2006 MS Alerts - Q2

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../ms06-may.mspx
Published: May 9, 2006
Version: 1.0

Critical (2)

Microsoft Security Bulletin MS06-019
Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)
- http://www.microsoft.com/technet/sec.../ms06-019.mspx
...Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical...
Affected Software:
• Microsoft Exchange Server 2000 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004(870540)
• Microsoft Exchange Server 2003 Service Pack 1
• Microsoft Exchange Server 2003 Service Pack 2...

Microsoft Security Bulletin MS06-020
Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)
- http://www.microsoft.com/technet/sec.../ms06-020.mspx
...Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical...
Affected Software:
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)...


Moderate (1)

Microsoft Security Bulletin MS06-018
Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)
- http://www.microsoft.com/technet/sec.../ms06-018.mspx
Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate...
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems...

Revisions:
• V1.0 (May 9, 2006): Bulletin published..."

-----------------------------------------
ISC Analysis:

MS06-019 (Critical)
- http://isc.sans.org/diary.php?storyid=1322
Last Updated: 2006-05-09 18:32:46 UTC
"...Exchange admins you will have your hands full, especially if you are running your own RIM/Blackberry Enterprise Server. Please read the earlier entry*... for details on the "gotcha" there. This vulnerability allows for remote code execution and is critical that it be patched.
* http://www.isc.sans.org/diary.php?storyid=1320

MS06-020 (Critical)
- http://isc.sans.org/diary.php?storyid=1323
Last Updated: 2006-05-09 18:05:03 UTC
"...This bulletin addresses flaws in older versions of Adobe's flash player. Both have been fixed for a while by Adobe. In case you haven't yet, this is your last chance to update the Adobe Flash player. MS06-020 patched this vulnerability as well. However, it only patched Flash Player 7 (or 8 ). If a user had initially Flashplayer 6 installed, MS06-020 was not applied. As a result, a user may have installed 7 or 8 later, and ended up vulnerable as a result. See the KB article above for details ( http://support.microsoft.com/kb/913433 ). The "safe" version is 8.0.24.0 (this is currently the most recent version)... This patch should be applied fast on all desktops. You may be able to wait a bit on servers, or you could just uninstall the flash player on servers (if you never use them to browse)..."

MS06-018 (Moderate)
- http://isc.sans.org/diary.php?storyid=1321
Last Updated: 2006-05-09 18:32:27 UTC
"...This update patches two vulnerabilities in MSDTC (CVE-2006-0034,CVE-2006-1184). Both represent a denial of service in MSDTC which can be exploited locally or remotely with malformed messages. This vulnerability is listed as moderate for Windows 2000 versus Low for XP and 2003 because MSDTC is enabled by default on that platform. The severity is the same on the other platforms when the service is running..."