Fixlet Site - EnterpriseSecurity
Current Version: 769	Published: Thu, 10 Aug 2006 01:49:14 GMT


***************************************************************
Title: MS05-004: Vulnerability in ASP.NET Path Validation - .NET Framework 1.1 SP1 - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 500477
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in ASP.NET that could allow an attacker to bypass the security of an ASP.NET Web site and gain unauthorized access. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-004: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 500480
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx

Fixlet Description: The listed computers have faulty installations of a patch for the vulnerability described in MS05-004. Some files being used by these computers have versions earlier than those of the corresponding files installed by the patch. Services or applications installed after the patch was distributed may have overwritten the files, or the initial installation may have been faulty. We recommend reinstalling this patch to ensure the safety of affected computers. Microsoft has released a patch eliminating a security vulnerability in ASP.NET that could allow an attacker to bypass the security of an ASP.NET Web site and gain unauthorized access. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS06-047: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution - Access 2000 Runtime (Network/Local Install)
Severity: Critical
Fixlet ID: 604706
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-047.mspx

Fixlet Description:  Microsoft has released a security patch for Access 2000 Runtime. This update resolves several newly-discovered, privately reported and public vulnerabilities. On vulnerable versions of Access 2000 Runtime, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS06-047: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution - Microsoft VBA
Severity: Critical
Fixlet ID: 604707
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-047.mspx

Fixlet Description: Microsoft has released a security patch for Visual Basic for Applications. This update resolves several newly-discovered, privately reported and public vulnerabilities. On vulnerable versions of Visual Basic for Applications, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS05-004: Vulnerability in ASP.NET Path Validation - .NET Framework 1.1 SP1 - Windows XP/2003 (x64) - BES < 6.0
Severity: Important
Fixlet ID: 500481
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in ASP.NET that could allow an attacker to bypass the security of an ASP.NET Web site and gain unauthorized access. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-004: CORRUPT PATCH - Windows XP/2003 (x64) - BES < 6.0
Severity: Important
Fixlet ID: 500482
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx

Fixlet Description: The listed computers have faulty installations of a patch for the vulnerability described in MS05-004. Some files being used by these computers have versions earlier than those of the corresponding files installed by the patch. Services or applications installed after the patch was distributed may have overwritten the files, or the initial installation may have been faulty. We recommend reinstalling this patch to ensure the safety of affected computers. Microsoft has released a patch eliminating a security vulnerability in ASP.NET that could allow an attacker to bypass the security of an ASP.NET Web site and gain unauthorized access. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.