Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Recent Critical Updates 2006

6K views 5 replies 2 participants last post by  dvk01 
#1 ·
Hiya

This thread will be just for the most current ones for this year. For the older ones, please see All Critical Updates

Regards

eddie
 
#2 ·
Hiya

A remote code execution vulnerability exists in Outlook Express when using a Windows Address Book (.wab) file that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Affected Components:

• Outlook Express 6 on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Outlook Express 6 on Microsoft Windows Server 2003 x64 Edition
• Outlook Express 6 Microsoft Windows Server 2003 on Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Outlook Express 6 on Microsoft Windows XP Service Pack 2
• Outlook Express 6 on Microsoft Windows XP Professional x64 Edition
• Outlook Express 6 Service Pack 1 on Microsoft Windows XP Service Pack 1 or when installed on Microsoft Windows 2000 Service Pack 4
• Outlook Express 5.5 Service Pack 2 on Microsoft Windows 2000 Service Pack 4



http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx

eddie
 
#3 ·
A remote code execution vulnerability exists in Windows Explorer because of the way that it handles COM objects. An attacker would need to convince a user to visit a Web site that could force a connection to a remote file server. This remote file server could then cause Windows Explorer to fail in a way that could allow code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Affected Software:

• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition



http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx

eddie
 
#4 ·
A remote code execution vulnerability exists in the RDS.Dataspace ActiveX control that is provided as part of the ActiveX Data Objects (ADO) and that is distributed in MDAC. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Affected Software:

• Microsoft Windows XP Service Pack 1 running Microsoft Data Access Components 2.7 Service Pack 1
• Microsoft Windows XP Service Pack 2 running Microsoft Data Access Components 2.8 Service Pack 1
• Microsoft Windows XP Professional x64 Edition running Microsoft Data Access Components 2.8 Service Pack 2
• Microsoft Windows Server 2003 running Microsoft Data Access Components 2.8
• Microsoft Windows Server 2003 Service Pack 1 running Microsoft Data Access Components 2.8 Service Pack 2
• Microsoft Windows Server 2003 for Itanium-based Systems running Microsoft Data Access Components 2.8
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems running Microsoft Data Access Components 2.8 Service Pack 2
• Microsoft Windows Server 2003 x64 Edition running Microsoft Data Access Components 2.8 Service Pack 2
• Windows 2000 Service Pack 4 with Microsoft Data Access Components 2.5 Service Pack 3installed
• Windows 2000 Service Pack 4 with Microsoft Data Access Components 2.7 Service Pack 1installed
• Windows 2000 Service Pack 4 with Microsoft Data Access Components 2.8 installed
• Windows 2000 Service Pack 4 with Microsoft Data Access Components 2.8 Service Pack 1installed
• Windows XP Service Pack 1 with Microsoft Data Access Components 2.8 installed



http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx

eddie
 
#5 ·
This has a fair few updates:

A remote code execution vulnerability exists in the way Internet Explorer displays a Web page that contains certain unexpected method calls to HTML objects. As a result, system memory may be corrupted in such a way that an attacker could execute arbitrary code if a user visited a malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in the way Internet Explorer handles multiple event handlers in an HTML element. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in Internet Explorer. An HTML Application (HTA) can be initiated in a way that bypasses the security control within Internet Explorer. This allows an HTA to execute without Internet Explorer displaying the normal security dialog box. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in the way Internet Explorer handles specially crafted and not valid HTML. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in the way Internet Explorer handles HTML elements that contain a specially crafted tag. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in the way Internet Explorer handles double-byte characters in specially crafted URLs. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A vulnerability exists in Internet Explorer in the way it returns IOleClientSite information when an embedded object is dynamically created. An attacker could exploit the vulnerability by constructing a malicious Web page with a dynamically created object. This object would need to make use of the IOleClientSite information returned to make a security related decision. This could potentially allow remote code execution or information disclosure if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

An information disclosure vulnerability exists in Internet Explorer because of the way that it handles navigation methods. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially lead to information disclosure if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could read cookies or other data from another Internet Explorer domain. However, user interaction is required to exploit this vulnerability.

A spoofing vulnerability exists in Internet Explorer that could allow an attacker to display spoofed content in a browser window. The address bar and other parts of the trust UI has been navigated away from the attacker’s Web site but the content of the window still contains the attacker’s Web page.

Affected Components:

• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
• Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
• Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition



http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx

eddie
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top