Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Aug 28th, 2008, 2:08pm
   Mischel Internet Security Forum
   Internet Security
   News (Moderators: Helena, Gavin_Coe, Magnus)
   Microsoft Security Bulletin Summary for August		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Microsoft Security Bulletin Summary for August  (Read 476 times)
NICK_ADSL_UK
Senior Member
****






   
WWW  

Gender: male
 Posts: 317
Microsoft Security Bulletin Summary for August
« on: Aug 8th, 2006, 6:11pm »		 Quote Quote  Modify Modify
Critical (9)
 
Bulletin Identifier Microsoft Security Bulletin MS06-040
Vulnerability in Server Service Could Allow Remote Code Execution 921883
http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx
 
 
Bulletin Identifier Bulletin Identifier Microsoft Security Bulletin MS06-041  
 Vulnerability in DNS Resolution Could Allow Remote Code Execution 920683
http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-042  
Cumulative Security Update for Internet Explorer 918899
http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-043  
Vulnerability in Microsoft Windows Could Allow Remote Code Execution 920214
http://www.microsoft.com/technet/security/Bulletin/MS06-044.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-044  
Vulnerability in Microsoft Management Console Could Allow Remote Code Execution 917008
http://www.microsoft.com/technet/security/Bulletin/MS06-045.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-045
Vulnerability in Windows Explorer Could Allow Remote Code Execution 921398
http://www.microsoft.com/technet/security/Bulletin/MS06-045.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-046  
Vulnerability in HTML Help Could Allow Remote Code Execution 922616
http://www.microsoft.com/technet/security/Bulletin/MS06-046.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-047  
Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution 921645
http://www.microsoft.com/technet/security/Bulletin/MS06-047.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-048  
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 922968
http://www.microsoft.com/technet/security/Bulletin/MS06-048.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-051  
Vulnerability in Windows Kernel Could Result in Remote Code Execution 917422
http://www.microsoft.com/technet/security/Bulletin/MS06-051.mspx
 
Important (3)
Bulletin Identifier Microsoft Security Bulletin MS06-045  
Vulnerability in Windows Explorer Could Allow Remote Code Execution 921398
http://go.microsoft.com/fwlink/?LinkId=69730
 
Bulletin Identifier Microsoft Security Bulletin MS06-049  
Vulnerability in Windows Kernel Could Result in Elevation of Privilege 920958
http://www.microsoft.com/technet/security/Bulletin/MS06-049.mspx
 
Bulletin Identifier Microsoft Security Bulletin MS06-050  
Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution 920670
http://www.microsoft.com/technet/security/Bulletin/MS06-050.mspx
 
Re-Released Bulletins:
ASP.NET Path Validation Vulnerability (887219)
http://www.microsoft.com/technet/security/Bulletin/ms05-004.mspx
 
Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
http://www.microsoft.com/technet/security/Bulletin/ms06-039.mspx
 
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
 
Webcast:
Microsoft will host a webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.
 
Start Time: Wednesday, August 09, 2006 11:00 AM Pacific Time (US & Canada)  
End Time: Wednesday, August 09, 2006 12:00 PM Pacific Time (US & Canada)  
 
Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation
 
Security Tool:
Find out if you are missing important Microsoft product updates by using MBSA.
IP Logged

Wilders Security Forum Admin
Microsoft MVP - Consumer Security
NICK_ADSL_UK
Senior Member
****






   
WWW  

Gender: male
 Posts: 317
Re: Microsoft Security Bulletin Summary for August
« Reply #1 on: Aug 8th, 2006, 6:12pm »		 Quote Quote  Modify Modify
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
 
The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000
View products that this article applies to.
Article ID : 890830  
Last Review : August 8, 2006  
Revision : 23.0  
http://support.microsoft.com/?kbid=890830
 
Families Cleaned by the Malicious Software Removal Tool
Additions Are Made Each Month to Address the Latest Threats
Published: April 12, 2005 | Updated: August 8, 2006
 
 
Run the tool from the Microsoft.com Web site, or download the tool and run it locally on your computer.
 
The Microsoft Windows Malicious Software Removal Tool removes specific, prevalent malicious software families from computers running compatible versions of Windows. Microsoft releases a new version of the tool on the second Tuesday of every month, and as needed to respond to security incidents.
 
New Malicious Software  
The following malicious software was added this release.  
 
• Banker
 
• Jeefo
 
http://www.microsoft.com/security/malwareremove/families.mspx
 
Download>>>
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4 F54-9AB3-75B8EB148356&displaylang=en
IP Logged

Wilders Security Forum Admin
Microsoft MVP - Consumer Security
hayc59
Original Gangster
******




VoodØØ Child™

   
WWW  

Gender: male
 Posts: 1428
Re: Microsoft Security Bulletin Summary for August
« Reply #2 on: Aug 13th, 2006, 2:56pm »		 Quote Quote  Modify Modify
Microsoft Security Advisory (922437)
 
Exploit Code Published Affecting the Server Service
Published: August 11, 2006 | Updated: August 13, 2006
 
Microsoft is aware of public reports regarding an attack known as Win32/Graweg exploiting the vulnerability addressed by security update MS06-040.
http://www.microsoft.com/technet/security/...n/ms06-040.mspx  
 
Microsoft’s initial investigation of Win32/Graweg verified that it only affects users running Windows 2000 that have not applied the update detailed in MS06-040. Microsoft has activated its emergency response process and is continuing to investigate this issue.  
 
The Microsoft Security Response Alliance partners as well as our own internal teams have determined that there is not widespread customer impact and have rated Win32/Graweb as a Low threat. At this time it does not appear to be a self-replicating internet-wide worm.
 
Microsoft continues to recommend that customers apply the August updates as soon as possible with additional urgency and consideration given to the update detailed in MS06-040. Customers can ensure that the updates are being installed by enabling the Automatic Updates feature in Windows or by using their deployment infrastructure in their enterprise or small business.
 
Customers who believe that they are infected or are not sure whether they are infected by Win32/Graweb should visit Safety.live.com and choose "Protection Scan." Additionally, Windows Live OneCare from Microsoft provides detection against Win32/Graweb and its known variants.
 
Customers who believe they have been attacked should contact their local FBI office or report their situation to www.ic3.gov . Customers outside the U.S. should contact the national law enforcement agency in their country
 
Customers who believe they are affected can contact Product Support Services. Contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: http://support.microsoft.com/security .
 
Mitigating Factors:
 
• Customers who have installed the MS06-040 security update are not affected by this vulnerability.
• While installation of the update is the recommended action, customers who have applied the mitigations as identified in MS06-040 will have minimized their exposure and potential exploitability against an attack.
 
http://www.microsoft.com/technet/security/...ory/922437.mspx  
 
NICK ADSL UK Thank You for the info
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register