Fixlet Site - EnterpriseSecurity Current Version: 814 Published: Wed, 13 Dec 2006 02:04:27 GMT *************************************************************** Title: UPDATE: Internet Explorer 7 Available - Windows XP SP2 Severity: Fixlet ID: 23113 Fixlet Link: http://msdn2.microsoft.com/en-us/ie/aa740486.aspx Fixlet Description: Internet Explorer 7 is now available. It includes many new enhancements and security features. Use the action below to upgrade to Internet Explorer 7. Important Note: Installation of Internet Explorer 7 may fail if it cannot validate Windows XP. There are also other known issues associated with the installation of Internet Explorer 7. See the Release Notes for more information. Please take extra caution to qualify this update in a test environment prior to use in a production environment. *************************************************************** Title: UPDATE: Internet Explorer 7 Available - Windows Server 2003 SP1 Severity: Fixlet ID: 23114 Fixlet Link: http://msdn2.microsoft.com/en-us/ie/aa740486.aspx Fixlet Description: Internet Explorer 7 is now available. It includes many new enhancements and security features. Use the action below to upgrade to Internet Explorer 7. Important Note: Installation of Internet Explorer 7 may fail if it cannot validate Windows Server 2003. There are also other known issues associated with the installation of Internet Explorer 7. See the Release Notes for more information. Please take extra caution to qualify this update in a test environment prior to use in a production environment. *************************************************************** Title: UPDATE: Internet Explorer 7 Available - IE 7 Beta Installed - Windows XP/2003 Severity: Fixlet ID: 23116 Fixlet Link: http://msdn.microsoft.com/ie/releasenotes/default.aspx Fixlet Description: Internet Explorer 7 is now available. It includes many new enhancements and security features. The listed computers have a pre-release version of Internet Explorer 7 installed. Microsoft recommends removing beta versions of Internet Explorer 7 as soon as possible. Due to the complexity of the upgrade process, installation of Internet Explorer 7 must be performed manually. *************************************************************** Title: UPDATE: Internet Explorer 7 Available - IE 7 Beta Installed - Windows XP/2003 (x64) Severity: Fixlet ID: 23117 Fixlet Link: http://msdn.microsoft.com/ie/releasenotes/default.aspx Fixlet Description: Internet Explorer 7 is now available. It includes many new enhancements and security features. The listed computers have a pre-release version of Internet Explorer 7 installed. Microsoft recommends removing beta versions of Internet Explorer 7 as soon as possible. Due to the complexity of the upgrade process, installation of Internet Explorer 7 must be performed manually. *************************************************************** Title: UPDATE: Internet Explorer 7 Available - Windows XP/2003 (x64) Severity: Fixlet ID: 23119 Fixlet Link: http://msdn2.microsoft.com/en-us/ie/aa740486.aspx Fixlet Description: Internet Explorer 7 is now available. It includes many new enhancements and security features. Use the action below to upgrade to Internet Explorer 7. Important Note: Installation of Internet Explorer 7 may fail if it cannot validate Windows XP/2003 (x64). There are also other known issues associated with the installation of Internet Explorer 7. See the Release Notes for more information. Please take extra caution to qualify this update in a test environment prior to use in a production environment. *************************************************************** Title: Visual Studio .NET 2002 Service Pack 1 Severity: Fixlet ID: 50301 Fixlet Link: http://support.microsoft.com/?id=895309 Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released Service Pack 1 for Visual Studio .NET 2002. The primary fixes for Visual Studio concern stability and security enhancements made in many areas of the product. *************************************************************** Title: Visual Studio .NET 2003 Service Pack 1 Severity: Fixlet ID: 51101 Fixlet Link: http://support.microsoft.com/default.aspx?scid=kb;en-us;924009 Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released Service Pack 1 for Visual Studio .NET 2003. The primary fixes for Visual Studio concern stability and security enhancements made in many areas of the product. *************************************************************** Title: MS06-059: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel 2002 (Network/Local Install) (v2, re-released 12/12/2006) Severity: Important Fixlet ID: 605915 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-059.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Excel 2002. This update resolves several newly-discovered, privately reported and public vulnerabilities. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: This patch was re-released on December 12, 2006 to address a deployment issue with the original update. This Fixlet message will only become relevant if you do not have the original patch installed or if one of the files updated by the patch is still at a vulnerable version. The action below deploys the revised version of the patch. *************************************************************** Title: MS06-059: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel 2002 - Windows NT/2000/XP/2003 (Administrative Install) (v2, re-released 12/12/2006) Severity: Important Fixlet ID: 605916 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-059.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Excel 2002. This update resolves several newly-discovered, privately reported and public vulnerabilities. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: This patch was re-released on December 12, 2006 to address a deployment issue with the original update. This Fixlet message will only become relevant if you do not have the original patch installed or if one of the files updated by the patch is still at a vulnerable version. *************************************************************** Title: MS06-059: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel 2002 - Windows 9x/ME (Administrative Install) (v2, re-released 12/12/2006) Severity: Important Fixlet ID: 605917 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS06-059.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Excel 2002. This update resolves several newly-discovered, privately reported and public vulnerabilities. On vulnerable versions of Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: This patch was re-released on December 12, 2006 to address a deployment issue with the original update. This Fixlet message will only become relevant if you do not have the original patch installed or if one of the files updated by the patch is still at a vulnerable version. *************************************************************** Title: MS06-072: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 2000 SP4 Severity: Critical Fixlet ID: 607201 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx Fixlet Description: Microsoft has released a patch that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-072: CORRUPT PATCH - IE 6.0 SP1 - Windows 2000 SP4 Severity: Critical Fixlet ID: 607202 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx *************************************************************** Title: MS06-072: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP SP2 Severity: Critical Fixlet ID: 607203 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx Fixlet Description: Microsoft has released a patch that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-072: CORRUPT PATCH - IE 6.0 - Windows XP SP2 Severity: Critical Fixlet ID: 607204 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx *************************************************************** Title: MS06-072: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP/2003 (x64) Severity: Critical Fixlet ID: 607205 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx Fixlet Description: Microsoft has released a patch that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-072: CORRUPT PATCH - IE 6.0 - Windows XP/2003 (x64) Severity: Critical Fixlet ID: 607206 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx *************************************************************** Title: MS06-072: Cumulative Security Update for Internet Explorer - IE 5.0 SP4 - Windows 2000 SP4 Severity: Important Fixlet ID: 607207 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx Fixlet Description: Microsoft has released a patch that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-072: CORRUPT PATCH - IE 5.0 SP4 - Windows 2000 SP4 Severity: Important Fixlet ID: 607208 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx *************************************************************** Title: MS06-072: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows Server 2003 Severity: Moderate Fixlet ID: 607209 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx Fixlet Description: Microsoft has released a patch that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-072: CORRUPT PATCH - IE 6.0 - Windows Server 2003 Severity: Moderate Fixlet ID: 607210 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx *************************************************************** Title: MS06-072: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP/2003 (x64) - BES < 6.0 Severity: Critical Fixlet ID: 607211 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-072.mspx Fixlet Description: Microsoft has released a patch that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. Important Note: The current 32-bit BES Client can only verify the properties of 32-bit files located in the %WINDIR%\SysWOW64 directory and cannot access registry keys outside the HKLM\SOFTWARE\WOW6432Node branch of the registry. Only limited content for x64 Windows will be available before a 64-bit compatible BES Client is released. Full support for x64 Windows is forthcoming. *************************************************************** Title: MS06-073: Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution Severity: Critical Fixlet ID: 607301 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms06-073.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, publicly reported vulnerability in Visual Studio 2005. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution - Windows 2000 SP4 Severity: Important Fixlet ID: 607401 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx Fixlet Description: Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update at the earliest opportunity. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-074: CORRUPT PATCH - Windows 2000 SP4 Severity: Important Fixlet ID: 607402 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx *************************************************************** Title: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution - Windows XP SP2 Severity: Important Fixlet ID: 607403 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx Fixlet Description: Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update at the earliest opportunity. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-074: CORRUPT PATCH - Windows XP SP2 Severity: Important Fixlet ID: 607404 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx *************************************************************** Title: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution - Windows Server 2003 Severity: Important Fixlet ID: 607405 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx Fixlet Description: Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update at the earliest opportunity. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-074: CORRUPT PATCH - Windows Server 2003 Severity: Important Fixlet ID: 607406 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx *************************************************************** Title: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution - Windows XP/2003 (x64) Severity: Important Fixlet ID: 607407 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx Fixlet Description: Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update at the earliest opportunity. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-074: CORRUPT PATCH - Windows XP/2003 (x64) Severity: Important Fixlet ID: 607408 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx *************************************************************** Title: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution - Windows XP/2003 (x64) - BES < 6.0 Severity: Important Fixlet ID: 607409 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-074.mspx Fixlet Description: Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update at the earliest opportunity. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: The current 32-bit BES Client can only verify the properties of 32-bit files located in the %WINDIR%\SysWOW64 directory and cannot access registry keys outside the HKLM\SOFTWARE\WOW6432Node branch of the registry. Only limited content for x64 Windows will be available before a 64-bit compatible BES Client is released. Full support for x64 Windows is forthcoming. *************************************************************** Title: MS06-075: Vulnerability in Windows Could Allow Elevation of Privilege - Windows XP SP2 Severity: Important Fixlet ID: 607501 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-075.mspx Fixlet Description: Microsoft has released a patch that resolves a privately identified vulnerability. This vulnerability could allow a logged on user to take complete control of the system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-075: CORRUPT PATCH - Windows XP SP2 Severity: Important Fixlet ID: 607502 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-075.mspx *************************************************************** Title: MS06-075: Vulnerability in Windows Could Allow Elevation of Privilege - Windows Server 2003 Gold Severity: Important Fixlet ID: 607503 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-075.mspx Fixlet Description: Microsoft has released a patch that resolves a privately identified vulnerability. This vulnerability could allow a logged on user to take complete control of the system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-075: CORRUPT PATCH - Windows Server 2003 Gold Severity: Important Fixlet ID: 607504 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-075.mspx *************************************************************** Title: MS06-076: Cumulative Security Update for Outlook Express - Windows Server 2003 Severity: Important Fixlet ID: 607601 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in Microsoft Outlook Express. An attacker who successfully exploited this vulnerability could remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-076: CORRUPT PATCH - Windows Server 2003 Severity: Important Fixlet ID: 607602 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx *************************************************************** Title: MS06-076: Cumulative Security Update for Outlook Express - Windows XP/2003 (x64) Severity: Important Fixlet ID: 607603 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in Microsoft Outlook Express. An attacker who successfully exploited this vulnerability could remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-076: CORRUPT PATCH - Windows XP/2003 (x64) Severity: Important Fixlet ID: 607604 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx *************************************************************** Title: MS06-076: Cumulative Security Update for Outlook Express 5.5 - Windows 2000 SP4 Severity: Important Fixlet ID: 607605 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in Microsoft Outlook Express. An attacker who successfully exploited this vulnerability could remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-076: CORRUPT PATCH - Windows 2000 SP4 Severity: Important Fixlet ID: 607606 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx *************************************************************** Title: MS06-076: Cumulative Security Update for Outlook Express 6.0 - Windows 2000 SP4 Severity: Important Fixlet ID: 607607 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in Microsoft Outlook Express. An attacker who successfully exploited this vulnerability could remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-076: CORRUPT PATCH - Windows 2000 SP4 Severity: Important Fixlet ID: 607608 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx *************************************************************** Title: MS06-076: Cumulative Security Update for Outlook Express - Windows XP SP2 Severity: Important Fixlet ID: 607609 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in Microsoft Outlook Express. An attacker who successfully exploited this vulnerability could remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. *************************************************************** Title: MS06-076: Cumulative Security Update for Outlook Express - Windows XP/2003 (x64) - BES < 6.0 Severity: Important Fixlet ID: 607610 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in Microsoft Outlook Express. An attacker who successfully exploited this vulnerability could remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information. Important Note: The current 32-bit BES Client can only verify the properties of 32-bit files located in the %WINDIR%\SysWOW64 directory and cannot access registry keys outside the HKLM\SOFTWARE\WOW6432Node branch of the registry. Only limited content for x64 Windows will be available before a 64-bit compatible BES Client is released. Full support for x64 Windows is forthcoming. *************************************************************** Title: MS06-076: CORRUPT PATCH - Windows XP SP2 Severity: Important Fixlet ID: 607611 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-076.mspx *************************************************************** Title: MS06-077: Vulnerability in Remote Installation Service Could Allow Remote Code Execution - Windows 2000 SP4 Severity: Important Fixlet ID: 607701 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-077.mspx Fixlet Description: Microsoft has released a patch that resolves a privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are several known issues associated with the installation of this patch. See the "Caveats" section of the security bulletin for more information. *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows 2000 SP4 Severity: Critical Fixlet ID: 607801 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows 2000 SP4 Severity: Critical Fixlet ID: 607802 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows XP SP2 Severity: Critical Fixlet ID: 607803 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows XP SP2 Severity: Critical Fixlet ID: 607804 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows Server 2003 Severity: Critical Fixlet ID: 607805 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows Server 2003 Severity: Critical Fixlet ID: 607806 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows XP/2003 (x64) Severity: Critical Fixlet ID: 607807 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows XP/2003 (x64) Severity: Critical Fixlet ID: 607808 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows Media Player 6.4 Severity: Critical Fixlet ID: 607809 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows Media Player 6.4 Severity: Critical Fixlet ID: 607810 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows Media Player 6.4 (x64) Severity: Critical Fixlet ID: 607811 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows Media Player 6.4 (x64) Severity: Critical Fixlet ID: 607812 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows XP/2003 (x64) - BES < 6.0 Severity: Critical Fixlet ID: 607813 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommend that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: The current 32-bit BES Client can only verify the properties of 32-bit files located in the %WINDIR%\SysWOW64 directory and cannot access registry keys outside the HKLM\SOFTWARE\WOW6432Node branch of the registry. Only limited content for x64 Windows will be available before a 64-bit compatible BES Client is released. Full support for x64 Windows is forthcoming. *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows Media Player 6.4 (x64) - BES < 6.0 Severity: Critical Fixlet ID: 607815 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. Important Note: The current 32-bit BES Client can only verify the properties of 32-bit files located in the %WINDIR%\SysWOW64 directory and cannot access registry keys outside the HKLM\SOFTWARE\WOW6432Node branch of the registry. Only limited content for x64 Windows will be available before a 64-bit compatible BES Client is released. Full support for x64 Windows is forthcoming. *************************************************************** Title: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution - Windows Media Format 9.5 Series Runtime x64 Edition (x64) Severity: Critical Fixlet ID: 607817 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx Fixlet Description: Microsoft has released a patch that resolves two newly discovered vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft recommends that customers apply the update immediately. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS06-078: CORRUPT PATCH - Windows Media Format 9.5 Series Runtime x64 Edition (x64) Severity: Critical Fixlet ID: 607818 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx *************************************************************** Title: 928388: 2007 Time Zone Update - Windows XP Severity: Fixlet ID: 92838801 Fixlet Link: http://support.microsoft.com/kb/928388 Fixlet Description: Starting in the spring of 2007, daylight saving time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This patch will change affected computers' time zone data to account for the 2007 US DST change. This update will also include changes for other related DST changes, time zone behavior, and settings. *************************************************************** Title: 928388: 2007 Time Zone Update - Windows Server 2003 Severity: Fixlet ID: 92838803 Fixlet Link: http://support.microsoft.com/kb/928388 Fixlet Description: Starting in the spring of 2007, daylight saving time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This patch will change affected computers' time zone data to account for the 2007 US DST change. This update will also include changes for other related DST changes, time zone behavior, and settings. *************************************************************** Title: 928388: 2007 Time Zone Update - Windows XP/2003 (x64) Severity: Fixlet ID: 92838805 Fixlet Link: http://support.microsoft.com/kb/928388 Fixlet Description: Starting in the spring of 2007, daylight saving time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This patch will change affected computers' time zone data to account for the 2007 US DST change. This update will also include changes for other related DST changes, time zone behavior, and settings.