|
Latest Ôhreats
Seven new vulnerabilities announced by
Microsoft.
On February
14th, Microsoft announced the release of seven new security
bulletins, two of which are rated as critical on the company's
security rating scale.
Pay special attention to MS06-004, MS06-005 and MS06-006, which if
exploited, could allow an attacker to take complete control of an
affected system. The attacker can then download and install
malicious or unwanted programs such as spyware onto the user's
machine. Shavlik warns that many spyware installer sites use
exploits in Windows Media Player or Internet Explorer to initiate
the installation of spyware payloads. Shavlik recommends immediate
patch testing and deployment for the bulletins that address
vulnerabilities in Windows Media Player and Internet Explorer.
Below is more detailed information about these security bulletins:
MS06-004: Cumulative Security Update for Internet Explorer (910620)
Severity: Critical
http://www.microsoft.com/technet/security/bulletin/MS06-004.mspx
MS06-005
Vulnerability in Windows Media Player Could Allow Remote Code
Execution (911565)
Severity: Critical
http://www.microsoft.com/technet/security/bulletin/MS06-005.mspx
MS06-006
Vulnerability in Windows Media Player Plug-in with Non-Microsoft
Internet Browsers Could Allow Remote Code Execution (911564)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-006.mspx
MS06-007
Vulnerability in TCP/IP Could Allow Denial of Service (913446)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-007.mspx
MS06-008
Vulnerability in Web Client Service Could Allow Remote Code
Execution (911927)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-008.mspx
MS06-009
Vulnerability in the Korean Input Method Editor Could Allow
Elevation of Privilege (901190)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-009.mspx
MS06-010
Vulnerability in PowerPoint 2000 Could Allow Information Disclosure
(889167)
Severity: Important
http://www.microsoft.com/technet/security/bulletin/MS06-010.mspx
MSRT-001: Malicious Software Removal Tool (February Update)
http://www.microsoft.com/security/malwareremove/default.mspx
Additional information about these new security bulletins can be
found on Microsoft's TechNet Web site at:
http://www.microsoft.com/technet/security/bulletin/ms06-Feb.mspx.
An ISO image of MS06-004 through MS06-009 patches can be found at
the Microsoft Download Web site at
http://tinyurl.com/cjwm2.
Additional details on these bulletins can also be found at the
Shavlik Web site:
http://www.shavlik.com/support/bulletin_search.aspx
Shavlik recommends installation of these patches as soon as possible
in order to ensure networks are secure. Deployment is simple with
Shavlik NetChk(TM) Protect, our integrated patch and spyware
management solution. Handle two of the most persistent network
problems through one console!
For more information about
Shavlik NetChk Protect, please visit
http://www.shavlik.com/netchk-protect.html
For
all Shavlik’s products contact Inter Engineering, in
sales@inter.gr or +30 2410 670030. | 
