Spy Journal Tech Tips

Friday, February 17, 2006

Microsoft Releases Seven New Patch Bulletins; Two Rated Critical

News from Shavlik:

On February 14th, Microsoft announced the release of seven new security bulletins, two of which are rated as critical on the company's security rating scale.

Pay special attention to MS06-004, MS06-005 and MS06-006, which if exploited, could allow an attacker to take complete control of an affected system. The attacker can then download and install malicious or unwanted programs such as spyware onto the user's machine. Shavlik warns that many spyware installer sites use exploits in Windows Media Player or Internet Explorer to initiate the installation of spyware payloads. Shavlik recommends immediate patch testing and deployment for the bulletins that address vulnerabilities in Windows Media Player and Internet Explorer.

Below is more detailed information about these security bulletins:

MS06-004: Cumulative Security Update for Internet Explorer (910620)
Severity: Critical
http://www.microsoft.com/technet/security/bulletin/MS06-004.mspx
MS06-005
Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
Severity: Critical
http://www.microsoft.com/technet/security/bulletin/MS06-005.mspx
MS06-006
Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-006.mspx
MS06-007
Vulnerability in TCP/IP Could Allow Denial of Service (913446)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-007.mspx
MS06-008
Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-008.mspx
MS06-009
Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-009.mspx
MS06-010
Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-010.mspx
MSRT-001: Malicious Software Removal Tool (February Update) http://www.microsoft.com/security/malwareremove/default.mspx

Additional information about these new security bulletins can be found on Microsoft’s TechNet Web site at: http://www.microsoft.com/technet/security/bulletin/ms06-Feb.mspx. An ISO image of MS06-004 through MS06-009 patches can be found at the Microsoft Download Web site at http://tinyurl.com/cjwm2. Additional details on these bulletins can also be found at the Shavlik Web site: http://www.shavlik.com/support/bulletin_search.aspx

Shavlik recommends installation of these patches as soon as possible in order to ensure networks are secure. Deployment is simple with Shavlik NetChk(TM) Protect, our integrated patch and spyware management solution. Handle two of the most persistent network problems through one console! For more information about Shavlik NetChk Protect, or to watch a live demo, click http://www.shavlik.com/netchk-protect.html.

----

Visit Shavlik Technologies at the RSA Conference 2006, booth #423 to personally demo the latest in security software, including Shavlik NetChk(TM) Protect and Shavlik NetChk(TM) Compliance.

----

Shavlik NetChk Protect is the first integrated solution that automates the management of critical security patches and spyware from one easy-to-use console. For more information about how Shavlik NetChk Protect can help you secure your network, or to download a free version, please visit www.shavlik.com, call your Shavlik representative at (800) 690-6911 or +1 (612) 331-6737 (international), or email sales@shavlik.com .

----

Get Patched, Stay Secure and Never Miss a Beat.

The Shavlik Team
(800) 690-6911
info@shavlik.com

----

Stay up to date with patch management topics, subscribe to http://www.patchmanagement.org, or watch the discussion via our RSS feeds. For more information about available Shavlik RSS, please visit this site: http://www.shavlik.com/support/rss.aspx

We would also like to invite you to join our XML update notification service. Please sign up at http://www.shavlik.com/support/xmlsubscribe.aspx and be automatically notified when new critical patches or XML file updates are available.

Please visit Shavlik's new Forum to access our KnowledgeBase at http://forum.shavlik.com/.

Microsoft stuff, Linux stuff, Visual Basic stuff, Coldfusion and PHP stuff and other geeky stuff.

Welcome

Welcome to the Tech Tips blog. Hints and tips for programmers, sysadmins and web developers and other geeky stuff that didn't fit anywhere else.

Advertisement

Subscribe Me

• RSS Atom Feed

Previous Posts

• He's finally got his eye open!
• Disk imaging
• Whisky PC
• Free Software
• Steelers over Seahawks
• Mobile Ringtone Convertors
• Super Secret Dance Society
• Robocop
• De-Lurking Week
• WiseGeek

My Blogs and Websites

• Spy Journal Home
• Spy Journal Archives
• Personal Blog
• Excel Tips Blog
• Blog Tips Blog
• Tech Tips Blog
• Urban Space Novel
• Photo Archive
• Parklife Results
• Parklife Soccer Club Website
• KROSTech LAN Parties
• Jethro Management
• Jethro Consultants
• Oz Bush Poet

Tech Links

• Scobleizer
• Robin Good
• LinuxQuestions.org
• Lockergnome
• CSS & Webdesign Workshop
• Greg Ashbaugh Gadgets

Links

• Internode ADSL
• Internode Games Server
• Internode Streaming Radio
• Computer Alliance
• Connect2us
• 
• 
• 
• 
• 
• 
• 
• 

Copyright Notice. All documents and text contained in this web site www.spyjournal.biz and sub pages is copyright material of Jethro Management (c) 2004 unless noted as being copyright material of someone else. No public reproduction of the content on this site in any form is permitted without express written permission.

Unless otherwise expressly stated, all original material of whatever nature created by Tim Miller and included in this weblog and any related pages, including the weblog's archives, is licensed under a Creative Commons License.