US-CERT Technical Cyber Security Alert TA06-318A -- Microsoft Security Updates for Windows, Internet Explorer, and Adobe Flash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                        National Cyber Alert System

		   Technical Cyber Security Alert TA06-318A

Microsoft Security Updates for Windows, Internet Explorer, and Adobe Flash

   Original release date: November 14, 2006
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Windows
     * Microsoft Internet Explorer
     * Adobe Flash


Overview

   Microsoft has released updates that address critical vulnerabilities
   in Microsoft Windows, Internet Explorer, and Adobe Flash. Exploitation
   of these vulnerabilities could allow a remote, unauthenticated
   attacker to execute arbitrary code or cause a denial of service on a
   vulnerable system.

I. Description

   Microsoft has released updates to address vulnerabilities in Microsoft
   Windows, Internet Explorer, and Adobe Flash as part of the Microsoft
   Security Bulletin Summary for November 2006. The most severe
   vulnerabilities could allow a remote, unauthenticated attacker to
   execute arbitrary code or cause a denial of service on a vulnerable
   system. Microsoft has included updates to Adobe Flash, which is
   installed with Internet Explorer.

   Further information is available in the Vulnerability Notes Database.


II. Impact

   A remote, unauthenticated attacker could execute arbitrary code on a
   vulnerable system. An attacker may also be able to cause a denial of
   service.


III. Solution

Apply updates from Microsoft

   Microsoft has provided updates for these vulnerabilities in the
   November 2006 Security Bulletins. The Security Bulletins describe any
   known issues related to the updates. Note any known issues described
   in the Bulletins and test for any potentially adverse affects in your
   environment.

   System administrators may wish to consider using Windows Server Update
   Services (WSUS).


IV. References

     * US-CERT Vulnerability Notes for Microsoft November 2006 updates - 
       <http://www.kb.cert.org/vuls/byid?searchview&query=ms06-nov>

     * Securing Your Web Browser -
       <http://www.us-cert.gov/reading_room/securing_browser/>

     * Microsoft Security Bulletin Summary for November 2006 -
       <http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx>

     * Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

     * Windows Server Update Services -
       <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA06-318A.html>
 
____________________________________________________________________

     Feedback can be directed to US-CERT Technical Staff. Please send
     email to <cert@xxxxxxxx> with "TA06-318A Feedback VU#377369" in
     the subject.
 
____________________________________________________________________

     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 
____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

   November 14, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRVpHwexOF3G+ig+rAQLUEAf9FSKBHOCuPIRuJYJYgY9th7ZRtNdxsWWQ
4ulkdZVv3P682sQEtF6glpLN1h+YHA1oF93uLp6T+7FKlxP1MYrxRPP5p1nH+fCa
bRmVxUSATuDrxaTZmJWcJcL8zvaNTqkkDBCpG8GN32OCwgE40xNJRsKiv2UuIAYJ
geGl8mK5PGb4Sr0Bjlw2n5fbcKkjoJXYmkxV3CXzvpPrtS1fIq0rZ19sRB4+Jw3I
heEM7rKGMo3N4OUEYTpt2yW1Mpj2zVyWo2O8PWJmuMZq1lCsECrvTvfk4/q3s4Yh
Z0l6F4Ps6L2D5PkNkg08EgxvbiPHYI8B8VZ1SlitvOcKiVOggyxYrg==
=K0Wj
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux