Results 1 to 6 of 6

Thread: Critical Microsoft Security Patches

  1. #1

    Critical Microsoft Security Patches

    Microsoft has released the following security bulletins for newly discovered vulnerabilities:
    * Critical MS06-040 Microsoft Windows Remote Code Execution
    * Critical MS06-041 Microsoft Windows Remote Code Execution
    * Critical MS06-042 Microsoft Windows Remote Code Execution
    * Critical MS06-043 Microsoft Windows Remote Code Execution
    * Critical MS06-044 MS Windows 2000 Remote Code Execution
    * Important MS06-045 Microsoft Windows Remote Code Execution
    * Critical MS06-046 Microsoft Windows Remote Code Execution
    * Critical MS06-047 Microsoft Office Applications or Applications
    that use Visual Basic for Applications Remote Code Execution
    * Critical MS06-048 Microsoft PowerPoint Remote Code Execution
    * Important MS06-049 Microsoft Windows Elevation of Privilege
    * Important MS06-050 Microsoft Windows Remote Code Execution
    * Critical MS06-051 Microsoft Windows Remote Code Execution
    Kindly Update the same on an urgent basis.
    ================================================
    Security Bulletin Details
    ================================================
    MS06-040
    Title: Vulnerability in Server Service Could Allow Remote Code Execution (KB921883)
    Executive Summary:
    This update resolves a privately disclosed vulnerability as well as additional issues discovered through internal investigations. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft strongly recommends that customers apply this update immediately. If customers will be delayed in installing MS06-040, Microsoft recommends that they implement the workarounds discussed in the MS06-040 bulletin.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical
    Restart Requirement: You must restart your system after you apply this security update.

    http://www.microsoft.com/technet/sec.../MS06-040.mspx
    ************************************************** ****************
    MS06-041
    Title: Vulnerability in DNS Resolution Could Allow Remote Code Execution (KB920683)
    Executive Summary:
    This update resolves several newly discovered, privately reported, vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/sec.../MS06-041.mspx
    PLAY IT TILL YOUR FINGERS BLEED!!

  2. #2
    MS06-042
    Title: Cumulative Security Update for Internet Explorer (KB918899)
    Executive Summary:
    This update resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Affected Components:
    * Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
    * Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
    * Internet Explorer 6 for Microsoft Windows XP Service Pack 2
    * Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
    * Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
    MS06-043
    Title: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (KB920214)
    Executive Summary:
    This update resolves a newly-discovered, publicly-reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
    If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    Affected Software:
    * Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Affected Components:
    * Outlook Express 6 on Microsoft Windows XP Service Pack 2
    * Outlook Express 6 on Microsoft Windows XP Professional x64 Edition
    * Outlook Express 6 on Microsoft Windows Server 2003 Service Pack 1
    * Outlook Express 6 on Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Outlook Express 6 on Microsoft Windows Server 2003 x64 Edition
    Non-Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1
    * Microsoft Windows Server 2003
    * Microsoft Windows Server 2003 for Itanium-based Systems
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/security/bulletin/MS06-043.mspx

    PLAY IT TILL YOUR FINGERS BLEED!!

  3. #3
    MS06-044
    Title: Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (KB917008)
    Executive Summary:
    This update resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    Non-Affected Software:
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/sec.../MS06-044.mspx
    ************************************************** ****************
    MS06-045
    Title: Vulnerability in Windows Explorer Could Allow Remote Code Execution (KB921398)
    Executive Summary:
    This update resolves a newly-discovered, publicly-reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Important

    http://www.microsoft.com/technet/sec.../MS06-045.mspx
    PLAY IT TILL YOUR FINGERS BLEED!!

  4. #4
    MS06-046
    Title: Vulnerability in HTML Help Could Allow Remote Code Execution (KB922616)
    Executive Summary:
    This update resolves a newly discovered, publicly reported vulnerability as well as additional issues discovered through internal investigations. On vulnerable versions of Windows, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/sec.../MS06-046.mspx
    ************************************************** ****************
    MS06-047
    Title: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (KB921645)
    Executive Summary:
    This update resolves a newly discovered, privately reported vulnerability. On vulnerable versions of Office or Microsoft Visual Basic for Applications, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    Affected Software:
    * Microsoft Office 2000 Service Pack 3
    * Microsoft Project 2000 Service Release 1
    * Microsoft Access 2000 Runtime Service Pack 3
    * Microsoft Office XP Service Pack 3
    * Microsoft Project 2002 Service Pack 1
    * Microsoft Visio 2002 Service Pack 2
    * Microsoft Works Suites:
    * Microsoft Works Suite 2004
    * Microsoft Works Suite 2005
    * Microsoft Works Suite 2006
    * Microsoft Visual Basic for Applications SDK 6.0
    * Microsoft Visual Basic for Applications SDK 6.2
    * Microsoft Visual Basic for Applications SDK 6.3
    * Microsoft Visual Basic for Applications SDK 6.4
    Non-Affected Software:
    * Microsoft Office 2003 Service Pack 1 and Microsoft Office 2003 Service Pack 2
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/sec.../MS06-047.mspx
    PLAY IT TILL YOUR FINGERS BLEED!!

  5. #5
    MS06-048
    Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (KB922968)
    Executive Summary:
    This update resolves two newly discovered privately reported and public vulnerabilities. When using vulnerable versions of Office, if a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    Affected Software:
    * Microsoft Office 2000 Service Pack 3
    * Microsoft PowerPoint 2000
    * Microsoft Office XP Service Pack 3
    * Microsoft PowerPoint 2002
    * Microsoft Office 2003 Service Pack 1 or Service Pack 2
    * Microsoft Office PowerPoint 2003
    * Microsoft Office 2004 for Mac
    * PowerPoint 2004 for Mac
    * Microsoft Office v. X for Mac
    * PowerPoint 2004 v. X for Mac
    Non-Affected Software:
    * Microsoft PowerPoint 2003 Viewer
    * Microsoft Works Suites:
    * Microsoft Works Suite 2004
    * Microsoft Works Suite 2005
    * Microsoft Works Suite 2006
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/sec.../MS06-048.mspx
    MS06-049
    Title: Vulnerability in Windows Kernel Could Result in Elevation of Privilege (KB920958)
    Executive Summary:
    This update resolves a newly discovered, publicly reported vulnerability and additional issues discovered through internal investigations. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    Non-Affected Software:
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Elevation of Privilege
    Maximum Severity Rating: Important

    http://www.microsoft.com/technet/sec.../MS06-049.mspx

    PLAY IT TILL YOUR FINGERS BLEED!!

  6. #6
    MS06-050
    Title: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (KB920670)
    Executive Summary:
    This update resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. User interaction is required for an attacker to exploit these vulnerabilities.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Important

    http://www.microsoft.com/technet/security/bulletin/MS06-050.mspx
    MS06-051
    Title: Vulnerability in Windows Kernel Could Result in Remote Code Execution (KB917422)
    Executive Summary:
    This update resolves newly discovered, privately reported vulnerabilities and additional issues discovered through internal investigations. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
    Affected Software:
    * Microsoft Windows 2000 Service Pack 4
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    * Microsoft Windows XP Professional x64 Edition
    * Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
    * Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    * Microsoft Windows Server 2003 x64 Edition
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Critical

    http://www.microsoft.com/technet/security/bulletin/MS06-051.mspx
    MS05-004 (Re-release)
    Title: ASP.NET Path Validation Vulnerability (KB887219)
    Reason for Re-release:
    * Added Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 x64 Edition for .NET Framework 1.1 Service Pack 1 as affected software.
    * Users of these versions should apply newly released updates
    * Users who previously applied the update do not need to take any further action
    Impact of Vulnerability: Information Disclosure, possible Elevation of Privilege
    http://www.microsoft.com/technet/security/bulletin/MS05-004.mspx
    PLAY IT TILL YOUR FINGERS BLEED!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •