Big Windows June update day



Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of the advisories. This month it is a bit much to track in one big whallop… but I’ll try to give a summary here.


1 patch (well actually 8) is a rollup for Internet Explorer (4 of the 8 are critical) – so it’s a critical patch. (All versions of IE) There’s also a vulnerability with rendereding .ART image files (*AOL uses ART format apparently.)(everything from Win 98 -2003) There’s also a critical javascript vulnerability (everything from Win 98 -2003)… there’s a Media player vulnerability affecting just about any version of media player. And a RRA (Routing and Remote Access) vulnerability. RRA is essentially Remote Access Dial up Server for Windows Servers. Details on how this could be exploited here.

There’s a graphics rendering software patch for older Windows releases (ME 98 (SE too)). BTW Next month is the last scheduled patch day for those OS’s. Also, the Word vulnerability of the last months news… is patched (critical) and a Powerpoint vulnerability which is also a critical.

There are four other updates MS06-29 for Exchange is listed as Important, as is MS06-030 for SMB *(privilege escalation). There is one more Important update MS06-032 (IP source routing allows remote code execution) and a Moderate… MS06-031 (RPC mutual authentication spoofing.)

Further, MS06-011 was re-released. It was essentially to patch a privilege escalation vulnerability.

As always it’s DEFINITELY worth keeping up with windows updates. I highly recommend using the newer Microsoft Update tool (which covers Office software as well as the core Operating System updates.)

Related Posts

Blog Traffic Exchange Related Posts
  • MS IE Javascript exploit for zero-day (0-day) vulnerability An exploit for last weeks zero-day (0-day) javascript vulnerability in Microsoft's Internet Explorer is in the wild. I saw this post from Sunbelt a couple nights ago go up and disappear, at the time I didn't have long enough to read it... It's back today and there are instructions for......
  • Grisoft AVG Antivirus 7.5 on Windows XP False Positive that HURTS This looks like a REALLY bad false positive. It appears that AVG 7.5 for a short period of time detected user32.dll as a trojan horse. (trojan horse psw banker4). It looks as though update to the virus database VDB 270.9.0/1778 fixes the problem. Unfortunately if you have been bitten by......
  • Microsoft October 2006 patch Tuesday The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of......
Blog Traffic Exchange Related Websites
  • Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
  • Fishing the Big One in Lake Tahoe Lake Tahoe offers plenty of exceptional scenery making it worth the fishing trip price just to see the dawn as it tints the Sierras in lovely gold. Fishing is not very productive here since the lake tends to be too pure and clear for supporting a large population worth of......
  • Redsn0w updated to jailbreak iOS 4.2.1 final Apple recently released iOS 4.2.1 final. iOS 4.2.1 came with many new features and updates. In last post, I told you that Greenp0ison will be updated to support iOS 4.2.1. Now, Dev-team has also updated redsn0w to 0.9.6b4. redsn0w can be used to jailbreak iPhone, iPod & the iPad. redsn0w......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site