Page 3 of 3 FirstFirst 123
Results 21 to 29 of 29

Thread: 2006 MS Alerts - Q4

  1. #21
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Microsoft Security Advisory (928604)

    FYI...

    Microsoft Security Advisory (928604)
    Exploit Code Published Affecting the Workstation Service on Windows 2000
    - http://www.microsoft.com/technet/sec...ry/928604.mspx
    Published: November 16, 2006
    "Microsoft is aware of public proof of concept code targeting the vulnerability addressed by security update MS06-070. At this time Microsoft has not seen any indications of active exploitation of the vulnerability Microsoft has activated its emergency response process and is continuing to investigate this public report. Microsoft continues to recommend that customers apply the November updates as soon as possible with additional urgency and consideration given to the update detailed in MS06-070*..."
    * http://www.microsoft.com/technet/sec.../ms06-070.mspx

    Last edited by AplusWebMaster; 2006-11-18 at 16:08.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #22
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS06-067 exploit out

    (Addition to previous entry...MS06-066, MS06-070 exploits out)

    Malicious Website / Malicious Code: MS06-067
    - http://www.websense.com/securitylabs...hp?AlertID=698
    November 14, 2006
    "Websense® Security Labs™ received proof of concept code for a vulnerability in the "DirectAnimation ActiveX Control" in September 2006. Since that time our miners have been searching for sites that are exploiting this vulnerability. Multiple sites were discovered to be actively exploiting this in the wild. The majority of these sites have been installing a variant of the HaxDoor backdoor/keylogger..."

    (Screenshots available at the URL above.)

    > http://www.microsoft.com/technet/sec.../ms06-067.mspx

    Last edited by AplusWebMaster; 2006-11-21 at 05:21.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #23
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Microsoft Security Advisory (929433)

    FYI...

    Microsoft Security Advisory (929433)
    Vulnerability in Microsoft Word Could Allow Remote Code Execution
    - http://www.microsoft.com/technet/sec...ry/929433.mspx
    December 5, 2006
    "Microsoft is investigating a new report of limited “zero-day” attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker. As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources... Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs..."

    > http://secunia.com/advisories/23232/
    Last Update: 2006-12-17
    Critical: Extremely critical
    Impact: System access
    Where: From remote
    Solution Status: Unpatched...
    ===========================================
    - http://blogs.technet.com/msrc/archiv...y-reports.aspx
    December 15, 2006
    "...Microsoft Security Advisory 929433 applies to all three issues..."

    Last edited by AplusWebMaster; 2006-12-17 at 19:18. Reason: Added MS blog info; noted Secunia advisory update...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #24
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow MS Security Bulletin Advance Notification - December 2006

    FYI...

    - http://www.microsoft.com/technet/sec...n/advance.mspx
    Updated: December 7, 2006
    "...On 12 December 2006 Microsoft is planning to release:

    Security Updates
    • -Five- Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Some of these updates will require a restart.
    • -One- Microsoft Security Bulletins affecting Microsoft Visual Studio. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
    Microsoft Windows Malicious Software Removal Tool
    • Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS).
    Non-security High Priority updates on MU, WU, WSUS and SUS
    • Microsoft will release -four- NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).
    • Microsoft will release -10- NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

    Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released..."
    ---------------------------------------------------------------

    - http://isc.sans.org/diary.php?storyid=1922
    Last Updated: 2006-12-08 01:53:19 UTC
    "...Note that there are no patches for Office, so the 2 new Word vulnerabilities reported earlier this week will remain unpatched. See the MSRC blog entry here*."

    * http://blogs.technet.com/msrc/archiv...ification.aspx

    Last edited by AplusWebMaster; 2006-12-08 at 12:53.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #25
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Windows Media Player v9, v10 Vuln

    FYI... http://secunia.com/advisories/22971/
    Release Date: 2006-12-08
    Critical: Highly critical
    Impact: DoS, System access
    Where: From remote
    Solution Status: Unpatched
    Software: Microsoft Windows Media Player 10.x...
    ...Successful exploitation crashes the program and may potentially allow execution of arbitrary code, though this has not currently been proven. The vulnerability is reported in version 10.00.00.4036. Other versions may also be affected.
    Solution: Do not open untrusted playlists..."

    - http://www.computerworld.com/action/...ce=rss_topic85
    December 08, 2006
    "...Affects Windows Media Player Versions 9 and 10, could allow a malicious hacker to run unauthorized software on a victim's PC or cause a denial-of-service attack... The flaw is due to a buffer overflow error that can occur when Windows Media Player is used to run .asx media files, according to a warning from eEye Digital Security*. Such files open automatically in a Web browser, meaning a hacker would need only to post an infected .asx file in a Web page and then try to lure users to visit the page, eEye Digital said. An infected file could also be sent via e-mail, in which case users would need to be persuaded to open it..."
    * http://research.eeye.com/html/alerts.../20061122.html
    Common Name: ASX Playlist
    Date Disclosed: 11/22/2006
    Expected Patch Release: Unknown
    Vendor: Microsoft
    Application: Windows Media Player
    Description: "...function at 7D7A8F27 in WMVCORE.DLL version 9.0.0.3250, and at 086E586E in WMVCORE.DLL version 10.0.0.3802..."
    Severity: High ...

    - http://blogs.technet.com/msrc/archiv...at-isssue.aspx
    December 07, 2006

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #26
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Another new Word 0-day...

    FYI...

    Another new Word 0-day...
    - http://isc.sans.org/diary.php?storyid=1925
    Last Updated: 2006-12-10 22:03:23 UTC
    "...McAfee* has released a dat today for protection against a buffer overflow attack in MS Word. The announcement says "Note: This vulnerability was first found through one of the samples that McAfee analyzed, and this vulnerability differs from the "Microsoft Word 0-Day Vulnerability I" that was published on December 5, 2006". Other vendors are expected to follow suit..."

    * http://vil.nai.com/vil/content/v_vul27249.htm

    - http://vil.nai.com/vil/content/v_127787.htm

    - http://vil.nai.com/vil/content/v_141056.htm

    - http://vil.nai.com/vil/content/v_141057.htm

    > http://blogs.technet.com/msrc/archiv...-zero-day.aspx
    December 10, 2006

    - http://secunia.com/advisories/23205/
    Release Date: 2006-12-12
    Critical: Extremely critical
    Impact: System access
    Where: From remote
    Solution Status: Unpatched...
    ...NOTE: The vulnerability is already being actively exploited.
    Solution: Do not open untrusted Office documents...
    - http://secunia.com/advisories/23232/
    Last Update: 2006-12-17

    Last edited by AplusWebMaster; 2006-12-17 at 19:20. Reason: Noted Secunia advisory updates...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #27
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Bulletin Summary - December 2006

    FYI...

    - http://www.microsoft.com/technet/sec.../ms06-dec.mspx
    December 12, 2006
    "Summary

    > Critical (3)

    Microsoft Security Bulletin MS06-072
    Cumulative Security Update for Internet Explorer (925454)
    - http://www.microsoft.com/technet/sec.../ms06-072.mspx
    Maximum Severity Rating: Critical
    Impact of Vulnerability: Remote Code Execution...
    Non-Affected Components: • Windows Internet Explorer 7...

    Microsoft Security Bulletin MS06-073
    Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
    - http://www.microsoft.com/technet/sec.../ms06-073.mspx
    Maximum Severity Rating: Critical
    Impact of Vulnerability: Remote Code Execution

    Microsoft Security Bulletin MS06-078
    Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
    - http://www.microsoft.com/technet/sec.../ms06-078.mspx
    Maximum Severity Rating: Critical
    Impact of Vulnerability: Remote Code Execution

    > Important (4)

    Microsoft Security Bulletin MS06-074
    Vulnerability in SNMP Could Allow Remote Code Execution (926247)
    - http://www.microsoft.com/technet/sec.../ms06-074.mspx
    Maximum Severity Rating: Important
    Impact of Vulnerability: Remote Code Execution

    Microsoft Security Bulletin MS06-075
    Vulnerability in Windows Could Allow Elevation of Privilege (926255)
    - http://www.microsoft.com/technet/sec.../ms06-075.mspx
    Maximum Severity Rating: Important
    Impact of Vulnerability: Elevation of Privilege

    Microsoft Security Bulletin MS06-076
    Cumulative Security Update for Outlook Express (923694)
    - http://www.microsoft.com/technet/sec.../ms06-076.mspx
    Maximum Severity Rating: Important
    Impact of Vulnerability:Remote Code Execution

    Microsoft Security Bulletin MS06-077
    Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)
    - http://www.microsoft.com/technet/sec.../ms06-077.mspx
    Maximum Severity Rating: Important
    Impact of Vulnerability: Remote Code Execution...

    Revisions:
    • V1.0 (December 12, 2006): Bulletin published.
    ----------------------------------------------

    Microsoft Black Tuesday - December 2006 overview
    (ISC Analysis)
    - http://isc.sans.org/diary.php?storyid=1928
    ----------------------------------------------

    Microsoft Security Bulletin MS06-059
    Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
    - http://www.microsoft.com/technet/sec.../ms06-059.mspx
    Revisions:
    • V1.0 (October 10, 2006): Bulletin published.
    • V1.1 (November 29, 2006): Bulletin updated the Knowledge Base Article for “Microsoft Office Excel Viewer 2003“ in the “Affected Products” section.
    • V2.0 (December 12, 2006): Bulletin updated has been revised and re-released for Microsoft Excel 2002 to address the issues identified in Microsoft Knowledge Base Article 924164.
    ------------------------------------------------

    MS Office 2004 (Mac OS X) update was an accident...
    - http://isc.sans.org/diary.php?storyid=1937
    Last Updated: 2006-12-13 03:16:33 UTC
    "Microsoft accidentally released an updated named 11.3.1 for Office 2004 (the Apple Mac version) today. It did contain an unspecified security fix and stability improvements. After asking what it fixed we got the reply it was actually a pre-release that was made available through auto-update.
    http://www.microsoft.com/mac/autoupd...20041131EN.htm
    This wasn't intended to be released and hence has been pulled. See the MSRC blog* for more details. Microsoft is also recommending to uninstall the patches..."

    Information on accidental posting of pre-release security updates for Office for Mac
    * http://tinyurl.com/ylao2u
    December 13, 2006
    "...The updates posted in error were pre-release binaries that had been staged internally as part of our testing for an upcoming release. Due to human error, they were accidentally published to the public websites before our full testing release process was complete... We recommend that anyone who may have installed these pre-release updates to uninstall them."

    Last edited by AplusWebMaster; 2006-12-13 at 15:11. Reason: Added MS Office/OS-X error info...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #28
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS06-078: -2- Windows Media Format Vulnerabilities

    FYI...

    - http://isc.sans.org/diary.php?storyid=1936
    Last Updated: 2006-12-12 18:51:42 UTC
    "This advisory addresses 2 vulnerabilities in the Windows "Media Format Runtime" which is utilized by applications using Windows Media Content. The unchecked buffer and URL parsing vulnerabilities could result in full system compromise if exploited. An attacker would create a malicious Advanced Streaming Format (.ASF) file or a malicious Advanced Stream Redirector (.ASX) file and present it to a vulnerable client through a malicious URL, an email attachment or perhaps through a malicious IFRAME or redirect. These vulnerabilities poses the most risk to systems which are used for web surfing or for checking email. Especially if the user is logged in as Administrator or if an unrestricted or lower than High zone Internet Explorer browser is being used. MS Outlook default restrictions might shield a user, but clicking on a URL within an email launches a browser outside of those restrictions....
    Note that it may take several patches to update a system. Windows Media Player 6.4 is patched differently than the Media Format Runtime. It may be a challenge to assess the posture of any given system in regards to these two vulnerabilities...
    Reference URLs:
    http://www.microsoft.com/technet/sec.../ms06-078.mspx
    http://support.microsoft.com/kb/923689
    http://support.microsoft.com/kb/925398 ..."

    Last edited by AplusWebMaster; 2006-12-13 at 19:19.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #29
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Tweaks XP laptop Wireless Security

    FYI...

    - http://blog.washingtonpost.com/secur...xp_wirele.html
    December 13, 2006
    "Microsoft last month quietly issued a long-overdue update to fix a simple yet potentially dangerous security weakness in the way embedded wireless cards work on Windows XP laptops... This patch did -not- show up when I ran a Microsoft Update scan on my HP laptop (even under optional updates), but you can manually download and install it from here*."
    * http://support.microsoft.com/kb/917021
    Last Review: November 21, 2006
    Revision: 3.2
    ...APPLIES TO:
    • Microsoft Windows XP Service Pack 2, when used with:
    Microsoft Windows XP Home Edition
    Microsoft Windows XP Professional...

    Last edited by AplusWebMaster; 2006-12-14 at 01:46.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •