[BigFix-Announcements] BES Auto Notification: New Fixlets Published
in Fixlet Site: EnterpriseSecurity
autonotify at bigfix.com
autonotify at bigfix.com
Wed Apr 12 02:00:36 PDT 2006
Fixlet Site - EnterpriseSecurity
Current Version: 718 Published: Tue, 11 Apr 2006 23:02:13 GMT
***************************************************************
Title: 917425: Internet Explorer ActiveX Compatibility Patch for Mshtml.dll - IE 6.0 - Windows XP SP2
Severity: <Unspecified>
Fixlet ID: 91742501
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a patch for computers that have installed the Cumulative Security Update for Internet Explorer released in Microsoft Security Bulletin MS06-013. The update disables the behavior of the Microsoft Internet Explorer ActiveX update that is included in Internet Explorer security update 912812 (Microsoft Security Bulletin MS06-013). Microsoft strongly recommends that this compatibility patch be deployed only to systems that are affected by the new functionality that is introduced by the Internet Explorer ActiveX update.
Fixlet Description: Microsoft has released a patch for computers that have installed the Cumulative Security Update for Internet Explorer released in Microsoft Security Bulletin MS06-013. The update disables the behavior of the Microsoft Internet Explorer ActiveX update that is included in Internet Explorer security update 912812 (Microsoft Security Bulletin MS06-013). Microsoft strongly recommends that this compatibility patch be deployed only to systems that are affected by the new functionality that is introduced by the Internet Explorer ActiveX update.
***************************************************************
Title: 917425: CORRUPT PATCH - Windows XP SP2
Severity: <Unspecified>
Fixlet ID: 91742502
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
***************************************************************
Title: 917425: Internet Explorer ActiveX Compatibility Patch for Mshtml.dll - IE 6.0 - Windows Server 2003
Severity: <Unspecified>
Fixlet ID: 91742503
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a patch for computers that have installed the Cumulative Security Update for Internet Explorer released in Microsoft Security Bulletin MS06-013. The update disables the behavior of the Microsoft Internet Explorer ActiveX update that is included in Internet Explorer security update 912812 (Microsoft Security Bulletin MS06-013). Microsoft strongly recommends that this compatibility patch be deployed only to systems that are affected by the new functionality that is introduced by the Internet Explorer ActiveX update.
Fixlet Description: Microsoft has released a patch for computers that have installed the Cumulative Security Update for Internet Explorer released in Microsoft Security Bulletin MS06-013. The update disables the behavior of the Microsoft Internet Explorer ActiveX update that is included in Internet Explorer security update 912812 (Microsoft Security Bulletin MS06-013). Microsoft strongly recommends that this compatibility patch be deployed only to systems that are affected by the new functionality that is introduced by the Internet Explorer ActiveX update.
***************************************************************
Title: 917425: CORRUPT PATCH - Windows Server 2003
Severity: <Unspecified>
Fixlet ID: 91742504
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
***************************************************************
Title: MS06-005: Vulnerability in Windows Media Player Could Allow Remote Code Execution - Windows Media Player 10 - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 600511
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-005.mspx
Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Windows Media Player. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-005: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 600512
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-005.mspx
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows Server 2003
Severity: Critical
Fixlet ID: 601301
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that resolves several newly-discovered, publicly and privately reported vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-013: CORRUPT PATCH - IE 6.0 - Windows Server 2003
Severity: Critical
Fixlet ID: 601302
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 601303
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that resolves several newly-discovered, publicly and privately reported vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-013: CORRUPT PATCH - IE 6.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 601304
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 2000/XP
Severity: Critical
Fixlet ID: 601305
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that resolves several newly-discovered, publicly and privately reported vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-013: CORRUPT PATCH - IE 6.0 SP1 - Windows 2000/XP
Severity: Critical
Fixlet ID: 601306
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE 5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601307
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that resolves several newly-discovered, publicly and privately reported vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-013: CORRUPT PATCH - IE 5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601308
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 98/ME
Severity: Critical
Fixlet ID: 601312
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that resolves several newly-discovered, publicly and privately reported vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-013: CORRUPT PATCH - IE 6.0 SP1 - Windows 98/ME
Severity: Critical
Fixlet ID: 601313
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 601401
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 601402
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - Windows Server 2003
Severity: Moderate
Fixlet ID: 601403
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - Windows Server 2003
Severity: Moderate
Fixlet ID: 601404
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - MDAC 2.53 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601405
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - MDAC 2.53 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601406
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - MDAC 2.71 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601407
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - MDAC 2.71 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601408
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - MDAC 2.80 - Windows 2000/XP
Severity: Critical
Fixlet ID: 601409
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - MDAC 2.80 - Windows 2000/XP
Severity: Critical
Fixlet ID: 601410
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - MDAC 2.81 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601411
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - MDAC 2.81 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 601412
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - MDAC 2.80 - Windows 98/ME
Severity: Critical
Fixlet ID: 601417
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - MDAC 2.80 - Windows 98/ME
Severity: Critical
Fixlet ID: 601418
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - MDAC 2.81 - Windows 98/ME
Severity: Critical
Fixlet ID: 601419
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - MDAC 2.81 - Windows 98/ME
Severity: Critical
Fixlet ID: 601420
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows 2000
Severity: Critical
Fixlet ID: 601501
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Windows Shell. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-015: CORRUPT PATCH - Windows 2000
Severity: Critical
Fixlet ID: 601502
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
***************************************************************
Title: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows XP
Severity: Critical
Fixlet ID: 601503
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Windows Shell. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. .
***************************************************************
Title: MS06-015: CORRUPT PATCH - Windows XP
Severity: Critical
Fixlet ID: 601504
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
***************************************************************
Title: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows Server 2003
Severity: Critical
Fixlet ID: 601505
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Windows Shell. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-015: CORRUPT PATCH - Windows Server 2003
Severity: Critical
Fixlet ID: 601506
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
***************************************************************
Title: MS06-016: Cumulative Security Update for Outlook Express - OE 6 - Windows Server 2003
Severity: Important
Fixlet ID: 601601
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
Fixlet Description: Microsoft has released a cumulative patch for Outlook Express that resolves a newly-discovered, privately reported vulnerability, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-016: CORRUPT PATCH - OE 6 - Windows Server 2003
Severity: Important
Fixlet ID: 601602
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
***************************************************************
Title: MS06-016: Cumulative Security Update for Outlook Express - OE 6 - Windows XP SP2
Severity: Important
Fixlet ID: 601603
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
Fixlet Description: Microsoft has released a cumulative patch for Outlook Express that resolves a newly-discovered, privately reported vulnerability, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-016: CORRUPT PATCH - OE 6 - Windows XP SP2
Severity: Important
Fixlet ID: 601604
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
***************************************************************
Title: MS06-016: Cumulative Security Update for Outlook Express - OE 6.0 SP1 - Windows 2000/XP
Severity: Important
Fixlet ID: 601605
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-016.mspx
Fixlet Description: Microsoft has released a cumulative patch for Outlook Express that resolves a newly-discovered, privately reported vulnerability, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-016: CORRUPT PATCH - OE 6.0 SP1 - Windows 2000/XP
Severity: Important
Fixlet ID: 601606
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-016.mspx
***************************************************************
Title: MS06-016: Cumulative Security Update for Outlook Express - OE 5.5 SP2 - Windows 2000 SP4
Severity: Important
Fixlet ID: 601607
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-016.mspx
Fixlet Description: Microsoft has released a cumulative patch for Outlook Express that resolves a newly-discovered, privately reported vulnerability, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-016: CORRUPT PATCH - OE 5.5 SP2 - Windows 2000 SP4
Severity: Important
Fixlet ID: 601608
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-016.mspx
***************************************************************
Title: MS06-017: Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting - Windows Server 2003
Severity: Moderate
Fixlet ID: 601701
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-017.mspx
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in FrontPage Server Extensions (FPSE). If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.After applying this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS06-017: CORRUPT PATCH - Windows Server 2003
Severity: Moderate
Fixlet ID: 601702
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-017.mspx
***************************************************************
Title: MS06-017: Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting - FPSE 2002 - Windows 2000/XP
Severity: Moderate
Fixlet ID: 601703
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-017.mspx
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in FrontPage Server Extensions (FPSE 2002). If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.After applying this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS06-017: Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting - SPTS 2002 - Windows 2000/XP
Severity: Moderate
Fixlet ID: 601705
Fixlet Link: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS06-017.asp
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Sharepoint Team Service (SPTS). If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. After applying this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 917425: Internet Explorer ActiveX Compatibility Patch for Mshtml.dll - IE 6.0 - Windows Server 2003 - BES < 6.0
Severity: <Unspecified>
Fixlet ID: 91742505
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a patch for computers that have installed the Cumulative Security Update for Internet Explorer released in Microsoft Security Bulletin MS06-013. The update disables the behavior of the Microsoft Internet Explorer ActiveX update that is included in Internet Explorer security update 912812 (Microsoft Security Bulletin MS06-013). Microsoft strongly recommends that this compatibility patch be deployed only to systems that are affected by the new functionality that is introduced by the Internet Explorer ActiveX update.
Fixlet Description: Microsoft has released a patch for computers that have installed the Cumulative Security Update for Internet Explorer released in Microsoft Security Bulletin MS06-013. The update disables the behavior of the Microsoft Internet Explorer ActiveX update that is included in Internet Explorer security update 912812 (Microsoft Security Bulletin MS06-013). Microsoft strongly recommends that this compatibility patch be deployed only to systems that are affected by the new functionality that is introduced by the Internet Explorer ActiveX update.
***************************************************************
Title: UPDATE: MSDE 2000 Service Pack 4 Available (Default SQL Instance on a BES Server)
Severity: <Unspecified>
Fixlet ID: 204016
Fixlet Link: http://www.microsoft.com/sql/downloads/2000/sp4.asp
Fixlet Link: http://download.microsoft.com/download/1/b/d/1bdf5b78-584e-4de0-b36f-c44e06b0d2a3/ReadmeSql2k32desksp4.htm
Fixlet Description: Microsoft has released Service Pack 4 (SP4) for the SQL Server Desktop Engine (MSDE) part of SQL Server 2000. This Service Pack includes updates to the MSDE 2000 data engine, database command prompt utilities (such as osql and bcp utilities), database client connectivity components (such as the OLE DB Provider for SQL Server, the SQL Server Open Database Connectivity (ODBC) driver, and the client Net-Libraries), and the parts of replication and Data Transformation Services (DTS) that are included with MSDE 2000.
Fixlet Description: Microsoft has released Service Pack 4 (SP4) for the SQL Server Desktop Engine (MSDE) part of SQL Server 2000. This Service Pack includes updates to the MSDE 2000 data engine, database command prompt utilities (such as osql and bcp utilities), database client connectivity components (such as the OLE DB Provider for SQL Server, the SQL Server Open Database Connectivity (ODBC) driver, and the client Net-Libraries), and the parts of replication and Data Transformation Services (DTS) that are included with MSDE 2000.
***************************************************************
Title: UPDATE: MSDE 2000 Service Pack 4 Available (BES MSDE)
Severity: <Unspecified>
Fixlet ID: 20312
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=337
Fixlet Link: http://www.microsoft.com/sql/downloads/2000/sp4.asp
Fixlet Link: http://download.microsoft.com/download/1/b/d/1bdf5b78-584e-4de0-b36f-c44e06b0d2a3/ReadmeSql2k32desksp4.htm
Fixlet Description: Microsoft has released Service Pack 4 (SP4) for the SQL Server Desktop Engine (MSDE) part of SQL Server 2000. This Service Pack includes updates to the MSDE 2000 data engine, database command prompt utilities (such as osql and bcp utilities), database client connectivity components (such as the OLE DB Provider for SQL Server, the SQL Server Open Database Connectivity (ODBC) driver, and the client Net-Libraries), and the parts of replication and Data Transformation Services (DTS) that are included with MSDE 2000.
Fixlet Description: Microsoft has released Service Pack 4 (SP4) for the SQL Server Desktop Engine (MSDE) part of SQL Server 2000. This Service Pack includes updates to the MSDE 2000 data engine, database command prompt utilities (such as osql and bcp utilities), database client connectivity components (such as the OLE DB Provider for SQL Server, the SQL Server Open Database Connectivity (ODBC) driver, and the client Net-Libraries), and the parts of replication and Data Transformation Services (DTS) that are included with MSDE 2000.
Fixlet Description: Microsoft has released Service Pack 4 (SP4) for the SQL Server Desktop Engine (MSDE) part of SQL Server 2000. This Service Pack includes updates to the MSDE 2000 data engine, database command prompt utilities (such as osql and bcp utilities), database client connectivity components (such as the OLE DB Provider for SQL Server, the SQL Server Open Database Connectivity (ODBC) driver, and the client Net-Libraries), and the parts of replication and Data Transformation Services (DTS) that are included with MSDE 2000.
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP/2003 (x64) - BES < 6.0
Severity: Critical
Fixlet ID: 601311
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that resolves several newly-discovered, publicly and privately reported vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - Windows XP/2003 (x64) - BES < 6.0
Severity: Critical
Fixlet ID: 601415
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a newly-discovered, privately-reported security vulnerability in the Microsoft Data Access Components (MDAC) Function. If a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows XP/2003 (x64) - BES < 6.0
Severity: Critical
Fixlet ID: 601509
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Windows Shell. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-016: Cumulative Security Update for Outlook Express - OE 6 - Windows XP/2003 (x64) - BES < 6.0
Severity: Important
Fixlet ID: 601611
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
Fixlet Description: Microsoft has released a cumulative patch for Outlook Express that resolves a newly-discovered, privately reported vulnerability, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-017: Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting - Windows XP/2003 (x64) - BES < 6.0
Severity: Moderate
Fixlet ID: 601709
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-017.mspx
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in FrontPage Server Extensions (FPSE). If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.After applying this patch, affected computers will no longer be susceptible to this vulnerability.
More information about the BigFix-Announcements
mailing list