Big Windows June update day



Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of the advisories. This month it is a bit much to track in one big whallop… but I’ll try to give a summary here.


1 patch (well actually 8) is a rollup for Internet Explorer (4 of the 8 are critical) – so it’s a critical patch. (All versions of IE) There’s also a vulnerability with rendereding .ART image files (*AOL uses ART format apparently.)(everything from Win 98 -2003) There’s also a critical javascript vulnerability (everything from Win 98 -2003)… there’s a Media player vulnerability affecting just about any version of media player. And a RRA (Routing and Remote Access) vulnerability. RRA is essentially Remote Access Dial up Server for Windows Servers. Details on how this could be exploited here.

There’s a graphics rendering software patch for older Windows releases (ME 98 (SE too)). BTW Next month is the last scheduled patch day for those OS’s. Also, the Word vulnerability of the last months news… is patched (critical) and a Powerpoint vulnerability which is also a critical.

There are four other updates MS06-29 for Exchange is listed as Important, as is MS06-030 for SMB *(privilege escalation). There is one more Important update MS06-032 (IP source routing allows remote code execution) and a Moderate… MS06-031 (RPC mutual authentication spoofing.)

Further, MS06-011 was re-released. It was essentially to patch a privilege escalation vulnerability.

As always it’s DEFINITELY worth keeping up with windows updates. I highly recommend using the newer Microsoft Update tool (which covers Office software as well as the core Operating System updates.)

Related Posts

Blog Traffic Exchange Related Posts
  • Update on the Internet Explorer VML vulnerability Just catching up on the days VML vulnerability news from today.... It looks as though... the exploit is now MUCH more widespread this blog has some video of an infection, what's notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that......
  • MS IE Javascript exploit for zero-day (0-day) vulnerability An exploit for last weeks zero-day (0-day) javascript vulnerability in Microsoft's Internet Explorer is in the wild. I saw this post from Sunbelt a couple nights ago go up and disappear, at the time I didn't have long enough to read it... It's back today and there are instructions for......
  • Microsoft October 2006 patch Tuesday The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of......
Blog Traffic Exchange Related Websites
  • Fishing the Big One in Lake Tahoe Lake Tahoe offers plenty of exceptional scenery making it worth the fishing trip price just to see the dawn as it tints the Sierras in lovely gold. Fishing is not very productive here since the lake tends to be too pure and clear for supporting a large population worth of......
  • Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010¬†|¬†Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
  • Review of: Brute Force RSS (An RSS Blasting Service) Brute Force SEO has long been a popular solution for businesses and individuals looking to create a more efficient web presence online. Taking things one step further, Brute force RSS, an RSS blasting service, is creating this same type of improved web presence, but this time focusing on corporate blogs......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site