Microsoft Security Bulletin Summary for August, 2006

Discussion in 'other security issues & news' started by NICK ADSL UK, Aug 8, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Critical (9)

    Bulletin Identifier Microsoft Security Bulletin MS06-040
    Vulnerability in Server Service Could Allow Remote Code Execution 921883
    http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx


    Bulletin Identifier Bulletin Identifier Microsoft Security Bulletin MS06-041
    Vulnerability in DNS Resolution Could Allow Remote Code Execution 920683
    http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-042
    Cumulative Security Update for Internet Explorer 918899
    http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-043
    Vulnerability in Microsoft Windows Could Allow Remote Code Execution 920214
    http://www.microsoft.com/technet/security/Bulletin/MS06-044.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-044
    Vulnerability in Microsoft Management Console Could Allow Remote Code Execution 917008
    http://www.microsoft.com/technet/security/Bulletin/MS06-045.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-045
    Vulnerability in Windows Explorer Could Allow Remote Code Execution 921398
    http://www.microsoft.com/technet/security/Bulletin/MS06-045.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-046
    Vulnerability in HTML Help Could Allow Remote Code Execution 922616
    http://www.microsoft.com/technet/security/Bulletin/MS06-046.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-047
    Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution 921645
    http://www.microsoft.com/technet/security/Bulletin/MS06-047.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-048
    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 922968
    http://www.microsoft.com/technet/security/Bulletin/MS06-048.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-051
    Vulnerability in Windows Kernel Could Result in Remote Code Execution 917422
    http://www.microsoft.com/technet/security/Bulletin/MS06-051.mspx

    Important (3)
    Bulletin Identifier Microsoft Security Bulletin MS06-045
    Vulnerability in Windows Explorer Could Allow Remote Code Execution 921398
    http://go.microsoft.com/fwlink/?LinkId=69730

    Bulletin Identifier Microsoft Security Bulletin MS06-049
    Vulnerability in Windows Kernel Could Result in Elevation of Privilege 920958
    http://www.microsoft.com/technet/security/Bulletin/MS06-049.mspx

    Bulletin Identifier Microsoft Security Bulletin MS06-050
    Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution 920670
    http://www.microsoft.com/technet/security/Bulletin/MS06-050.mspx

    Re-Released Bulletins:
    ASP.NET Path Validation Vulnerability (887219)
    http://www.microsoft.com/technet/security/Bulletin/ms05-004.mspx

    Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
    http://www.microsoft.com/technet/security/Bulletin/ms06-039.mspx

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Webcast:
    Microsoft will host a webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

    Start Time: Wednesday, August 09, 2006 11:00 AM Pacific Time (US & Canada)
    End Time: Wednesday, August 09, 2006 12:00 PM Pacific Time (US & Canada)

    Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation

    Security Tool:
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft® Windows® Malicious Software Removal Tool (KB890830)

    The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000
    View products that this article applies to.
    Article ID : 890830
    Last Review : August 8, 2006
    Revision : 23.0
    http://support.microsoft.com/?kbid=890830

    Families Cleaned by the Malicious Software Removal Tool
    Additions Are Made Each Month to Address the Latest Threats
    Published: April 12, 2005 | Updated: August 8, 2006


    Run the tool from the Microsoft.com Web site, or download the tool and run it locally on your computer.

    The Microsoft Windows Malicious Software Removal Tool removes specific, prevalent malicious software families from computers running compatible versions of Windows. Microsoft releases a new version of the tool on the second Tuesday of every month, and as needed to respond to security incidents.

    New Malicious Software
    The following malicious software was added this release.

    • Banker

    • Jeefo

    http://www.microsoft.com/security/malwareremove/families.mspx

    Download>>>
    http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft August 2006 Security Releases ISO Image
    August 2006 Security Releases ISO Image
    Brief Description
    These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on August 8th, 2006.


    Quick Details
    Version: 913086
    Security Bulletins: MS06-040 MS06-041 MS06-042 MS06-043 MS06-044 MS06-045 MS06-046 MS06-049 MS06-050 MS06-051
    Knowledge Base (KB) Articles: KB921883 KB920683 KB918899 KB920214 KB917008 KB921398 KB922616 KB920958 KB920670 KB917422

    Date Published: 8/7/2006
    Language: English
    Download Size: 243.4 MB - 1360.5 MB*
    *Download size depends on selected download components.

    Overview
    These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on August 8th, 2006. They do not contain security updates for other Microsoft products.

    These CD images are intended for corporate administrators who manage large multinational organizations, who need to download multiple individual language versions of each security update, and who do not use an automated solution such as WSUS. Use these images to download multiple updates in all languages at the same time.

    Caution:
    Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

    http://www.microsoft.com/downloads/...84-73be-4e7e-a310-d7a979cc0c98&DisplayLang=en
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Advisory (922437)

    Exploit Code Published Affecting the Server Service
    Published: August 11, 2006 | Updated: August 13, 2006


    Microsoft is aware of public reports regarding an attack known as Win32/Graweg exploiting the vulnerability addressed by security update MS06-040.
    http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx

    Microsoft’s initial investigation of Win32/Graweg verified that it only affects users running Windows 2000 that have not applied the update detailed in MS06-040. Microsoft has activated its emergency response process and is continuing to investigate this issue.

    The Microsoft Security Response Alliance partners as well as our own internal teams have determined that there is not widespread customer impact and have rated Win32/Graweb as a Low threat. At this time it does not appear to be a self-replicating internet-wide worm.

    Microsoft continues to recommend that customers apply the August updates as soon as possible with additional urgency and consideration given to the update detailed in MS06-040. Customers can ensure that the updates are being installed by enabling the Automatic Updates feature in Windows or by using their deployment infrastructure in their enterprise or small business.

    Customers who believe that they are infected or are not sure whether they are infected by Win32/Graweb should visit Safety.live.com and choose "Protection Scan." Additionally, Windows Live OneCare from Microsoft provides detection against Win32/Graweb and its known variants.

    Customers who believe they have been attacked should contact their local FBI office or report their situation to www.ic3.gov. Customers outside the U.S. should contact the national law enforcement agency in their country

    Customers who believe they are affected can contact Product Support Services. Contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: http://support.microsoft.com/security.


    Mitigating Factors:

    • Customers who have installed the MS06-040 security update are not affected by this vulnerability.

    • While installation of the update is the recommended action, customers who have applied the mitigations as identified in MS06-040 will have minimized their exposure and potential exploitability against an attack.

    http://www.microsoft.com/technet/security/advisory/922437.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    After people apply the MS06-042 update, rated "critical" by Microsoft,
    IE may crash when certain Web sites are viewed, the company said in a notice on its customer support Web site. The problem affects IE 6 with Service Pack 1 on Windows XP and Windows 2000 systems, it said.

    "Microsoft has identified an issue with the security update MS06-042," the company said in a statement Tuesday. It plans to re-release the bulletin and patch on Aug. 22 for all affected users.

    The problem occurs when IE users view Web sites that use version 1.1 of HTTP alongside compression, according to Microsoft's notice. HTTP, or hypertext transfer protocol, is the standard protocol used to browse Web sites.

    IE users on security mailing lists have reported browser crashes when using PeopleSoft applications that have Web-based interfaces. Others report running into problems when using other applications, including Microsoft's own customer relationship management, or CRM, tools.

    Microsoft has a temporary fix available for the problems caused by MS06-042. However, this fix is not available for download; people have to call Microsoft's support line.
    http://www.zdnetasia.com/news/security/0,39044215,39390633,00.htm
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Advisory (923762)
    Microsoft Security Advisory (923762): Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit


    Published: August 22, 2006

    On August 15, 2006 Microsoft announced that it would be re-releasing MS06-042 Tuesday, August 22, 2006 to address an issue affecting Internet Explorer 6 Service Pack 1 customers discussed in Microsoft Knowledge Base Article 923762.
    http://support.microsoft.com/kb/923762/

    Due to an issue discovered in final testing, Microsoft will not be re-releasing MS06-042 today. This update will be re-released for Internet Explorer 6 Service Pack 1 when it meets an appropriate level of quality for broad distribution.

    Microsoft is also aware of public reports that this issue can lead to a buffer overrun condition for Internet Explorer 6 Service Pack 1 customers that have applied MS06-042. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time. Microsoft is aggressively investigating the public reports. Only customers using Internet Explorer 6.0 SP1 are affected, all other customers should continue their deployments of MS06-042. Customers using Internet Explorer 6.0 SP 1 should continue their deployment of MS06-042 and follow the existing guidance provided in Knowledge Base article 923762
    http://support.microsoft.com/kb/923762/
    and the Suggested Actions section of this Security Advisory.

    http://www.microsoft.com/technet/security/...ory/923762.mspx
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin MS06-042
    Cumulative Security Update for Internet Explorer (918899)
    Published: August 8, 2006 | Updated: August 24, 2006


    Version: 2.0

    Summary
    Who should read this document: Customers who use Microsoft Windows

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately.

    Security Update Replacement: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

    Caveats: This Security Bulletin and the Internet Explorer 6 Service Pack 1 security updates have been updated to address an issue documented in Microsoft Knowledge Base Article 923762
    Microsoft Knowledge Base Article 923762.

    This issue may lead to an additional buffer overrun condition only affecting Internet Explorer 6 Service Pack 1 customers that have applied the original version of that update released August 8th, 2006. The security issue is documented in the Vulnerability Details section as Long URL Buffer Overflow – CVE-2006-3869. Internet Explorer 6 Service Pack 1 Customers should apply the new update immediately. Microsoft Knowledge Base Article 918899
    Microsoft Knowledge Base Article 918899 .
    documents this and any other currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.

    For more information, see Microsoft Knowledge Base Article 918899Microsoft Knowledge Base Article 918899..

    Tested Software and Security Update Download Locations:and Affected Software:

    • Microsoft Windows 2000 Service Pack 4

    • Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

    • Microsoft Windows XP Professional x64 Edition

    • Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

    • Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

    • Microsoft Windows Server 2003 x64 Edition

    http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx
     
Loading...
Thread Status:
Not open for further replies.