Microsoft Security Bulletin Summary for January 2006

Discussion in 'other security issues & news' started by NICK ADSL UK, Jan 10, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    This update courtesy of Ms. Donna Buenaventura [MVP]

    Windows Malicious Software Removal Tool <-- Download from Microsoft

    File Name: Windows-KB890830-V1.12-ENU.exe
    Version: 1.12
    Date Published: 1/10/2006
    Language: English
    Download Size: 1.1 MB
    Estimated Download Time: 3 min 56K

    Notes:
    • You may also get the updated version from Windows Update, Microsoft Update websites or by using Windows' Automatic Updates functionality.
    • Online version of the above tool is available in:
      http://www.microsoft.com/security/malwareremove/default.mspx
    • If you prefer to run the tool more than once, it is recommended to download the tool or run the online version.
    • Please be aware that this tool reports anonymous information back to Microsoft in the event that an infection is found or an error is encountered. The below Microsoft KB article contains how to disable this functionality and what specific information is sent to Microsoft.
    • This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product.
    • To use the tool, you must log on to the computer by using an account that is a member of the Administrators group. After you accept the one-time EULA, you can receive future versions of the tool without being logged on to the computer as an administrator.
    • The tool creates a log file named mrt.log in the %WINDIR%\debug folder.
    • Any malicious software that is not listed in below Microsoft KB article is not detected and not removed by the tool. To scan for and remove other malicious software, use an up-to-date antivirus product.

    More info in Microsoft KB890830
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    As scheduled, Microsoft released its' second security bulletins for January affecting Windows systems, Exchange and Office applications.

    2 Critical Bulletins:

    MS06-002 - Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)

    MS06-003 - Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)

    Bulletin Summary at http://www.microsoft.com/technet/security/...n/ms06-Jan.mspx

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites or by using Windows' Automatic Updates functionality.

    Tomorrow, Microsoft will host a webcast on the above security bulletins. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

    Start Time: Wednesday, January 11, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
    End Time: Wednesday, January 11, 2006 12:00 PM (GMT-08:00) Pacific Time (US & Canada)

    Find out if you are missing security updates by using MBSA!
     

    Attached Files:

  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS06-001
    Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
    Published: January 5, 2006


    Version: 1.0

    Summary
    Who should read this document: Customers who use Microsoft Windows

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately.

    Security Update Replacement: None

    Tested Software and Security Update Download Locations:

    http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Windows Vista Security Update 01/13/2006

    Windows Vista Security Update
    A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it.

    Follow the provided link(s) to download the patch.
    Vista Beta 1
    http://www.microsoft.com/downloads/...0d-f608-44d5-8965-91dca0707e26&DisplayLang=en

    Vista December CTP

    http://www.microsoft.com/downloads/...dc-7148-4002-86bb-e4ade080ea86&DisplayLang=en

    Vista x64
    http://www.microsoft.com/downloads/...3e-edd3-4eb6-b8c3-d73063ea4668&DisplayLang=en

    Vista December CTP x64
    http://www.microsoft.com/downloads/...e7-19cd-4f51-9c5d-6261f822e912&DisplayLang=en

    Please note that vista is in beta and the usual caveats with regards these updates apply
     
Loading...
Thread Status:
Not open for further replies.