[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: EnterpriseSecurity

autonotify at bigfix.com autonotify at bigfix.com
Wed Jan 11 02:00:26 PST 2006 

Fixlet Site - EnterpriseSecurity
Current Version: 681	Published: Tue, 10 Jan 2006 23:57:51 GMT


***************************************************************
Title: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 600201
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx

Fixlet Description: A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.  After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS06-002: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 600202
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx


***************************************************************
Title: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution - Windows Server 2003
Severity: Important
Fixlet ID: 600203
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx

Fixlet Description: A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.  After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS06-002: CORRUPT PATCH - Windows Server 2003
Severity: Important
Fixlet ID: 600204
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx


***************************************************************
Title: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution - Windows 2000 SP4
Severity: Critical
Fixlet ID: 600205
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx

Fixlet Description: A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.  After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-002: CORRUPT PATCH - Windows 2000 SP4
Severity: Critical
Fixlet ID: 600206
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx


***************************************************************
Title: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution - Windows 98
Severity: Critical
Fixlet ID: 600209
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx

Fixlet Description: A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.  After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-002: CORRUPT PATCH - Windows 98
Severity: Critical
Fixlet ID: 600210
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx


***************************************************************
Title: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution - Windows ME
Severity: Critical
Fixlet ID: 600211
Fixlet Link: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-008.asp

Fixlet Description: A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.  After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-002: CORRUPT PATCH - Windows ME
Severity: Critical
Fixlet ID: 600212
Fixlet Link: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-008.asp


***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2002 (Network/Local Install)
Severity: Critical
Fixlet ID: 600301
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2002. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2002. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2000 - Windows NT/2000/XP/2003 (Administrative Install)
Severity: Critical
Fixlet ID: 600302
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2000 (Local Install)
Severity: Critical
Fixlet ID: 600303
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2000 - Windows NT/2000/XP/2003 (Network Install)
Severity: Critical
Fixlet ID: 600304
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2000 - Windows 9x/ME (Network Install)
Severity: Critical
Fixlet ID: 600305
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2003 (Local Install)
Severity: Critical
Fixlet ID: 600306
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2003. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2003. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2003 (Network Install)
Severity: Critical
Fixlet ID: 600307
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2003. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2003. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2002 - Windows NT/2000/XP/2003 (Administrative Install)
Severity: Critical
Fixlet ID: 600308
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2002. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2002. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2002 - Windows 9x/ME (Administrative Install)
Severity: Critical
Fixlet ID: 600309
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2002. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2002. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2000 - Windows 9x/ME (Administrative Install)
Severity: Critical
Fixlet ID: 600310
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Exchange 2000 Server SP3 with Update Rollup
Severity: Critical
Fixlet ID: 600311
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Exchange 2000. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS06-003: CORRUPT PATCH - Exchange 2000 Server SP3 with Update Rollup
Severity: Critical
Fixlet ID: 600312
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx


***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Exchange 5.5 SP4
Severity: Critical
Fixlet ID: 600313
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Exchange 5.5. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS06-003: CORRUPT PATCH - Exchange 5.5 SP4
Severity: Critical
Fixlet ID: 600314
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx


***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Exchange 5.0 SP2
Severity: Critical
Fixlet ID: 600315
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in Exchange 5.0. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS06-003: CORRUPT PATCH - Exchange 5.0 SP2
Severity: Critical
Fixlet ID: 600316
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx


***************************************************************
Title: MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2003 (Administrative Install)
Severity: Critical
Fixlet ID: 600317
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2003. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook 2003. An attacker who successfully exploited this vulnerability could execute code on an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS06-002: Security Update for IE Font - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 600207
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx

Fixlet Description: A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

More information about the BigFix-Announcements mailing list