Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA06-255A -- Microsoft Windows and Publishe

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA06-255A -- Microsoft Windows and Publisher Vulnerabilities
Date: Tue, 12 Sep 2006 15:55:20 -0400 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                     National Cyber Alert System

                   Cyber Security Alert SA06-255A


Microsoft Windows and Publisher Vulnerabilities

   Original release date: September 12, 2006
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Windows
     * Microsoft Publisher


Overview

     Vulnerabilities in Microsoft Windows and Microsoft Publisher
     could allow an attacker to gain control of your computer.


Solution

  Apply Update

     Microsoft has provided updates to remedy these
     vulnerabilities. To obtain these updates, visit the Microsoft
     Update web site. US-CERT also recommends enabling Automatic
     Updates.

     Microsoft Office Publisher 2000 users must visit the Microsoft
     Office Update web site to get the appropriate updates.

Do not open untrusted documents

     Do not open unfamiliar or unexpected Publisher or other Office
     documents, including those received as email attachments or
     hosted on a web site. For more information, please see Using
     Caution with Email Attachments.


Description

     Vulnerabilities in Microsoft Windows and Microsoft Office
     Publisher may allow an attacker to access your computer, install
     and run malicious software on your computer, or cause it to
     crash. An attacker could exploit these vulnerabilities by using
     specially crafted network traffic, by convincing you to click on
     a specially crafted URL, or by convincing you to open a specially
     crafted Publisher document. A Publisher document could be
     attached to an email message, hosted on a web site, or included
     in another Office document.

     For more technical information, see US-CERT Technical Alert
     TA06-255A.


References

     * US-CERT Technical Alert TA06-255A -
       <http://www.us-cert.gov/cas/techalerts/TA06-255A.html>

     * Using Caution with Email Attachments -
       <http://www.us-cert.gov/cas/tips/ST04-010.html>

     * Microsoft Security Essentials -
       <http://www.microsoft.com/protect/>

     * Microsoft security updates for September 2006 -
       <http://www.microsoft.com/athome/security/update/bulletins/200609.
       mspx>


 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA06-255A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT. Please send email to
   <cert@cert.org> with "SA06-255A Feedback VU#406236" in the subject.
 ____________________________________________________________________

   Mailing list information:

     <http://www.us-cert.gov/cas/>
 ____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


Revision History

   September 12, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRQcQH+xOF3G+ig+rAQLPlwf/ZG8zbut9fTHTfPFCtKGGhd8V91RVMO7q
tTMHwr0RgIsIQh5eeJJZA3kbwYuiqKOOEpzvjskJb+djQeRk9iwNm5xjg6zXQG4w
wExoo954gZPdsGM5gp/vin0H//Ug1CNYqrCOWzV2yOm2QKqTlU3yeu1bVaLhO552
sjrUUPxNyzTP3rRLwTSxd6jMtHYm5ahwxVVX/N6QBfqT6/ZGpY1C2aWovSlkMgBM
/zzcn1c/S2nY/cfJI59VSKBu3xWsCUY5Nhzhodivzro316832sRy8MbDUygJqA4r
KROZcMM8/ef4C+hpFLrxuPZJk7fSGYkpn/WBWWc6tDK3HiMApdq38g==
=xVmG
-----END PGP SIGNATURE-----
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA06-255A -- Microsoft Windows and Publisher Vulnerabilities, US-CERT Alerts <=
Previous by Date:  US-CERT Cyber Security Alert SA06-250A -- Microsoft Word Vulnerability, US-CERT Alerts
Next by Date:  US-CERT Cyber Security Alert SA06-256A -- Apple QuickTime Vulnerabilities, US-CERT Alerts
Previous by Thread:  US-CERT Cyber Security Alert SA06-250A -- Microsoft Word Vulnerability, US-CERT Alerts
Next by Thread:  US-CERT Cyber Security Alert SA06-256A -- Apple QuickTime Vulnerabilities, US-CERT Alerts
Indexes:  [Date] [Thread] [Top] [All Lists]