Tuesday, February 14, 2006

Microsoft Security Bulletin Summary for February, 2006

Patches now available.

Note: One problem has been detected in downloading and installing KB913446 -- it failed on three (3) XP SP2 machines that I tried it on (failed on download). Waiting to hear something about it elsewhere but nothing further to report at this time (12:40 CST -06:00 UTC).


Critical (2)

MS06-004
Cumulative Security Update for Internet Explorer (910620)
A vulnerability exists in the Graphics Rendering Engine that could allow remote code execution.

MS06-005
Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
A vulnerability exists in the way that Windows Media Player processes certain files that could allow remote code execution.


Important (5)

MS06-006
Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
A remote code execution vulnerability exists in the Windows Media Player plug-in for non-Microsoft Internet browsers that can allow remote code execution.

MS06-007
Vulnerability in TCP/IP Could Allow Denial of Service (913446)
A vulnerability exists that could allow an attacker to send a specially crafted IGMP that could cause an affected system to stop responding.

MS06-008
Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)
A vulnerability exists in the Windows Web Client Service that could allow an attacker to take complete control of an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

MS06-009
A vulnerability exists in the Windows and Office in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)
A vulnerability exists in the Windows and Office Korean Input Method Editor that could allow an attacker to take complete control of an affected system. For an attack to be successful an attacker must be able to interactively log on to the affected system.

MS06-010
Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)
A vulnerability exists PowerPoint that could allow information disclosure.

posted by Fergie @ 2/14/2006 10:41:00 AM

0 Comments:

Post a Comment

<< Home