funsec mailing list archives

XP Problem: Microsoft Security Bulletin Summary for February, 2006

From: "Fergie" <fergdawg () netzero net>
Date: Tue, 14 Feb 2006 18:56:44 GMT

Patches now available.

http://www.microsoft.com/technet/security/bulletin/ms06-feb.mspx

Note: One problem has been detected in downloading and installing KB913446 -- it failed on three (3) XP SP2 machines
that I tried it on (failed on download). Waiting to hear something about it elsewhere but nothing further to report at
this time (12:40 CST -06:00 UTC).

- ferg

Critical (2)

MS06-004
Cumulative Security Update for Internet Explorer (910620)
A vulnerability exists in the Graphics Rendering Engine that could allow remote code execution.

MS06-005
Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
A vulnerability exists in the way that Windows Media Player processes certain files that could allow remote code
execution.

Important (5)

MS06-006
Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution
(911564)
A remote code execution vulnerability exists in the Windows Media Player plug-in for non-Microsoft Internet browsers
that can allow remote code execution.

MS06-007
Vulnerability in TCP/IP Could Allow Denial of Service (913446)
A vulnerability exists that could allow an attacker to send a specially crafted IGMP that could cause an affected
system to stop responding.

MS06-008
Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)
A vulnerability exists in the Windows Web Client Service that could allow an attacker to take complete control of an
affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this
vulnerability.

MS06-009
A vulnerability exists in the Windows and Office in the Korean Input Method Editor Could Allow Elevation of Privilege
(901190)
A vulnerability exists in the Windows and Office Korean Input Method Editor that could allow an attacker to take
complete control of an affected system. For an attack to be successful an attacker must be able to interactively log on
to the affected system.

MS06-010
Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)
A vulnerability exists PowerPoint that could allow information disclosure.

--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg () netzero net or fergdawg () sbcglobal net
ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

XP Problem: Microsoft Security Bulletin Summary for February, 2006 Fergie (Feb 14)
- Re: XP Problem: Microsoft Security Bulletin Summary for February, 2006 Dude VanWinkle (Feb 14)