Guest

Cisco Unity

Software Installed by the Cisco Unity Server Updates Wizard Through 2008

Hierarchical Navigation

Downloads

 Feedback

Table Of Contents

Software Installed by the Cisco Unity Server Updates Wizard Through 2008

What You Need to Know About the Wizard

Running the Server Updates Wizard

Servers on Which the Wizard Can Be Run

Only English-Language Versions of Updates Provided

Server Updates Wizard Version 2.0(12), December 2008

Server Updates Wizard Version 2.0(11), October 2008

Server Updates Wizard Version 2.0(10), September 2008

Server Updates Wizard Version 2.0(9), May 2008

Server Updates Wizard Version 2.0(8), March 2008

Server Updates Wizard Version 2.0(7), January 2008

Server Updates Wizard Version 2.0(6), December 2007

Server Updates Wizard Version 2.0(5), October 2007

Server Updates Wizard Version 2.0(4), August 2007

Server Updates Wizard Version 2.0(3), July 2007

Server Updates Wizard Version 2.0(2), June 2007

Server Updates Wizard Version 2.0(1), May 2007


Software Installed by the Cisco Unity Server Updates Wizard Through 2008

Revised January 12, 2009

*********************************************************************************************************************************************

This document applies to wizard versions released through December 2008. For later versions, see Software Installed by the Cisco Unity Server Updates Wizard in 2009 at http://www.cisco.com/en/US/docs/voice_ip_comm/unity/updates/wizard/2009cuupwz.html.

*********************************************************************************************************************************************

This document lists the Microsoft updates that are installed automatically when you run the Cisco Unity Server Updates wizard. The following information is provided for each update: the update number, related Knowledge Base article ID, severity rating, and Microsoft document title. For more information on an update, refer to the Microsoft website.

In addition, this document lists the version of Cisco Security Agent for Cisco Unity that the Cisco Unity Server Updates wizard can optionally install.

Note Before you download and use the wizard, familiarize yourself with the information in the "What You Need to Know About the Wizard" section.

On the second Tuesday of each month, Microsoft releases its list of new security updates. We review the list and create a new wizard version that includes the existing updates from previous versions and the new updates that are applicable to any of the servers, including supported versions of:

Windows Server 2003

Windows 2000 Server

SQL Server 2000

MSDE 2000

Exchange Server 2003

Exchange 2000 Server

Internet Explorer

This means that you need to run only the latest wizard version to get all of the updates that are currently recommended for use with any of the applicable servers.

What You Need to Know About the Wizard

The following three sections contain important information about the Cisco Unity Server Updates wizard:

Running the Server Updates Wizard

Servers on Which the Wizard Can Be Run

Only English-Language Versions of Updates Provided

Running the Server Updates Wizard

Revised January 12, 2009

To ensure the best possible security for the third-party applications installed on Cisco Unity- and Cisco Unity Connection-related servers, we recommend that you do the following tasks once a month:

1. Download the latest Cisco Unity Server Updates wizard.

(Go to the Voice and Unified Communications Downloads page at http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278875240. In the tree control on the Downloads page, expand Unified Communications Applications > Voice Mail and Unified Messaging > Cisco Unity, then click the latest version of Cisco Unity and browse to the Microsoft Updates download page.)

2. During nonbusiness hours, log on to the server from the console or by using a VNC viewer. Other remote-access applications are not supported.

See also the "Servers on Which the Wizard Can Be Run" section.

3. If you plan to install a new version of Cisco Security Agent for Cisco Unity on a server on which it is already installed: Uninstall the existing version and restart the server before you run the Server Updates wizard.

For information on uninstalling Cisco Security Agent for Cisco Unity, see the applicable version of Release Notes for Cisco Security Agent for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_release_notes_list.html.

4. If you uninstalled Cisco Security Agent for Cisco Unity version 3.1(5) or earlier in Task 3. and if the Cisco Unity server is running Windows Server 2003: Check the status of the Windows firewall and, if it is enabled, disable it. In some configurations, uninstalling Cisco Security Agent for Cisco Unity version 3.1(5) or earlier causes the Windows firewall to be enabled, which causes Cisco Unity to function improperly.

5. If you are running the wizard on a Cisco Unity server: Use the Cisco Unity tray icon to stop the Cisco Unity software.

6. Stop antivirus services, if any.

Note If you plan to skip installing a new version of Cisco Security Agent for Cisco Unity on a server on which it is already installed, the Server Updates wizard automatically stops the agent before installing the updates.

7. Run the wizard, and follow the on-screen prompts to install updates for the software installed on the server. At the end of the wizard, choose the option to restart the server.

Progress information displayed by the individual updates is sometimes inaccurate. Do not assume that an apparent lack of progress is an indication that the installation of an update has failed. (The wizard saves detailed installation logs to C:\WINDOWS\SUWlogs.)

8. Restart antivirus services, if any.

9. Repeat Task 2. through Task 8. on the remaining servers on which the wizard can be run.

Servers on Which the Wizard Can Be Run

The Cisco Unity Server Updates wizard can be run on the following Cisco Unity- and Cisco Unity Connection-related servers:

Cisco Unity servers.

Cisco Unity voice-recognition servers.

Cisco Unity Bridge servers.

Cisco Unity Connection version 1.x servers.

Cisco Unity Connection version 1.x voice-recognition servers.

In a Cisco Unity Voice Messaging configuration, you can also run the wizard on dedicated Exchange servers and domain controllers/global catalog servers.

Only English-Language Versions of Updates Provided

The Cisco Unity Server Updates wizard contains only the English-language version of Microsoft updates. Therefore, you can use the wizard to update a server only when Windows was installed in one of the following ways:

By using the Platform Configuration discs that are included with a Cisco Unity or Cisco Unity Connection server purchased from Cisco.

Note Windows Server 2003 Platform Configuration discs include the Microsoft Multilingual User Interface, which allows you to localize the Windows user interface into the languages supported for use with Cisco Unity or Cisco Unity Connection.

By using a retail, English-language Windows disc.

You cannot use the Cisco Unity Server Updates wizard to install Microsoft updates when a localized version of Windows was installed on the server. If you installed a non-English-language version of Windows, we recommend that you use another process to download and install the Microsoft updates listed in this document (for example, Windows Automatic Update).

Server Updates Wizard Version 2.0(12), December 2008

Cisco Unity Server Updates wizard version 2.0(12) installs the following software:

Cisco Security Agent for Cisco Unity version 3.1(6).

The Microsoft security updates listed below by month of their release.

In addition, when this version of the wizard is run on Windows Server 2003 SP1 or SP2, it applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

December 2008

MS08-073, KB 958215 (Critical), Cumulative Security Update for Internet Explorer

MS08-071, KB 956802 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

November 2008

MS08-069, KB 955218, (Critical), Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (KB 955218 is the main article for this update. However, in the Add or Remove Programs control panel, for Windows Server 2003 with service pack 1 or 2, two applications are listed: KB 955069 and KB 954430. For Windows 2000 Server with service pack 4, the application is listed as KB 955069.)

MS08-068, KB 957097 (Important), Vulnerability in SMB Could Allow Remote Code Execution

October 2008

MS08-067, KB 958644 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS08-066, KB 956803 (Important), Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege

MS08-065, KB 951071 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

MS08-064, KB 956841 (Important), Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege

MS08-063, KB 957095 (Important), Vulnerability in SMB Could Allow Remote Code Execution

MS08-062, KB 953155 (Important), Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution

MS08-061, KB 954211 (Important), Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

MS08-060, KB 957280 (Critical), Vulnerability in Active Directory Could Allow Remote Code Execution

September 2008

MS08-052, KB 954593 (Critical), Vulnerabilities in GDI+ Could Allow Remote Code Execution

August 2008

MS08-049, KB 950974 (Important), Vulnerabilities in Event System Could Allow Remote Code Execution

MS08-046, KB 952954 (Critical), Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution

July 2008

MS08-039, KB 953747 (Important), Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege

MS08-037, KB 953230 (Important), Vulnerabilities in DNS Could Allow Spoofing

June 2008

MS08-036, KB 950762 (Important), Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service

MS08-034, KB 948745 (Important), Vulnerability in WINS Could Allow Elevation of Privilege

MS08-033, KB  951698 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

MS08-032, KB 950760 (Moderate), Critical security update of ActiveX kill bits

April 2008

MS08-022, KB 944338 (Critical), Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution

MS08-021, KB 948590 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

MS08-020, KB 945553 (Important), Vulnerability in DNS Client Could Allow Spoofing

February 2008

MS08-008, KB 947890 and KB 943055 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS08-007, KB 946026 (Critical), Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution

MS08-006, KB 942830 (Important), Vulnerability in Internet Information Services Could Allow Remote Code Execution

MS08-005, KB 942831 (Important), Vulnerability in Internet Information Services Could Allow Elevation of Privilege

KB 928046, A custom wave driver is unloaded when a remote client computer connects to a Windows Server 2003-based computer that is running a TAPI program

January 2008

MS08-002, KB 943485 (Important), Vulnerability in LSASS Could Allow Local Elevation of Privilege

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(11), October 2008

Cisco Unity Server Updates wizard version 2.0(11) installs the following software:

Cisco Security Agent for Cisco Unity version 3.1(5).

The Microsoft security updates listed below by month of their release.

In addition, when this version of the wizard is run on Windows Server 2003 SP1 or SP2, it applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

October 2008

MS08-067, KB 958644 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS08-066, KB 956803 (Important), Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege

MS08-065, KB 951071 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

MS08-064, KB 956841 (Important), Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege

MS08-063, KB 957095 (Important), Vulnerability in SMB Could Allow Remote Code Execution

MS08-062, KB 953155 (Important), Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution

MS08-061, KB 954211 (Important), Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

MS08-060, KB 957280 (Critical), Vulnerability in Active Directory Could Allow Remote Code Execution

MS08-058, KB 956390 (Critical), Cumulative Security Update for Internet Explorer

September 2008

MS08-052, KB 954593 (Critical), Vulnerabilities in GDI+ Could Allow Remote Code Execution

August 2008

MS08-049, KB 950974 (Important), Vulnerabilities in Event System Could Allow Remote Code Execution

MS08-046, KB 952954 (Critical), Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution

July 2008

MS08-039, KB 953747 (Important), Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege

MS08-037, KB 953230 (Important), Vulnerabilities in DNS Could Allow Spoofing

June 2008

MS08-036, KB 950762 (Important), Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service

MS08-034, KB 948745 (Important), Vulnerability in WINS Could Allow Elevation of Privilege

MS08-033, KB  951698 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

MS08-032, KB 950760 (Moderate), Critical security update of ActiveX kill bits

April 2008

MS08-022, KB 944338 (Critical), Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution

MS08-021, KB 948590 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

MS08-020, KB 945553 (Important), Vulnerability in DNS Client Could Allow Spoofing

February 2008

MS08-008, KB 947890 and KB 943055 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS08-007, KB 946026 (Critical), Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution

MS08-006, KB 942830 (Important), Vulnerability in Internet Information Services Could Allow Remote Code Execution

MS08-005, KB 942831 (Important), Vulnerability in Internet Information Services Could Allow Elevation of Privilege

KB 928046, A custom wave driver is unloaded when a remote client computer connects to a Windows Server 2003-based computer that is running a TAPI program

January 2008

MS08-002, KB 943485 (Important), Vulnerability in LSASS Could Allow Local Elevation of Privilege

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(10), September 2008

Revised October 15, 2008

Cisco Unity Server Updates wizard version 2.0(10) installs the following software:

Cisco Security Agent for Cisco Unity version 3.1(5).

The Microsoft security updates listed below by month of their release.

In addition, when this version of the wizard is run on Windows Server 2003 SP1 or SP2, it applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

September 2008

MS08-052, KB 954593 (Critical), Vulnerabilities in GDI+ Could Allow Remote Code Execution

August 2008

MS08-049, KB 950974 (Important), Vulnerabilities in Event System Could Allow Remote Code Execution

MS08-046, KB 952954 (Critical), Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution

MS08-045, KB 953838 (Critical), Cumulative Security Update for Internet Explorer

July 2008

MS08-039, KB 953747 (Important), Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege

MS08-037, KB 953230 (Important), Vulnerabilities in DNS Could Allow Spoofing

June 2008

MS08-036, KB 950762 (Important), Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service

MS08-035, KB 953235 (Important), Vulnerability in Active Directory Could Allow Denial of Service

MS08-034, KB 948745 (Important), Vulnerability in WINS Could Allow Elevation of Privilege

MS08-033, KB  951698 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

MS08-032, KB 950760 (Moderate), Critical security update of ActiveX kill bits

April 2008

MS08-025, KB 941693 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS08-022, KB 944338 (Critical), Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution

MS08-021, KB 948590 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

MS08-020, KB 945553 (Important), Vulnerability in DNS Client Could Allow Spoofing

February 2008

MS08-008, KB 947890 and KB 943055 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS08-007, KB 946026 (Critical), Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution

MS08-006, KB 942830 (Important), Vulnerability in Internet Information Services Could Allow Remote Code Execution

MS08-005, KB 942831 (Important), Vulnerability in Internet Information Services Could Allow Elevation of Privilege

KB 928046, A custom wave driver is unloaded when a remote client computer connects to a Windows Server 2003-based computer that is running a TAPI program

January 2008

MS08-002, KB 943485 (Important), Vulnerability in LSASS Could Allow Local Elevation of Privilege

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

MS07-065, KB 937894 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(9), May 2008

Cisco Unity Server Updates wizard version 2.0(9) installs the following software:

Cisco Security Agent for Cisco Unity version 3.1(4).

The Microsoft security updates listed below by month of their release.

In addition, when this version of the wizard is run on Windows Server 2003 SP1 or SP2, it applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

April 2008

MS08-025, KB 941693 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS08-024, KB 947864 (Critical), Cumulative Security Update for Internet Explorer

MS08-023, KB 948881 (Critical), Security Update of ActiveX Kill Bits

MS08-022, KB 944338 (Critical), Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution

MS08-021, KB 948590 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

MS08-020, KB 945553 (Important), Vulnerability in DNS Client Could Allow Spoofing

February 2008

MS08-008, KB 947890 and KB 943055 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS08-007, KB 946026 (Critical), Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution

MS08-006, KB 942830 (Important), Vulnerability in Internet Information Services Could Allow Remote Code Execution

MS08-005, KB 942831 (Important), Vulnerability in Internet Information Services Could Allow Elevation of Privilege

MS08-003, KB 946538 and KB 943484 (Important), Vulnerability in Active Directory Could Allow Denial of Service

KB 928046, A custom wave driver is unloaded when a remote client computer connects to a Windows Server 2003-based computer that is running a TAPI program

January 2008

MS08-002, KB 943485 (Important), Vulnerability in LSASS Could Allow Local Elevation of Privilege

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

MS07-065, KB 937894 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

MS07-064, KB 941568 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-050, KB 938127 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(8), March 2008

Cisco Unity Server Updates wizard version 2.0(8) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

Note Cisco Security Agent for Cisco Unity version 3.0(2) was updated on January 7, 2008. The updated version replaced the version originally released on May 31, 2007. The version number was not changed.

The Microsoft security updates listed below by month of their release.

In addition, when it is run on Windows Server 2003 SP1 or SP2, this version of the wizard applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

February 2008

MS08-010, KB 944533 (Critical), Cumulative Security Update for Internet Explorer

MS08-008, KB 947890 and KB 943055 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS08-007, KB 946026 (Critical), Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution

MS08-006, KB 942830 (Important), Vulnerability in Internet Information Services Could Allow Remote Code Execution

MS08-005, KB 942831 (Important), Vulnerability in Internet Information Services Could Allow Elevation of Privilege

MS08-003, KB 946538 and KB 943484 (Important), Vulnerability in Active Directory Could Allow Denial of Service

KB 928046, A custom wave driver is unloaded when a remote client computer connects to a Windows Server 2003-based computer that is running a TAPI program

January 2008

MS08-002, KB 943485 (Important), Vulnerability in LSASS Could Allow Local Elevation of Privilege

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

MS07-065, KB 937894 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

MS07-064, KB 941568 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-050, KB 938127 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-046, KB 938829 (Critical), Vulnerability in GDI Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(7), January 2008

Cisco Unity Server Updates wizard version 2.0(7) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

Note Cisco Security Agent for Cisco Unity version 3.0(2) was updated on January 7, 2008. The updated version replaced the version originally released on May 31, 2007. The version number was not changed.

The Microsoft security updates listed below by month of their release.

In addition, when it is run on Windows Server 2003 SP1 or SP2, this version of the wizard applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

January 2008

MS08-002, KB 943485 (Important), Vulnerability in LSASS Could Allow Local Elevation of Privilege

MS08-001, KB 941644 (Critical), Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution

December 2007

MS07-069, KB 942615 (Critical), Cumulative Security Update for Internet Explorer

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

MS07-065, KB 937894 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

MS07-064, KB 941568 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-050, KB 938127 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-046, KB 938829 (Critical), Vulnerability in GDI Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-043, KB 921503 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

MS07-039, KB 926122 (Critical), Vulnerability in Windows Active Directory Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(6), December 2007

Cisco Unity Server Updates wizard version 2.0(6) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

The Microsoft security updates listed below by month of their release.

In addition, when it is run on Windows Server 2003 SP1 or SP2, this version of the wizard applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

December 2007

MS07-069, KB 942615 (Critical), Cumulative Security Update for Internet Explorer

MS07-067, KB 944653 (Important), Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege

MS07-065, KB 937894 (Important), Vulnerability in Message Queuing Could Allow Remote Code Execution

MS07-064, KB 941568 (Critical), Vulnerabilities in DirectX Could Allow Remote Code Execution

November 2007

MS07-062, KB 941672 (Important), Vulnerability in DNS Could Allow Spoofing (only installed when DNS is installed on the server)

MS07-061, KB 943460 (Critical), Vulnerability in Windows URI Handling Could Allow Remote Code Execution

October 2007

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-050, KB 938127 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-046, KB 938829 (Critical), Vulnerability in GDI Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-043, KB 921503 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

MS07-039, KB 926122 (Critical), Vulnerability in Windows Active Directory Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-032, KB 917953 (Important), Vulnerability in TCP/IP Could Allow Remote Code Execution

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(5), October 2007

Cisco Unity Server Updates wizard version 2.0(5) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

The Microsoft security updates listed below by month of their release.

In addition, when it is run on Windows Server 2003 SP1 or SP2, this version of the wizard applies the registry edit described in Microsoft Knowledge Base article KB 928046. The registry edit fixes a known issue in Cisco Unity and in Cisco Unity Connection version 1.x in which administering the system over remote desktop connections in console mode crashed the Cisco Unity-CM TSP.

October 2007

MS07-051, KB 938827 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-057, KB 939653 (Critical), Cumulative Security Update for Internet Explorer

MS07-058, KB 933729 (Important), Vulnerability in RPC Could Allow Denial of Service

KB 933360 (none) August 2007 Cumulative Time Zone Update for Microsoft Windows Operating Systems

August 2007

MS07-050, KB 938127 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-046, KB 938829 (Critical), Vulnerability in GDI Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-043, KB 921503 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

MS07-039, KB 926122 (Critical), Vulnerability in Windows Active Directory Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-029, KB935966 (Critical), Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-045, KB 921398 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-032, KB 917953 (Important), Vulnerability in TCP/IP Could Allow Remote Code Execution

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-050, KB 904706 (Critical), Vulnerability in DirectShow Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(4), August 2007

Cisco Unity Server Updates wizard version 2.0(4) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

The Microsoft security updates listed below by month of their release.

August 2007

MS07-050, KB 938127 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

MS07-047, KB 936782 (Important), Vulnerabilities in Windows Media Player Could Allow Remote Code Execution

MS07-046, KB 938829 (Critical), Vulnerability in GDI Could Allow Remote Code Execution

MS07-045, KB 937143 (Critical), Cumulative Security Update for Internet Explorer

MS07-043, KB 921503 (Critical), Vulnerability in OLE Automation Could Allow Remote Code Execution

MS07-042, KB 936021 and KB 936181 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

MS07-039, KB 926122 (Critical), Vulnerability in Windows Active Directory Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-029, KB935966 (Critical), Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-045, KB 921398 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-032, KB 917953 (Important), Vulnerability in TCP/IP Could Allow Remote Code Execution

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-050, KB 904706 (Critical), Vulnerability in DirectShow Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(3), July 2007

Cisco Unity Server Updates wizard version 2.0(3) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

The Microsoft security updates listed below by month of their release.

July 2007

MS07-040, KB 931212 (Critical), Vulnerabilities in .NET Framework Could Allow Remote Code Execution

MS07-039, KB 926122 (Critical), Vulnerability in Windows Active Directory Could Allow Remote Code Execution

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-033, KB933566 (Critical), Cumulative Security Update for Internet Explorer

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-029, KB935966 (Critical), Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Cisco Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

January 2007

MS07-004, KB 929969 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-071, KB 928088 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-061, KB 924191 (Critical), Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-045, KB 921398 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-032, KB 917953 (Important), Vulnerability in TCP/IP Could Allow Remote Code Execution

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-024, KB 917734 (Critical), Vulnerability in Windows Media Player Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

MS06-001, KB 912919 (Critical), Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-050, KB 904706 (Critical), Vulnerability in DirectShow Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(2), June 2007

Cisco Unity Server Updates wizard version 2.0(2) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

The Microsoft security updates listed below by month of their release.

June 2007

MS07-035, KB935839 (Critical), Vulnerability in Win 32 API Could Allow Remote Code Execution

MS07-034, KB929123 (Critical), Cumulative Security Update for Outlook Express and Windows Mail

MS07-033, KB933566 (Critical), Cumulative Security Update for Internet Explorer

MS07-031, KB935840 (Critical), Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

May 2007

MS07-029, KB935966 (Critical), Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

January 2007

MS07-004, KB 929969 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-071, KB 928088 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-061, KB 924191 (Critical), Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-045, KB 921398 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-032, KB 917953 (Important), Vulnerability in TCP/IP Could Allow Remote Code Execution

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-024, KB 917734 (Critical), Vulnerability in Windows Media Player Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

MS06-001, KB 912919 (Critical), Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-050, KB 904706 (Critical), Vulnerability in DirectShow Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

Server Updates Wizard Version 2.0(1), May 2007

Cisco Unity Server Updates wizard version 2.0(1) installs the following software:

Cisco Security Agent for Cisco Unity version 3.0(2).

The Microsoft security updates listed below by month of their release.

May 2007

MS07-029, KB935966 (Critical), Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution

MS07-027, KB931768 (Critical), Cumulative Security Update for Internet Explorer

MS07-026, KB931832 (Critical), Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

After you install MS07-026, Cisco Unity may not be able to deliver voice messages to subscribers whose Active Directory accounts belong to one or more administrative groups. For information on a workaround, refer to the tech note Unity for Exchange Cannot Deliver Messages to Some Subscribers After MS06-019 or MS07-026 Is Installed at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_tech_notes_list.html.

April 2007

MS07-022, KB 931784 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS07-021 KB 930178 (Critical), Vulnerabilities in CSRSS Could Allow Remote Code Execution

MS07-020, KB 932168 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS07-017, KB 925902 (Critical), Vulnerabilities in GDI Could Allow Remote Code Execution

February 2007

MS07-013, KB 918118 (Important), Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution

MS07-012, KB 924667 (Important), Vulnerability in Microsoft MFC Could Allow Remote Code Execution

MS07-011, KB 926436 (Important), Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution

MS07-009, KB 927779 (Critical), Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

MS07-008, KB 928843 (Critical), Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution

MS07-006, KB 928255 (Important), Vulnerability in Windows Shell Could Allow Elevation of Privilege

KB 931836 (none), February 2007 cumulative time zone update for Microsoft Windows operating systems

January 2007

MS07-004, KB 929969 (Critical), Vulnerability in Vector Markup Language Could Allow Remote Code Execution

December 2006

MS06-078, KB925398 (Critical), Vulnerability in Windows Media Format Could Allow Remote Code Execution

MS06-076, KB 923694 (Important), Cumulative Security Update for Outlook Express

MS06-074, KB 926247 (Important), Vulnerability in SNMP Could Allow Remote Code Execution

November 2006

MS06-071, KB 928088 (Critical), Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

MS06-070, KB 924270 (Critical), Vulnerability in Workstation Service Could Allow Remote Code Execution

MS06-068, KB 920213 (Critical), Vulnerability in Microsoft Agent Could Allow Remote Code Execution

MS06-066, KB 923980 (Important), Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution

October 2006

MS06-065, KB 924496 (Moderate), Vulnerability in Windows Object Packager Could Allow Remote Execution

MS06-064, KB 922819 (Low), Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service

MS06-063, KB 923414 (Important), Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution

MS06-061, KB 924191 (Critical), Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution

MS06-057, KB 923191 (Critical), Vulnerability in Windows Explorer Could Allow Remote Execution

September 2006

MS06-053, KB 920685 (Moderate), Vulnerability in Indexing Service Could Allow Cross-Site Scripting

August 2006

MS06-051, KB 917422 (Critical), Vulnerability in Windows Kernel Could Result in Remote Code Execution

MS06-050, KB 920670 (Important), Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

MS06-046, KB 922616 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

MS06-045, KB 921398 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-044, KB 917008 (Critical), Vulnerability in Microsoft Management Console Could Allow Remote Code Execution

MS06-043, KB 920214 (Critical), Vulnerability in Microsoft Windows Could Allow Remote Code Execution

MS06-041, KB 920683 (Critical), Vulnerabilities in DNS Resolution Could Allow Remote Code Execution

MS06-040, KB 921883 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

July 2006

MS06-036, KB 914388 (Critical), Vulnerability in DHCP Client Service Could Allow Remote Code Execution

MS06-035, KB 917159 (Critical), Vulnerability in Server Service Could Allow Remote Code Execution

MS06-034, KB 917537 (Important), Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution

June 2006

MS06-032, KB 917953 (Important), Vulnerability in TCP/IP Could Allow Remote Code Execution

MS06-031, KB 917736 (Moderate), Vulnerability in RPC Mutual Authentication Could Allow Spoofing

MS06-030, KB 914389 (Important), Vulnerability in Server Message Block Could Allow Elevation of Privilege

MS06-025, KB 911280 (Critical), Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

MS06-024, KB 917734 (Critical), Vulnerability in Windows Media Player Could Allow Remote Code Execution

MS06-023, KB 917344 (Critical), Vulnerability in Microsoft JScript Could Allow Remote Code Execution

MS06-022, KB 918439 (Critical), Vulnerability in ART Image Rendering Could Allow Remote Code Execution

May 2006

MS06-018, KB 913580 (Moderate), Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

April 2006

MS06-016, KB 911567 (Important), Cumulative Security Update for Outlook Express

MS06-015, KB 908531 (Important), Vulnerability in Windows Explorer Could Allow Remote Code Execution

MS06-014, KB 911562 (Critical), Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

March 2006

Cumulative Hotfix for SQL Server 2000 Service Pack 4 - Build 2187, KB 916287

February 2006

MS06-009, KB 901190 (Important), Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (necessary only if the Korean Input Method Editor is installed)

MS06-008, KB 911927 (Important), Vulnerability in Web Client Service Could Allow Remote Code Execution

January 2006

MS06-003, KB 902412 (Critical), Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution

MS06-002, KB 908519 (Critical), Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

MS06-001, KB 912919 (Critical), Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

December 2005

MS05-055, KB 908523 (Important), Vulnerability in Windows Kernel Could Allow Elevation of Privilege

MS05-053, KB 896424 (Critical), Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution

October 2005

MS05-051, KB 902400 (Critical), Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution

MS05-050, KB 904706 (Critical), Vulnerability in DirectShow Could Allow Remote Code Execution

MS05-049, KB 900725 (Important), Vulnerabilities in Windows Shell Could Allow Remote Code Execution

MS05-048, KB 907245 (Important), Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution

MS05-047, KB 905749 (Important), Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege

MS05-046, KB 899589 (Important), Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

MS05-045, KB 905414 (Moderate), Vulnerability in Network Connection Manager Could Allow Denial of Service

MS05-044, KB 905495 (Moderate), Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering

August 2005

MS05-043, KB 896423 (Critical), Vulnerability in Print Spooler Service Could Allow Remote Code Execution

MS05-042, KB 899587 (Moderate), Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing

MS05-041, KB 899591 (Moderate), Vulnerability in Remote Desktop Protocol Could Allow Denial of Service

MS05-040, KB 893756 (Important), Vulnerability in Telephony Service Could Allow Remote Code Execution

MS05-039, KB 899588 (Critical), Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

July 2005

MS05-036, KB 901214 (Critical), Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution

MS05-032, KB 890046 (Moderate), Vulnerability in Microsoft Agent Could Allow Spoofing

June 2005

Microsoft Update Rollup 1 for Windows 2000 SP4, KB 900345.

MS05-026, KB 896358 (Critical), Vulnerability in HTML Help Could Allow Remote Code Execution

April 2005

MS05-021, KB 894549 (Critical), Vulnerability in Exchange Server Could Allow Remote Code Execution

February 2005

MS05-014, KB 867282 (Critical), Cumulative Security Update for Internet Explorer

October 2004

MS04-036, KB 883935 (Critical), Vulnerability in NNTP Could Allow Remote Code Execution

August 2004

Microsoft .NET Framework 1.1 Service Pack 1, KB 867460

Exchange 2000 Server Post-Service Pack 3 Update Rollup, KB 870540 (None), Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup

CCDE, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0812R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2009 Cisco Systems, Inc. All rights reserved.