More Microsoft Patch problems MS06-042



This has been one of the “problem child” patches this time around and it looks as though it’s worse than initially thought. Apparently, instead of “just” crashing IE SP1 when viewing compressed http 1.1 web pages on WinXP SP1 or Windows 2000 SP4…. as stated in Microsoft’s bulletins, this could also lead to a buffer overflow allowing for code execution. Microsoft is saying that they are not aware of that vulnerability being exploited or impacting customers at this time. The issue that was originally reported is detailed in this knowledge base article.


Sans now has a brief on this as well. It should be noted that exploits may be available soon.

–Update 8/24/06–

Microsoft has re-released the patch now, the Microsoft bulletin can be found here.

Brian Krebs at the Security Fix has the story as well and a good brief on the history of this one. He also points out that this is for IE6 SP1 only.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft releases official VML patch!! The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that's been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered......
  • Media player and video codecs made simple... The biggest problem with Audio and video content is the variety of different codecs that are supported by different players. On Windows this usually means having Windows Media Player, Realplayer and Quicktime installed, plus who knows what else. I was having a discussion yesterday about some videos that I had......
  • But it's brand new, how could it have so many updates? This morning I was doing a fresh install of Windows XP SP2 into a Virtual Machine. So far, things are fine I went through windowsupdate and found 3 updates the first time, then rebooted and hit windowsupdate again to see 55 updates available. A lot of times when I set......
Blog Traffic Exchange Related Websites
  • SAINT 7.9 Product Release From Saint Newletter: Key New Features in SAINT 7.9 Vulnerability Scanner Microsoft Patch Tuesday scan policy - This scan policy checks for the latest published Microsoft Patch Tuesday vulnerabilities (2nd Tuesday of each month) New Vulnerability Check Type Coverage now includes - Blind SQL injection Flash application - Flash application......
  • Internet Explorer 8 blocks a billion malware downloads James Pratt, Microsoft’s Product Manager stated in a blog post , “The SmartScreen team just informed me that we’ve reached an amazing milestone – Internet Explorer 8 has blocked 1 billion attempts to download malware!” The SmartScreen Filter evaluates URLs and their associated servers. If the software recognizes a server......
  • Amend the Citizens United ruling! < When the Supreme Court ruled in the "Citizens United" case, it declared corporations are citizens and that money is speech. In reality the ruling is anti-democratic. Every human being that works for a corporation, that owns corporate stock, they are free to donate their own money personally, to vote......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site