MS Security Bulletin Summary - December 2006
FYI...
-
http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx
December 12, 2006
"
Summary
>
Critical (3)
Microsoft Security Bulletin MS06-072
Cumulative Security Update for Internet Explorer (925454)
-
http://www.microsoft.com/technet/security/bulletin/ms06-072.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Non-Affected Components: • Windows Internet Explorer 7...
Microsoft Security Bulletin MS06-073
Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
-
http://www.microsoft.com/technet/security/bulletin/ms06-073.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Microsoft Security Bulletin MS06-078
Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
-
http://www.microsoft.com/technet/security/bulletin/ms06-078.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
>
Important (4)
Microsoft Security Bulletin MS06-074
Vulnerability in SNMP Could Allow Remote Code Execution (926247)
-
http://www.microsoft.com/technet/security/bulletin/ms06-074.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution
Microsoft Security Bulletin MS06-075
Vulnerability in Windows Could Allow Elevation of Privilege (926255)
-
http://www.microsoft.com/technet/security/bulletin/ms06-075.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege
Microsoft Security Bulletin MS06-076
Cumulative Security Update for Outlook Express (923694)
-
http://www.microsoft.com/technet/security/bulletin/ms06-076.mspx
Maximum Severity Rating: Important
Impact of Vulnerability:Remote Code Execution
Microsoft Security Bulletin MS06-077
Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)
-
http://www.microsoft.com/technet/security/bulletin/ms06-077.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Revisions:
• V1.0 (December 12, 2006): Bulletin published.
----------------------------------------------
Microsoft Black Tuesday - December 2006 overview
(ISC Analysis)
-
http://isc.sans.org/diary.php?storyid=1928
----------------------------------------------
Microsoft Security Bulletin MS06-059
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
-
http://www.microsoft.com/technet/security/bulletin/ms06-059.mspx
Revisions:
• V1.0 (October 10, 2006): Bulletin published.
• V1.1 (November 29, 2006): Bulletin updated the Knowledge Base Article for “Microsoft Office Excel Viewer 2003“ in the “Affected Products” section.
• V2.0 (December 12, 2006):
Bulletin updated has been revised and re-released for Microsoft Excel 2002 to address the issues identified in Microsoft Knowledge Base Article 924164.
------------------------------------------------
MS Office 2004 (Mac OS X) update was an accident...
-
http://isc.sans.org/diary.php?storyid=1937
Last Updated: 2006-12-13 03:16:33 UTC
"Microsoft accidentally released an updated named 11.3.1 for Office 2004 (the Apple Mac version) today. It did contain an unspecified security fix and stability improvements. After asking what it fixed we got the reply it was actually a pre-release that was made available through auto-update.
http://www.microsoft.com/mac/autoupdate/description/AUOffice20041131EN.htm
This wasn't intended to be released and hence has been pulled. See the MSRC blog* for more details. Microsoft is also recommending to uninstall the patches..."
Information on accidental posting of pre-release security updates for Office for Mac
*
http://tinyurl.com/ylao2u
December 13, 2006
"...The updates posted in error were pre-release binaries that had been staged internally as part of our testing for an upcoming release. Due to human error, they were accidentally published to the public websites before our full testing release process was complete... We recommend that anyone who may have installed these pre-release updates to uninstall them."
:spider: