Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA06-005A -- Microsoft Windows Metafile Vul

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA06-005A -- Microsoft Windows Metafile Vulnerability
Date: Thu, 5 Jan 2006 17:15:07 -0500 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                     National Cyber Alert System

                   Cyber Security Alert SA06-005A



Microsoft Windows Metafile Vulnerability

   Original release date: January 5, 2006
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Windows


Overview

     Microsoft has released an update that addresses a critical
     vulnerability in Windows Metafile images.


Solution

  Apply Updates

     Microsoft has released a security update for a Windows Metafile
     image vulnerability. To obtain the update, visit the Microsoft
     Update web site. US-CERT also recommends enabling Automatic
     Updates.


Description

     Microsoft Security Bulletin MS06-001 addresses a vulnerability in
     Windows Metafile (WMF) images. This vulnerability may allow an
     attacker to take control of your computer or cause it to
     crash. For more technical information, see US-CERT Technical
     Cyber Security Alert TA06-006A.


References

     * US-CERT Technical Cyber Security Alert TA06-005A -
       <http://www.us-cert.gov/cas/techalerts/TA06-005A.html>

     * US-CERT Vulnerability Note VU#181038 -
       <http://www.kb.cert.org/vuls/id/181038>

     * Microsoft Security Bulletin Summary for January 2006 -
       <http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx>

     * Microsoft Security Bulletin MS06-001 -
       <http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx>

     * Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

     * Security Essentials -
       <http://www.microsoft.com/athome/security/protect/default.aspx>


 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA06-005A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT. Please send email to
   <cert@cert.org> with "SA06-005A Feedback VU#181038" in the subject.
 ____________________________________________________________________

   Mailing list information:

     <http://www.us-cert.gov/cas/>
 ____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


Revision History

   January 5, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQ72Z030pj593lg50AQJM0gf/SgZjbSlAotT4kykcvj4dMvx1PqQ/SxtP
8l9mIP8sMxSGkRZMESgYhU8dADiZYmiI3ztuT0WCXWCDhWsPjw95Jzj+WzByXQGi
BACdPfbJUsVxgRrmCxHQd/x+TFgJD+QLvbb2EcyW/9zIlrNZk696OexLTbeV8ATG
AwpW95v8oi44CnwtPP7atAdf1N65Bi+Fa59w0eNL9N9ml3PveBGgbZAY4Z8YVuLI
El5rf8q/ayfVrZfMkexLZTQrR0UiBUhzcC6toGYNDm0z0t19fPs3zKf/bnpoCJHW
XqlBa8h7Q6JMP1Cgtf+n/WZplxiwOfCK0gFZQbuh5Vqm/g+fpOUqww==
=+3tA
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA06-005A -- Microsoft Windows Metafile Vulnerability, US-CERT Alerts <=
Next by Date:  US-CERT Cyber Security Alert SA06-010A -- Microsoft Windows, Outlook, and Exchange Vulnerabilities, US-CERT Alerts
Next by Thread:  US-CERT Cyber Security Alert SA06-010A -- Microsoft Windows, Outlook, and Exchange Vulnerabilities, US-CERT Alerts
Indexes:  [Date] [Thread] [Top] [All Lists]