Microsoft Security Bulletin(s) for 8/8/2006

---

• From: "Melissa Travers [MSFT]" <mtravers@xxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 8 Aug 2006 13:28:04 -0400

---

Note: There may be latency issues due to replication, if the page does not
display keep refreshing





August 8, 2006

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are
authoritative in all matters concerning Microsoft Security Bulletins! ANY
e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the
individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft
security notices, it is recommended that you physically type the URLs into
your web browser and not click on the hyperlinks provided.

Bulletin Summary:



http://www.microsoft.com/technet/security/Bulletin/ms06-Aug.mspx



Critical Bulletins:



Vulnerability in Server Service Could Allow Remote Code Execution (921883)
http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx



Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)
http://www.microsoft.com/technet/security/Bulletin/ms06-041.mspx



Cumulative Security Update for Internet Explorer (918899)
http://www.microsoft.com/technet/security/Bulletin/ms06-042.mspx



Vulnerability in Microsoft Windows Could Allow Remote Code Execution
(920214)
http://www.microsoft.com/technet/security/Bulletin/ms06-043.mspx





Vulnerability in Microsoft Management Console Could Allow Remote Code
Execution (917008)
http://www.microsoft.com/technet/security/Bulletin/ms06-044.mspx



Vulnerability in HTML Help Could Allow Remote Code Execution (922616)
http://www.microsoft.com/technet/security/Bulletin/ms06-046.mspx





Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote
Code Execution (921645)
http://www.microsoft.com/technet/security/Bulletin/ms06-047.mspx



Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
(922968)
http://www.microsoft.com/technet/security/Bulletin/ms06-048.mspx



Vulnerability in Windows Kernel Could Result in Remote Code Execution
(917422)
http://www.microsoft.com/technet/security/Bulletin/ms06-051.mspx







Important Bulletins:



Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)
http://www.microsoft.com/technet/security/Bulletin/ms06-045.mspx



Vulnerability in Windows Kernel Could Result in Elevation of Privilege
(920958)
http://www.microsoft.com/technet/security/Bulletin/ms06-049.mspx



Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow
Remote Code Execution (920670)
http://www.microsoft.com/technet/security/Bulletin/ms06-050.mspx



Re-Released Bulletins:



ASP.NET Path Validation Vulnerability (887219)

http://www.microsoft.com/technet/security/Bulletin/ms06-004.mspx



Vulnerabilities in Microsoft Office Filters Could Allow Remote Code
Execution (915384)
http://www.microsoft.com/technet/security/Bulletin/ms06-039.mspx





This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.



If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.


--


--
Melissa Travers, MCSE
MVP Lead - Exchange Server, Windows Security,
ISA Server, Virtual Machine & Microsoft Dynamics

Please do not send email directly to this alias. This alias is for newsgroup
purposes only.

This posting is provided "AS IS" with no warranties, and confers no rights.


.

---

• Follow-Ups:
  • Re: Microsoft Security Bulletin(s) for 8/8/2006
    • From: Stefan Kanthak
  • Re: Microsoft Security Bulletin(s) for 8/8/2006
    • From: Gerry Hickman

• Prev by Date: Re: Virus Protection Not found by Security Center
• Next by Date: SVG viewer 3.03 hyperlink problem
• Previous by thread: Re: Virus Protection Not found by Security Center
• Next by thread: Re: Microsoft Security Bulletin(s) for 8/8/2006
• Index(es):
  • Date
  • Thread

---

Relevant Pages SecurityFocus Microsoft Newsletter #176 ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows XP HCP URI Handler Arbitrary Command Execu... ... PHPNuke Category Parameter SQL Injection Vulnerability ... Microsoft Baseline Security Analyzer Vulnerability Identific... ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #242 ... MICROSOFT VULNERABILITY SUMMARY ... PostNuke Blocks Module Directory Traversal Vulnerability ... Groove Networks Groove Virtual Office COM Object Security By... ... The Microsoft Windows IPV6 TCP/IP stack is prone to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to equal the destination source and port. ... (Focus-Microsoft) [NT] Cumulative Security Update for Internet Explorer (MS04-025) ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ... (Securiteam) SecurityFocus Microsoft Newsletter # 87 ... Meeting IT Security Benchmarks Through IT Audits ... MICROSOFT VULNERABILITY SUMMARY ... Bypassing Windows 2000 Domain Password settings ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #75 ... Microsoft's Internet Security & Acceleration Server with fault-tolerance ... The Microsoft UPnP Vulnerability ... Relevant URL: ... (Focus-Microsoft)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.security  > 2006-08