507938 (Important), Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege

June 2011

MS11-037, KB 2544893 (Important), Vulnerability in MHTML Could Allow Information Disclosure

MS11-038, KB 2476490 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS11-039, KB 2514842 (Critical), Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution

MS11-042, KB 2535512 (Critical), Vulnerabilities Distributed File System Could Allow Remote Code Execution

MS11-043, KB 2536276 (Critical), Vulnerability in SMB Client Could Allow Remote Code Execution

MS11-044, KB 2538814 (Critical), Vulnerability in .NET Framework Could Allow Remote Code Execution

MS11-046, KB 2503665 (Important), Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege

MS11-049, KB 2543893 (Important), Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure

MS11-050, KB 2530548 (Critical), Cumulative Security Update for Internet Explorer

MS11-051, KB 2518295 (Important), Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege

MS11-052, KB 2544521 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

May 2011

MS11-035, KB 2524426 (Critical), Vulnerability in WINS Could Allow Remote Code Execution

April 2011

MS11-018, KB 2497640 (Critical), Cumulative Security Update for Internet Explorer

MS11-019, KB 2511455 (Critical), Vulnerabilities in SMB Client Could Allow Remote Code Execution

MS11-020, KB 2508429 (Critical), Vulnerability in SMB Server Could Allow Remote Code Execution

MS11-024, KB 2527308 (Important), Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution

MS11-026, KB 2503658 (Important), Vulnerability in MHTML Could Allow Information Disclosure

MS11-027, KB 2508272 (Critical), Cumulative Security Update of ActiveX Kill Bits

MS11-028, KB 2484015 (Critical), Vulnerability in .NET Framework Could Allow Remote Code Execution

MS11-029, KB 2489979 (Critical), Vulnerability in GDI+ Could Allow Remote Code Execution

MS11-030, KB 2509553 (Critical), Vulnerability in DNS Resolution Could Allow Remote Code Execution

MS11-031, KB 2514666 (Critical), Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution

MS11-032, KB 2507618 (Critical), Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution

MS11-033, KB 2485663 (Important), Vulnerability in WordPad Text Converters Could Allow Remote Code Execution

MS11-034, KB 2506223 (Important), Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

March 2011

MS11-017, KB 2508062 (Important), Vulnerability in Remote Desktop Client Could Allow Remote Code Execution

February 2011

MS11-014, KB 2478960 (Important), Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege

MS11-013, KB 2496930 (Important), Vulnerabilities in Kerberos Could Allow Elevation of Privilege

MS11-012, KB 2479628 (Important), Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

MS11-011, KB 2393802 (Important), Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

MS11-010, KB 2476687 (Important), Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege

MS11-007, KB 2485376 (Critical), Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution

MS11-006, KB 2483185 (Critical), Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution

MS11-005, KB 2478953 (Important), Vulnerability in Active Directory Could Allow Denial of Service

MS11-003, KB 2482017 (Critical), Cumulative Security Update for Internet Explorer

MS11-002, KB 2451910 (Critical), Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution

December 2010

MS10-101, KB 2207559 (Important), Vulnerability in Windows Netlogon Service Could Allow Denial of Service

MS10-099, KB 2440591 (Important), Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege

MS10-098, KB 2436673 (Important), Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

MS10-097, KB 2443105 (Important), Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution

MS10-096, KB 2423089 (Important), Vulnerability in Windows Address Book Could Allow Remote Code Execution

MS10-091, KB 2296199 (Critical), Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution

MS10-090, KB 2416400 (Critical), Cumulative Security Update for Internet Explorer

October 2010

MS10-084, KB 2360937 (Important), Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege

MS10-083, KB 2405882 (Important), Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution

MS10-081, KB 2296011 (Important), Vulnerability in Windows Common Control Library Could Allow Remote Code Execution

MS10-076, KB 982132 (Critical), Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution

MS10-074, KB 2387149 (Moderate), Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution

MS10-070, KB 2418042 (Important), Vulnerability in ASP.NET Could Allow Information Disclosure

September 2010

MS10-069, KB 2121546 (Important), Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege

MS10-068, KB 983539 (Important), Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege

MS10-067, KB 2259922 (Important), Vulnerability in WordPad Text Converters Could Allow Remote Code Execution

MS10-065, KB 2267960 (Important), Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution

MS10-063, KB 2320113 (Critical), Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution

MS10-062, KB 975558 (Critical), Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution

MS10-061, KB 2347290 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

August 2010

MS10-060, KB 2265906 (Critical), Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution

MS10-054, KB 982214 (Critical), Vulnerabilities in SMB Server Could Allow Remote Code Execution

MS10-052, KB 2115168 (Critical), Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution

MS10-051, KB 2079403 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

MS10-049, KB 980436 (Critical), Vulnerabilities in SChannel could allow Remote Code Execution

MS10-046, KB 2286198 (Critical), Vulnerability in Windows Shell Could Allow Remote Code Execution

July 2010

MS10-042, KB 2229593 (Critical), Vulnerability in Help and Support Center Could Allow Remote Code Execution

June 2010

MS10-041, KB 981343 (Important), Vulnerability in Microsoft .NET Framework Could Allow Tampering

MS10-040, KB 982666 (Important), Vulnerability in Internet Information Services Could Allow Remote Code Execution

MS10-034, KB 980195 (Critical), Cumulative Security Update of ActiveX Kill Bits

April 2010

KB 948496, An update to turn off default SNP features is available for Windows Server 2003-based and Small Business Server 2003-based computers

December 2008

KB 955839, December 2008 cumulative time zone update for Microsoft Windows operating systems

July 2008

KB 953988, An application that uses the IEnumVARIANT interface triggers a memory leak, and this causes system performance to decrease on a Windows Server 2003-based computer

February 2010

MS10-015, KB 977165 (Important), Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

MS10-014, KB 977290 (Important), Vulnerability in Kerberos Could Allow Denial of Service

MS10-013, KB 977935 (Critical), Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution

MS010-012, KB 971468 (Important), Vulnerabilities in SMB Server Could Allow Remote Code Execution

MS010-011, KB 978037 (Important), Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege

MS010-008, KB 978262 (Critical), Cumulative Security Update of ActiveX Kill Bits

MS010-007, KB 975713 (Critical), Vulnerability in Windows Shell Handler Could Allow Remote Code Execution

MS010-006, KB 978251 (Critical), Vulnerabilities in SMB Client Could Allow Remote Code Execution

MS010-005, KB 978706 (Moderate), Vulnerability in Microsoft Paint Could Allow Remote Code Execution

January 2010

MS10-001, KB 972270 (Critical), Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution

December 2009

MS09-073, KB 975539 (Important), Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution

MS09-071, KB 974318 (Critical), Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution

MS09-070, KB 971726 (Important), Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution

MS09-069, KB 974392 (Important), Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service

October 2009

MS09-064, KB 974783 (Critical), Vulnerability in License Logging Server Could Allow Remote Code Execution

MS09-062, KB 957488 (Critical), Vulnerabilities in GDI+ Could Allow Remote Code Execution

MS09-059, KB 975467 (Important), Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service

MS09-057, KB 969059 (Important), Vulnerability in Indexing Service Could Allow Remote Code Execution

MS09-056, KB 974571 (Important), Vulnerabilities in Windows CryptoAPI Could Allow Spoofing

MS09-053, KB 975254 (Important), Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution

KB 957593, Error message if you use the NON_CONTENT_INDEXED_SEARCH flag

September 2009

MS09-048, KB 967723 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

MS09-047, KB 973812 (Critical), Vulnerabilities in Windows Media Format Could Allow Remote Code Execution

MS09-046, KB 956844 (Critical), Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution

MS09-045, KB 971961 (Critical), Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution

August 2009

MS09-044, KB 970927 (Critical), Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution

MS09-042, KB 960859 (Important), Vulnerability in Telnet Could Allow Remote Code Execution

MS09-041, KB 971657 (Important), Vulnerability in Workstation Service Could Allow Elevation of Privilege

MS09-040, KB 971032 (Important), Vulnerability in Message Queuing Could Allow Elevation of Privilege

MS09-039, KB 969883 (Critical), Vulnerabilities in WINS Could Allow Remote Code Execution

MS09-037, KB 973908 (Critical), Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution

June 2009

MS09-022, KB 961501 (Critical), Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution

MS09-020, KB 970483 (Important), Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege

MS09-019, KB 969897 (Critical), Cumulative Security Update for Internet Explorer

April 2009

MS09-015, KB 959426 (Moderate), Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege

MS09-013, KB 960803 (Critical), Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution

MS09-012, KB  959454, KB952004, and KB956572 (Important), Vulnerabilities in Windows Could Allow Elevation of Privilege

MS09-010, KB 960477 (Critical), Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution. (In the Add or Remove Programs control panel, the application is listed as KB 923561.)

March 2009

MS09-007, KB 960225 (Important), Vulnerability in SChannel Could Allow Spoofing

February 2009

MS09-004, KB 959420 (Important), Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution. (KB 959420 is the main article for this update. However, in the Add or Remove Programs control panel, the application is listed as "Security Update for SQL Server 2000 Service Pack 4 and MSDE 2000 (KB960083)".)

MS09-003, KB 959239 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution. (KB 959239 is the main article for this update. However, in the Add or Remove Programs control panel, the application is listed as "Security Update for Exchange 2000 Server (KB959897)".)

December 2008

MS08-071, KB 956802 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

November 2008

MS08-068, KB 957097 (Important), Vulnerability in SMB Could Allow Remote Code Execution

October 2008

MS08-067, KB 958644 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS08-062, KB 953155 (Important), Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution

August 2008

MS08-049, KB 950974 (Important), Vulnerabilities in Event System Could Allow Remote Code Execution

MS08-046, KB 952954 (Critical), Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution

July 2008

MS08-039, KB 953747 (Important), Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege

June 2008

MS08-036, KB 950762 (Important), Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service

April 2008

MS08-022, KB 944338 (Critical), Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution

MS08-021, KB 948590 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

MS08-020, KB 945553 (Important), Vulnerability in DNS Client Could Allow Spoofing

February 2008

MS08-008, KB 947890 and KB 943055 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS08-007, KB 946026 (Critical), Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution

MS08-005, KB 942831 (Important), Vulnerability in Internet Information Services Could Allow Elevation of Privilege

KB 928046, A custom wave driver is unloaded when a remote client computer connects to a Windows Server 2003-based computer that is running a TAPI program

January 2008

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

August 2007

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

June 2007

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup