Microsoft Security Bulletins 14 February 2006

Discussion in 'other security issues & news' started by NICK ADSL UK, Feb 14, 2006.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    This security bulletin courtesy of Ms. Donna Buenaventura [MVP]

    Microsoft released this month's security bulletins affecting Windows and Microsoft Office. Also affecting Windows Media Player and Internet Explorer (components in Windows):

    Bulletins:

    2 Critical Bulletins
    • MS06-004 - Cumulative Security Update for Internet Explorer (910620)
    • MS06-005 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
    5 Important Bulletins
    • MS06-006 - Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
    • MS06-007 - Vulnerability in TCP/IP Could Allow Denial of Service (913446)
    • MS06-008 - Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)
    • MS06-009 - Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)
    • MS06-010 - Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)
    Summary:
    View the Bulletin Summary in Microsoft website.

    Reminder:
    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Webcast:
    Microsoft will host a webcast on the above security bulletins. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

    Start Time: Wednesday, February 15, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
    End Time: Wednesday, February 15, 2006 12:00 PM (GMT-08:00) Pacific Time (US & Canada)

    Security Tool:
    Find out if you are missing important Microsoft product updates by using MBSA
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK

    Attached Files:

  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    MS06-007 - Vulnerability in TCP/IP Could Allow Denial of Service (913446)

    It has been reported that the MS06-007 - Vulnerability in TCP/IP Could Allow Denial of Service (913446) failed to install using AU or MU.

    Microsoft is now aware and investigating the issue.

    If this should happen and you receive a failed install then please update and install MS06-007 update manually.

    http://www.microsoft.com/technet/security/bulletin/ms06-007.mspx
     
  4. chachazz

    chachazz Updates Team

    Joined:
    Apr 23, 2004
    Posts:
    840
    Microsoft Malicious Software Removal Tool (KB890830) - 02/14/2006

    Microsoft® Windows® Malicious Software Removal Tool (KB890830)
    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found.

    File Name: Windows-KB890830-V1.13.exe
    Version: 1.13
    Knowledge Base (KB) Articles:KB890830
    Date Published: 2/14/2006
    Language: English
    Download Size: 1.4 MB


    Download: Microsoft Malicious Software Tool»

    Families Cleaned by the Malicious Software Removal Tool

    The following malicious software was added this release.
    •Alcan
    •Badtrans
    •Eyeveg
    •Magistr
    View Complete List»
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions

    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    * MS06-007

    Bulletin Information:
    =====================

    * MS06-007


    http://www.microsoft.com/technet/security/bulletin/MS06-007.mspx

    - Reason for revision: Security Update FAQ Section updated to reflect an issue, now resolved, that affected the deployment of this update through Automatic Update, Windows Update, Microsoft Update, Windows Server Update Services and Systems Management Server 2003 when using the Inventory Tool for Microsoft Updates.
    - Originally posted: February 14, 2006
    - Updated: February 14, 2006
    - Bulletin Severity Rating: Important
    - Version: 1.1
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Advance Notification
    Updated: February 14, 2006

    Register for the webcast:

    http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US

    Microsoft will host on March 15 (the day after releasing the scheduled security bulletin) the security bulletins. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

    Start Time: Wednesday, March 15, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
    End Time: Wednesday, March 15, 2006 12:00 PM (GMT-08:00) Pacific Time (US & Canada)


    Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Stephen Toulouse, Security Program Manager, Microsoft Corporation
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Update for Windows XP KB913538

    Update for Windows XP KB913538 Genuine Windows download
    Brief Description

    Install this update to prevent Windows Management Instrumentation enumerations from being canceled before the client computer can finish using the enumerations.

    Overview

    Install this update to prevent Windows Management Instrumentation enumerations from being canceled before the client computer can finish using the enumerations. After you install this item, you may have to restart your computer.

    http://www.microsoft.com/downloads/...a1-855d-4555-8c0e-eb67c93cfc27&DisplayLang=en
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    The following bulletins have undergone a minor revision increment.

    Please see the appropriate bulletin for more details.

    * MS06-009
    * MS06-005
    * MS05-054
    * MS05-013


    Bulletin Information:
    =====================

    * MS06-009
    - http://www.microsoft.com/technet/security/...n/MS06-009.mspx
    - Reason for revision: Bulletin revised: Executive Summary updated to clarify the criteria for a successful attack, updated the workarounds section to provide clarity for TCP port 4125.
    - Originally posted: February 14,2006
    - Updated: March 8,2006
    - Bulletin Severity Rating: Important
    - Version: 1.1

    * MS06-005
    - http://www.microsoft.com/technet/security/...n/MS06-005.mspx
    - Reason for revision: Bulletin revised: "Caveats" section updated due to new issues discovered with the security update.Users may experience issues when they try to seek,fast rewind,or fast forward in Windows Media Player 10.
    - Originally posted: February 14,2006
    - Updated: March 8,2006
    - Bulletin Severity Rating: Critical
    - Version: 1.2

    * MS05-054
    - http://www.microsoft.com/technet/security/...n/MS05-054.mspx
    - Reason for revision: Bulletin revised to add acknowledgment for CAN-2005-1790.
    - Originally posted: December 13,2005
    - Updated: March 8,2006
    - Bulletin Severity Rating: Critical
    - Version: 1.2

    * MS05-013
    - http://www.microsoft.com/technet/security/...n/MS05-013.mspx
    - Reason for revision: Bulletin revised due to new issues discovered with the security update: "Microsoft Knowledge Base Article 906216: The Dhtmled.ocx ActiveX control does not work as expected after a program changes the Visible property of the Dhtmled.ocx control."
    - Originally posted: February 8,2005
    - Updated: March 8,2006
    - Bulletin Severity Rating: Critical
    - Version: 1.2
     
Loading...
Thread Status:
Not open for further replies.