[BigFix-Announcements] New x64 Windows Fixlets Published in Fixlet
Site: Enterprise Security
Tim Tsai
tim_tsai at bigfix.com
Thu Apr 13 14:22:52 PDT 2006
The following Fixlet messages were added to the "Enterprise Security"
site on April 5th and April 13th, 2006. This set of content provides
complete coverage of released Microsoft security patches for Windows XP
Professional x64 Edition and Windows Server 2003 x64 Edition, up to and
including the April 2006 Patch Release.
Only limited content for x64 Windows was available for BES < 6.0
clients. Existing x64 Windows content has been modified to have " - BES
< 6.0" at the end of the Fixlet titles. This change allows users to
distinguish between the two x64 Windows content sets.
New inspectors have been added in BES 6.0 to allow BES Clients to verify
the properties of 64-bit files located outside of the %WINDIR%\SysWOW64
directory and access registry keys outside the HKLM\SOFTWARE\WOW6432Node
branch of the registry. This change allows BigFix to provide full x64
Windows content coverage. BigFix will continue supporting the BES < 6.0
set of content. If you have any questions or concerns regarding this
change, please contact BigFix Technical Support.
BigFix Product Team
***************************************************************
Title: MS06-013: Cumulative Security Update for Internet Explorer - IE
6.0 - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 601309
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a cumulative patch for
Internet Explorer that resolves several newly-discovered, publicly and
privately reported vulnerabilities, as well as eliminating all
vulnerabilities covered by earlier patches. If a user is logged on with
administrative user rights, an attacker who successfully exploited the
most severe of these vulnerabilities could take complete control of an
affected system. Microsoft recommends that customers apply the update
immediately. After downloading and installing this patch, affected
computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-013: CORRUPT PATCH - IE 6.0 - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 601310
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
***************************************************************
Title: MS06-014: Vulnerability in the MDAC Function Could Allow Code
Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 601413
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
Fixlet Description: Microsoft has released a patch eliminating a
newly-discovered, privately-reported security vulnerability in the
Microsoft Data Access Components (MDAC) Function. If a user is logged
on with administrative rights, an attacker who successfully exploited
this vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights. After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
***************************************************************
Title: MS06-014: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 601414
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx
***************************************************************
Title: MS06-015: Vulnerability in Windows Explorer Could Allow Remote
Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 601507
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in Windows Shell. An attacker who successfully exploited
this vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights. After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
***************************************************************
Title: MS06-015: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 601508
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx
***************************************************************
Title: MS06-016: Cumulative Security Update for Outlook Express - OE 6 -
Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 601609
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
Fixlet Description: Microsoft has released a cumulative patch for
Outlook Express that resolves a newly-discovered, privately reported
vulnerability, as well as eliminating all vulnerabilities covered by
earlier patches. If a user is logged on with administrative user rights,
an attacker who successfully exploited the most severe of these
vulnerabilities could take complete control of an affected system.After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-016: CORRUPT PATCH - OE 6 - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 601610
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-016.mspx
***************************************************************
Title: MS06-017: Vulnerability in Microsoft FrontPage Server Extensions
Could Allow Cross-Site Scripting - FPSE 2002 - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 601704
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-017.mspx
Fixlet Description: Microsoft has released a patch eliminating a
security vulnerability in FrontPage Server Extensions (FPSE 2002). If a
user is logged on with administrative user rights, an attacker who
successfully exploited this vulnerability could take complete control of
an affected system. After applying this patch, affected computers will
no longer be susceptible to this vulnerability.
***************************************************************
Title: 917425: Internet Explorer ActiveX Compatibility Patch for
Mshtml.dll - IE 6.0 - Windows XP/2003 (x64)
Severity: <Unspecified>
Fixlet ID: 91742506
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Fixlet Description: Microsoft has released a patch for computers that
have installed the Cumulative Security Update for Internet Explorer
released in Microsoft Security Bulletin MS06-013. The update disables
the behavior of the Microsoft Internet Explorer ActiveX update that is
included in Internet Explorer security update 912812 (Microsoft Security
Bulletin MS06-013). Microsoft strongly recommends that this
compatibility patch be deployed only to systems that are affected by the
new functionality that is introduced by the Internet Explorer ActiveX
update.
Fixlet Description: Microsoft has released a patch for computers that
have installed the Cumulative Security Update for Internet Explorer
released in Microsoft Security Bulletin MS06-013. The update disables
the behavior of the Microsoft Internet Explorer ActiveX update that is
included in Internet Explorer security update 912812 (Microsoft Security
Bulletin MS06-013). Microsoft strongly recommends that this
compatibility patch be deployed only to systems that are affected by the
new functionality that is introduced by the Internet Explorer ActiveX
update.
***************************************************************
Title: 917425: CORRUPT PATCH - IE 6.0 - Windows XP/2003 (x64)
Severity: <Unspecified>
Fixlet ID: 91742507
Fixlet Link: http://support.microsoft.com/kb/917425
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
***************************************************************
Title: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code
Execution and Elevation of Privilege - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 503908
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx
Fixlet Description: This update resolves a newly-discovered,
privately-reported vulnerability. A remote code execution vulnerability
exists in Plug and Play (PnP) that could allow an attacker who
successfully exploited this vulnerability to take complete control of
the affected system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights.
After downloading and installing this patch, affected computers will no
longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-039: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 503909
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx
***************************************************************
Title: MS05-040: Vulnerability in Telephony Service Could Allow Remote
Code Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 504008
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-040.mspx
Fixlet Description: Microsoft has released a patch to resolve a
newly-discovered, privately-reported vulnerability. A vulnerability
exits in the Telephony Application Programming Interface (TAPI) service
that could allow remote code execution. The vulnerability is documented
in the "Vulnerability Details" section of this bulletin. An attacker who
successfully exploited this vulnerability could take complete control of
an affected system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights.
After downloading and installing this patch, affected computers will no
longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-040: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 504009
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-040.mspx
***************************************************************
Title: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow
Denial of Service - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 504108
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
Fixlet Description: Microsoft has released an update that resolves a
newly-discovered, privately-reported vulnerability. A vulnerability in
the Remote Desktop Protocol (RDP) exists that could allow an attacker to
cause a system to stop responding. After downloading and installing this
patch, affected computers will no longer be susceptible to this
vulnerability.
***************************************************************
Title: MS05-041: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 504109
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
***************************************************************
Title: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of
Service, Information Disclosure, and Spoofing - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 504208
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
Fixlet Description: Microsoft has released a patch eliminating two
security vulnerabilities in Kerberos. An attacker who successfully
exploited the denial of service vulnerability could cause a server to
stop responding to authentication requests. The information disclosure
and spoofing vulnerability could allow an attacker to access sensitive
client network information. After downloading and installing this patch,
affected computers will no longer be susceptible to these
vulnerabilities.
***************************************************************
Title: MS05-042: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 504209
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
***************************************************************
Title: MS05-036: Vulnerability in Microsoft Color Management Module
Could Allow Remote Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 503608
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in the Microsoft Color Management Module. A remote code
execution vulnerability exists in the Microsoft Color Management Module
because of the way that it handles ICC profile format tag validation. An
attacker who successfully exploited this vulnerability could take
complete control of an affected system.After downloading and installing
this patch, affected computers will no longer be susceptible to these
vulnerabilities.
***************************************************************
Title: MS05-036: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 503609
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx
***************************************************************
Title: MS05-026: Vulnerability in HTML Help Could Allow Remote Code
Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 502614
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx
Fixlet Description: Microsoft has released a security update for HTML
Help that eliminates a newly discovered security vulnerability. If a
user is logged on with administrative user rights, an attacker who
successfully exploited this vulnerability could take complete control of
an affected system, and then install programs; view, change, or delete
data; or create new accounts with full user rights. After downloading
and installing this patch, affected computers will no longer be
susceptible to these vulnerabilities.
***************************************************************
Title: MS05-026: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 502615
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx
***************************************************************
Title: MS05-027: Vulnerability in Server Message Block Could Allow
Remote Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 502708
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-027.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in SMB. A remote code execution vulnerability exists in
Server Message Block (SMB) that could allow an attacker who successfully
exploited this vulnerable to take complete control of the affected
system. After downloading and installing this patch, affected computers
will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-027: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 502709
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-027.mspx
***************************************************************
Title: MS05-031: Vulnerability in Step-by-Step Interactive Training
Could Allow Remote Code Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 503104
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-031.mspx
Fixlet Description: Microsoft has released a security update for
Interactive Training that eliminates a newly discovered security
vulnerability. If successfully exploited, an attacker could take
complete control of an affected system. After downloading and installing
this patch, affected computers will no longer be susceptible to this
vulnerability.
***************************************************************
Title: MS05-031: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 503105
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-031.mspx
***************************************************************
Title: MS05-032: Security Update for MSAgent ActiveX - Windows XP/2003
(x64)
Severity: Low
Fixlet ID: 503208
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-032.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in MSAgent ActiveX. This is a spoofing vulnerability
that could enable an attacker to spoof trusted Internet content. Users
could believe that they are accessing trusted Internet content. However,
they are accessing malicious Internet content such as a malicious Web
site. An attacker would first have to persuade a user to visit the
attacker's site to attempt to exploit this vulnerability. After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-032: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Low
Fixlet ID: 503209
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-032.mspx
***************************************************************
Title: MS05-033: Security Update for Telnet - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 503316
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-033.mspx
Fixlet Description: Microsoft has released a patch eliminating a
security vulnerability in the Telnet Client. An attacker who
successfully exploited this information disclosure vulnerability could
remotely read the session variables for users who have open connections
to a malicious telnet server. After downloading and installing this
patch, affected computers will no longer be susceptible to this
vulnerability.
***************************************************************
Title: MS05-033: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 503317
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-033.mspx
***************************************************************
Title: MS05-048: Vulnerability in the Microsoft Collaboration Data
Objects Could Allow Remote Code Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 504810
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-048.mspx
Fixlet Description: A remote code execution vulnerability exists in
Collaboration Data Objects that could allow an attacker who successfully
exploited this vulnerability to take complete control of the affected
system.
***************************************************************
Title: MS05-048: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 504811
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-048.mspx
***************************************************************
Title: MS05-049: Vulnerabilities in Windows Shell Could Allow Remote
Code Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 504902
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-049.mspx
Fixlet Description: A remote code execution vulnerability exists in
Windows Shell that could allow an attacker who successfully exploited
this vulnerability to take complete control of the affected system.
After downloading and installing this patch, affected computers will no
longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-049: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 504909
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS05-049.mspx
***************************************************************
Title: MS05-050: Vulnerability in DirectShow Could Allow Remote Code
Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 505008
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in DirectShow. A remote code execution vulnerability
exists in DirectShow that could allow an attacker who successfully
exploited this vulnerability to take complete control of an affected
system. An attacker could then install programs; view, change, or delete
data; or create new accounts with full user rights. After downloading
and installing this patch, affected computers will no longer be
susceptible to these vulnerabilities.
***************************************************************
Title: MS05-050: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 505027
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx
***************************************************************
Title: MS05-051: Vulnerabilities in MSDTC and COM+ Could Allow Remote
Code Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 505108
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-051.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in MSDTC and COM+. An attacker who successfully
exploited the most severe of these vulnerabilities could take complete
control of an affected system.After downloading and installing this
patch, affected computers will no longer be susceptible to these
vulnerabilities.
***************************************************************
Title: MS05-051: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 505109
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-051.mspx
***************************************************************
Title: MS05-053: Vulnerabilities in Graphics Rendering Engine Could
Allow Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 505308
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in GDI. An attacker who successfully exploited the most
severe of these vulnerabilities could take complete control of an
affected system. An attacker could then install programs; view, change,
or delete data; or create new accounts with full user rights. Microsoft
recommends that customers apply the update immediately.After downloading
and installing this patch, affected computers will no longer be
susceptible to these vulnerabilities.
***************************************************************
Title: MS05-053: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 505309
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx
***************************************************************
Title: MS05-054: Cumulative Security Update for Internet Explorer - IE
6.0 - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 505410
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
Fixlet Description: Microsoft has released a cumulative patch for
Internet Explorer that eliminates newly discovered security
vulnerabilities, as well as eliminating all vulnerabilities covered by
earlier patches. Microsoft recommends that customers apply the update
immediately. After downloading and installing this patch, affected
computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-054: CORRUPT PATCH - IE 6.0 - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 505415
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
***************************************************************
Title: MS06-001: Vulnerability in Graphics Rendering Engine Could Allow
Remote Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 600108
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-001.mspx
Fixlet Description: Microsoft has released a patch eliminating a remote
code execution vulnerability in the Graphics Rendering Engine, relating
to the way that it handles Windows Metafile (WMF) images. An attacker
could exploit the vulnerability by constructing a specially crafted WMF
image that could potentially allow remote code execution if a user
visited a malicious Web site or opened a specially crafted attachment in
e-mail. An attacker who successfully exploited this vulnerability could
take complete control of an affected system. After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
***************************************************************
Title: MS06-001: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 600109
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-001.mspx
***************************************************************
Title: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote
Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 600208
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx
Fixlet Description: A remote code execution vulnerability exists in
Windows because of the way that it handles malformed embedded Web fonts.
An attacker could exploit the vulnerability by constructing a malicious
embedded Web font that could potentially allow remote code execution if
a user visited a malicious Web site or viewed a specially crafted e-mail
message. An attacker who successfully exploited this vulnerability could
take complete control of an affected system. After downloading and
installing this patch, affected computers will no longer be susceptible
to this vulnerability.
***************************************************************
Title: MS06-002: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 600213
Fixlet Link:
http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx
***************************************************************
Title: MS06-006: Vulnerability in Windows Media Player Plug-in with
Non-Microsoft Internet Browsers Could Allow Remote Code Execution -
Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600604
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-006.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in a Windows Media Player Plugin. If a user is logged on
with administrative user rights, an attacker who successfully exploited
this vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights. Users whose accounts are
configured to have fewer user rights on the system could be less
affected than users who operate with administrative user rights After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-006: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600605
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-006.mspx
***************************************************************
Title: MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service -
Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600705
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-007.mspx
Fixlet Description: Microsoft has released a patch eliminating security
vulnerabilities in TCP/IP. An attacker who successfully exploited this
vulnerability could execute code on an affected system. After
downloading and installing this patch, affected computers will no longer
be susceptible to this vulnerability.
***************************************************************
Title: MS06-007: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600706
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-007.mspx
***************************************************************
Title: MS06-008: Vulnerability in Web Client Service Could Allow Remote
Code Execution - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600806
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-008.mspx
Fixlet Description: A remote code execution vulnerability exists in the
way that Windows processes Web Client requests that could allow an
attacker who successfully exploited this vulnerable to take complete
control of the affected system. After downloading and installing this
patch, affected computers will no longer be susceptible to these
vulnerabilities.
***************************************************************
Title: MS06-008: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600807
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-008.mspx
***************************************************************
Title: MS06-009: Vulnerability in the Korean IME Could Allow Elevation
of Privilege - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600931
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-009.mspx
Fixlet Description: Microsoft has released a patch eliminating a
privilege elevation vulnerability in the Korean IME Language Bar in
Windows XP. An attacker who successfully exploited this vulnerability
could take complete control of an affected system. For an attack to be
successful, the attacker must be able to interactively logon to the
affected system. After downloading and installing this patch, affected
computers will no longer be susceptible to this vulnerability.After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
***************************************************************
Title: MS06-009: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 600932
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-009.mspx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/bigfix-announcements/attachments/20060413/d0d2bdaf/attachment-0001.html
More information about the BigFix-Announcements
mailing list