[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site:EnterpriseSecurity
Tim Tsai
tim_tsai at bigfix.com
Wed Sep 13 09:33:35 PDT 2006
Fixlet Site - EnterpriseSecurity
Current Version: 780 Published: Wed, 13 Sep 2006 02:54:16 GMT
***************************************************************
Title: UPDATE: MDAC 2.8 Service Pack 1 Available
Severity: <Unspecified>
Fixlet ID: 15110
Fixlet Link: http://support.microsoft.com/kb/899456
Fixlet Description: Microsoft has released a Service Pack for MDAC 2.8
which includes security updates, supportability enhancements, and bug
fixes. This release provides the same version of MDAC that was released
with Microsoft Windows XP Service Pack 2 (SP2) and Microsoft SQL Server
2000 Service Pack 4 (SP4).
***************************************************************
Title: MS06-040: Vulnerability in Server Service Could Allow Remote Code
Execution - Windows Server 2003
Severity: Critical
Fixlet ID: 604011
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx
Fixlet Description: Microsoft has released an update that resolves a
privately-reported vulnerability. An attacker who successfully exploited
the vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights.
Important Note: This patch was re-released on September 12, 2006 to
address an issue that involves failing programs that request lots of
contiguous memory. Microsoft recommends installing the revised patch
only if you are affected by this issue or if the original patch is not
installed. This Fixlet message will not become relevant if the original
version of the patch is installed. The action below deploys the revised
version of the patch.
***************************************************************
Title: MS06-040: CORRUPT PATCH - Windows Server 2003
Severity: Critical
Fixlet ID: 604012
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx
***************************************************************
Title: MS06-040: Vulnerability in Server Service Could Allow Remote Code
Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 604013
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx
Fixlet Description: Microsoft has released an update that resolves a
privately-reported vulnerability. An attacker who successfully exploited
the vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights.
Important Note: This patch was re-released on September 12, 2006 to
address an issue that involves failing programs that request lots of
contiguous memory. Microsoft recommends installing the revised patch
only if you are affected by this issue or if the original patch is not
installed. This Fixlet message will not become relevant if the original
version of the patch is installed. The action below deploys the revised
version of the patch.
***************************************************************
Title: MS06-040: Vulnerability in Server Service Could Allow Remote Code
Execution - Windows XP/2003 (x64) - BES < 6.0
Severity: Critical
Fixlet ID: 604014
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx
Fixlet Description: Microsoft has released an update that resolves a
privately-reported vulnerability. An attacker who successfully exploited
the vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights. After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
Important Note: This patch was re-released on September 12, 2006 to
address an issue that involves failing programs that request lots of
contiguous memory. Microsoft recommends installing the revised patch
only if you are affected by this issue or if the original patch is not
installed. This Fixlet message will not become relevant if the original
version of the patch is installed. The action below deploys the revised
version of the patch.
***************************************************************
Title: MS06-040: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 604015
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx
***************************************************************
Title: MS06-042: Cumulative Security Update for Internet Explorer - IE
5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 604216
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Fixlet Description: Microsoft has released a cumulative security patch
that resolves several newly discovered, publicly and privately reported
vulnerabilities. If a user is logged on with administrative user rights,
an attacker who successfully exploited the most severe of these
vulnerabilities could take complete control of an affected system. After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
Important Note: This patch was re-released on September 12, 2006 to
address known issues with the original patch. The action below deploys
the revised version of the patch. If you have deployed previous versions
of the patch, the "MS06-042: REVISED PATCH" Fixlet message will become
relevant. Microsoft recommends that all affected computers install the
new patch. See the Caveats and FAQ section of the security bulletin for
more information.
***************************************************************
Title: MS06-042: CORRUPT PATCH - IE 5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 604217
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
***************************************************************
Title: MS06-042: REVISED PATCH - IE 5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 604218
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Fixlet Description: Important Note: This patch was re-released on
September 12, 2006 to address known issues with the original patch. The
listed computers have the original version of the patch installed. The
action below deploys the revised version of the patch. Microsoft
recommends that all affected computers install the new patch. See the
Caveats and FAQ section of the security bulletin for more information.
Microsoft has released a cumulative security patch that resolves several
newly discovered, publicly and privately reported vulnerabilities. If a
user is logged on with administrative user rights, an attacker who
successfully exploited the most severe of these vulnerabilities could
take complete control of an affected system. After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
***************************************************************
Title: MS06-042: Cumulative Security Update for Internet Explorer - IE
6.0 - Windows Server 2003
Severity: Critical
Fixlet ID: 604219
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Fixlet Description: Microsoft has released a cumulative security patch
that resolves several newly discovered, publicly and privately reported
vulnerabilities. If a user is logged on with administrative user rights,
an attacker who successfully exploited the most severe of these
vulnerabilities could take complete control of an affected system.After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
Important Note: This patch was re-released on September 12, 2006 to
address known issues with the original patch. The action below deploys
the revised version of the patch. If you have deployed previous versions
of the patch, the "MS06-042: REVISED PATCH" Fixlet message will become
relevant. Microsoft recommends that all affected computers install the
new patch. See the Caveats and FAQ section of the security bulletin for
more information.
***************************************************************
Title: MS06-042: CORRUPT PATCH - IE 6.0 - Windows Server 2003
Severity: Critical
Fixlet ID: 604220
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
***************************************************************
Title: MS06-042: REVISED PATCH - IE 6.0 - Windows Server 2003
Severity: Critical
Fixlet ID: 604221
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Fixlet Description: Important Note: This patch was re-released on
September 12, 2006 to address known issues with the original patch. The
listed computers have the original version of the patch installed. The
action below deploys the revised version of the patch. Microsoft
recommends that all affected computers install the new patch. See the
Caveats and FAQ section of the security bulletin for more information.
Microsoft has released a cumulative security patch that resolves several
newly discovered, publicly and privately reported vulnerabilities. If a
user is logged on with administrative user rights, an attacker who
successfully exploited the most severe of these vulnerabilities could
take complete control of an affected system.After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
***************************************************************
Title: MS06-042: Cumulative Security Update for Internet Explorer - IE
6.0 SP1 - Windows 2000 SP4/Windows XP SP1
Severity: Critical
Fixlet ID: 604224
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Fixlet Description: Microsoft has released a cumulative security patch
that resolves several newly discovered, publicly and privately reported
vulnerabilities. If a user is logged on with administrative user rights,
an attacker who successfully exploited the most severe of these
vulnerabilities could take complete control of an affected system. After
downloading and installing this patch, affected computers will no longer
be susceptible to these vulnerabilities.
Important Note: This patch was re-released on September 12, 2006 to
address known issues with the original patch. The action below deploys
the revised version of the patch. If you have deployed previous versions
of the patch, the "MS06-042: REVISED PATCH" Fixlet message will become
relevant. Microsoft recommends that all affected computers install the
new patch. See the Caveats and FAQ section of the security bulletin for
more information.
***************************************************************
Title: MS06-042: REVISED PATCH - IE 6.0 SP1 - Windows 2000 SP4/Windows
XP SP1
Severity: Critical
Fixlet ID: 604225
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Fixlet Description: Important Note: This patch was re-released on
September 12, 2006 to address known issues with the original patch. The
listed computers have the original version of the patch installed. The
action below deploys the revised version of the patch. Microsoft
recommends that all affected computers install the new patch. See the
Caveats and FAQ section of the security bulletin for more information.
Microsoft has released a cumulative security patch that resolves several
newly discovered, publicly and privately reported vulnerabilities. If a
user is logged on with administrative user rights, an attacker who
successfully exploited the most severe of these vulnerabilities could
take complete control of an affected system. After downloading and
installing this patch, affected computers will no longer be susceptible
to these vulnerabilities.
***************************************************************
Title: MS06-042: CORRUPT PATCH - IE 6.0 SP1 - Windows 2000 SP4/Windows
XP SP1
Severity: Critical
Fixlet ID: 604226
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
***************************************************************
Title: MS06-052: Vulnerability in Pragmatic General Multicast (PGM)
Could Allow Remote Code Execution - Windows XP SP1/SP2
Severity: Important
Fixlet ID: 605201
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-052.mspx
Fixlet Description: Microsoft has released an update that resolves a
newly discovered, privately reported, vulnerability. An attacker who
successfully exploited the vulnerability could take complete control of
the affected system.
***************************************************************
Title: MS06-052: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Important
Fixlet ID: 605202
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-052.mspx
***************************************************************
Title: MS06-053: Vulnerability in Indexing Service Could Allow
Cross-Site Scripting - Windows 2000 SP4
Severity: Moderate
Fixlet ID: 605301
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
Fixlet Description: Microsoft has released a patch that resolves a newly
discovered, privately reported vulnerability. The vulnerability could
allow an attacker to gain unauthorized access to information.
***************************************************************
Title: MS06-053: CORRUPT PATCH - Windows 2000 SP4
Severity: Moderate
Fixlet ID: 605302
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
***************************************************************
Title: MS06-053: Vulnerability in Indexing Service Could Allow
Cross-Site Scripting - Windows Server 2003
Severity: Low
Fixlet ID: 605303
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
Fixlet Description: Microsoft has released a patch that resolves a newly
discovered, privately reported vulnerability. The vulnerability could
allow an attacker to gain unauthorized access to information.
***************************************************************
Title: MS06-053: CORRUPT PATCH - Windows Server 2003
Severity: Low
Fixlet ID: 605304
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
***************************************************************
Title: MS06-053: Vulnerability in Indexing Service Could Allow
Cross-Site Scripting - Windows XP SP1/SP2
Severity: Moderate
Fixlet ID: 605305
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
Fixlet Description: Microsoft has released a patch that resolves a newly
discovered, privately reported vulnerability. The vulnerability could
allow an attacker to gain unauthorized access to information.
***************************************************************
Title: MS06-053: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Moderate
Fixlet ID: 605306
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
***************************************************************
Title: MS06-053: Vulnerability in Indexing Service Could Allow
Cross-Site Scripting - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 605307
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
Fixlet Description: Microsoft has released a patch that resolves a newly
discovered, privately reported vulnerability. The vulnerability could
allow an attacker to gain unauthorized access to information.
***************************************************************
Title: MS06-053: Vulnerability in Indexing Service Could Allow
Cross-Site Scripting - Windows XP/2003 (x64) - BES < 6.0
Severity: Moderate
Fixlet ID: 605308
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
Fixlet Description: Microsoft has released a patch that resolves a newly
discovered, privately reported vulnerability. The vulnerability could
allow an attacker to gain unauthorized access to information.
***************************************************************
Title: MS06-053: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Moderate
Fixlet ID: 605309
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office 2000 (Local Install)
Severity: Critical
Fixlet ID: 605401
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2000. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Network Install)
Severity: Critical
Fixlet ID: 605402
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2000. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office 2003 (Network/Local Install)
Severity: Important
Fixlet ID: 605403
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2003. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
code Execution - Office 2003 (Administrative Install)
Severity: Important
Fixlet ID: 605404
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2003. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office XP - Windows 9x/ME (Network Install)
Severity: Important
Fixlet ID: 605406
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
XP. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office XP (Local Install)
Severity: Important
Fixlet ID: 605407
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
XP. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office XP - Windows NT/2000/XP/2003 (Network Install)
Severity: Important
Fixlet ID: 605408
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
XP. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office XP (Administrative Install)
Severity: Important
Fixlet ID: 605409
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/ms06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
XP. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
Important Note: Due to the complexity of applying this update through an
Administrative Install action, MS06-054 must be installed either
manually or through the "Network Install" or "Local Install" Office XP
deployment methods. You can change Office deployment methods through
appropriate Tasks in the "BES Support" site.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Administrative
Install)
Severity: Critical
Fixlet ID: 605410
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2000. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office 2000 - Windows 9x/ME (Network Install)
Severity: Critical
Fixlet ID: 605411
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2000. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
***************************************************************
Title: MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote
Code Execution - Office 2000 - Windows 9x/ME (Administrative Install)
Severity: Critical
Fixlet ID: 605412
Fixlet Link:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security patch for Office
2000. This update resolves several newly-discovered, privately reported
vulnerabilities. On vulnerable versions of Office, if a user is logged
on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of the client
workstation.
More information about the BigFix-Announcements
mailing list