Microsoft Security Bulletin Summary for June, 2006

Discussion in 'other security issues & news' started by NICK ADSL UK, Jun 13, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Summary for June, 2006
    Published: June 13, 2006 | Updated: June 13, 2006

    CRITICAL BULLETINS 8

    Bulletin Identifier Microsoft Security Bulletin MS06-021
    Bulletin Title
    http://go.microsoft.com/fwlink/?LinkId=66973
    Cumulative Security Update for Internet Explorer (916281)

    Executive Summary
    This update resolves several vulnerabilities in Internet Explorer that could allow remote code execution.
    Maximum Severity Rating
    Critical


    Bulletin Identifier Microsoft Security Bulletin MS06-022
    Bulletin Title
    Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)

    http://go.microsoft.com/fwlink/?LinkId=66974
    Executive Summary
    This update resolves a vulnerability that could allow remote code execution when using Internet Explorer.
    Maximum Severity Rating
    Critical

    Bulletin Identifier Microsoft Security Bulletin MS06-023
    Bulletin Title
    Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)

    http://go.microsoft.com/fwlink/?LinkId=66975
    Executive Summary
    This update resolves a vulnerability in JScript that could allow remote code execution when using Internet Explorer.
    Maximum Severity Rating
    Critical

    Bulletin Identifier Microsoft Security Bulletin MS06-024
    Bulletin Title
    Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734)

    http://go.microsoft.com/fwlink/?LinkId=66393
    Executive Summary
    This update resolves a vulnerability in Windows Media Player that could allow remote code execution.
    Maximum Severity Rating
    Critical

    Bulletin Identifier Microsoft Security Bulletin MS06-025
    Bulletin Title
    Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)

    http://go.microsoft.com/fwlink/?LinkId=62072
    Executive Summary
    This update resolves vulnerabilities in Windows that could allow remote code execution.
    Maximum Severity Rating
    Critical

    Bulletin Identifier Microsoft Security Bulletin MS06-026
    Bulletin Title
    Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)
    http://go.microsoft.com/fwlink/?LinkId=67230

    Executive Summary
    This update resolves a vulnerability in Windows that could allow remote code execution.
    Maximum Severity Rating
    Critical

    Bulletin Identifier Microsoft Security Bulletin MS06-027
    Bulletin Title
    Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)

    http://go.microsoft.com/fwlink/?linkid=67899
    Executive Summary
    This update resolves a vulnerability in Word that could allow remote code execution.
    Maximum Severity Rating
    Critical

    Bulletin Identifier Microsoft Security Bulletin MS06-028
    Bulletin Title
    Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution 916768
    http://go.microsoft.com/fwlink/?LinkId=66396

    Executive Summary
    This update resolves a vulnerability in PowerPoint that could allow remote code execution.
    Maximum Severity Rating
    Critical

    IMPORTANT BULLETINS 3

    Bulletin Identifier Microsoft Security Bulletin MS06-029
    Bulletin Title
    Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)
    http://go.microsoft.com/fwlink/?LinkId=66394

    Executive Summary
    This update resolves a vulnerability in Outlook Web Access that could allow script execution. User interaction is required for an attacker to exploit this vulnerability.
    Maximum Severity Rating
    Important
    Impact of Vulnerability
    Remote Code Execution

    Bulletin Identifier Microsoft Security Bulletin MS06-030
    Bulletin Title
    Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)

    http://go.microsoft.com/fwlink/?LinkId=62073
    Executive Summary
    This update resolves several vulnerabilities in Windows. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
    Maximum Severity Rating
    Important
    Impact of Vulnerability
    Elevation of Privilege

    Bulletin Identifier Microsoft Security Bulletin MS06-032
    Bulletin Title
    Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)

    http://go.microsoft.com/fwlink/?LinkId=66152
    Executive Summary
    This update resolves a vulnerability in Windows. By default, the Routing and Remote Access Service is disabled on any affected operating system version.
    Maximum Severity Rating
    Important
    Impact of Vulnerability
    Remote Code Execution

    MODERATE BULLETINS 1

    Bulletin Identifier Microsoft Security Bulletin MS06-031
    Bulletin Title
    Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736)

    http://go.microsoft.com/fwlink/?LinkId=66149
    Executive Summary
    This update resolves a vulnerability in Windows. A user would need to connect to a malicious RPC server for any spoofing to occur. An attacker would have no way to force users to connect to a malicious RPC server. Windows 2000 Service Pack 4 is the only affected version.
    Maximum Severity Rating
    Moderate
    Impact of Vulnerability
    Spoofing

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338 International customers should contact their local subsidiary.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    The updated version of Windows Malicious Software Removal Tool is also available. You may download from Microsoft Download center.

    File Name: Windows-KB890830-V1.17.exe
    Version: 1.17
    Knowledge Base (KB) Articles: KB890830
    Date Published: 6/13/2006
    Language: English
    Download Size: 2.1 MB
    Estimated Download Time: 5 min 56K

    Please review KB890830 for the list of malicious software that the current version of the tool is capable of removing as well as usage instructions. Also, please be aware that this tool reports anonymous information back to Microsoft in the event that an infection is found or an error is encountered. The above KB article contains information on how to disable this functionality and what specific information is sent to Microsoft.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    June 2006 Security Releases ISO Image
    Brief Description
    These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on June 13th, 2006.


    Overview
    These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on June 13th, 2006. They do not contain security updates for other Microsoft products. These CD images are intended for corporate administrators who manage large multinational organizations, who need to download multiple individual language versions of each security update, and who do not use an automated solution such as WSUS. Use these images to download multiple updates in all languages at the same time.


    Caution: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

    http://www.microsoft.com/downloads/...c8-d8fd-4436-99e3-c61218aa6311&DisplayLang=en
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft has released security bulletin MS06-025. The security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the security bulletin, visit the following Microsoft Web sites:

    Home users:

    http://www.microsoft.com/athome/security/update/bulletins/200606.mspx

    IT professionals:
    http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx

    So far there’ve been no issues with a vast majority of the updates, but one issue we are tracking has to do with MS06-025, very specifically related to dial up users that use dial up scripting, a very old piece of functionality not widely in use anymore. (Users using dial up for Internet or Remote Access Services who do not use dial-up scripting or terminal windows are unaffected. Users who use Virtual Private Network (VPN) connections are also not affected by this at all as dial-up scripting is not used in VPN connections.)

    Known Issues• An issue has been confirmed involving dial-up connections which use the terminal window or dial-up scripting. Dial-up terminal windows or scripting is an older technology rarely used by most modern dial-up connections. If dial-up scripting is used in a connection, the connection may stop responding. This does not affect any dial-up connections that do not use dial-up scripting. This issue may affect direct dial connections to a corporate or university network or to some ISPs (Internet Service Providers). Microsoft is working on developing and testing a revision to this update which will address this issue. If you need to use these dial-up scripting or terminal window features do not install security update MS06-025 (KB911280) until the revised version is available. More information on dial-up scripting can be found at
    http://www.microsoft.com/technet/archive/winntas/proddocs/network/xns10.mspx
    Virtual private network (VPN) connections are not affected by this issue; dial-up scripting is not supported in VPN scenarios.
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Advisory (921923)
    Proof of Concept Code Published Affecting the Remote Access Connection Manager Service
    Published: June 23, 2006


    Microsoft is aware that detailed exploit code has been published on the Internet for the vulnerability that is addressed by Microsoft security bulletin MS06-025.
    http://go.microsoft.com/fwlink/?LinkId=62072
    Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. However, Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.

    Our investigation of this exploit code has verified that it does not affect customers who have installed the updates detailed in MS06-025 on their computers. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows.

    Microsoft is disappointed that certain security researchers have breached the commonly accepted industry practice of withholding vulnerability data so close to update release and have published exploit code, potentially harming computer users. We continue to urge security researchers to disclose vulnerability information responsibly and allow customers time to deploy updates so they do not aid criminals in their attempt to take advantage of software vulnerabilities

    Mitigating Factors:

    Customers who have installed the MS06-025 security update are not affected by this vulnerability.

    Windows 2000 systems are primarily at risk from this vulnerability. Customers running Windows 2000 should deploy MS06-025 as soon as possible or disable the RASMAN service.


    On Windows XP Service Pack 2, Windows Server 2003 and Windows Server 2003 Service Pack 1 the attacker would need to have valid logon credentials in order to exploit the vulnerability.


    This issue does not affect Windows 98, Windows 98 SE, or Windows Millennium Edition.

    http://www.microsoft.com/technet/security/advisory/921923.mspx
     
Loading...
Thread Status:
Not open for further replies.