Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA06-346A -- Vulnerabilities in Microsoft P

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA06-346A -- Vulnerabilities in Microsoft Products
Date: Tue, 12 Dec 2006 17:20:49 -0500 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                     National Cyber Alert System

                   Cyber Security Alert SA06-346A

Vulnerabilities in Microsoft Products

   Original release date: December 12, 2006
   Last revised: --
   Source: US-CERT

Systems Affected

     * Microsoft Windows
     * Microsoft Visual Studio
     * Microsoft Outlook Express
     * Microsoft Media Player
     * Microsoft Internet Explorer
     * Microsoft Office 2004 for Mac
     * Microsoft Office v. X for Mac

Overview

     Vulnerabilities in Microsoft Windows and Visual Studio could allow
     an attacker to gain control of your computer.

Solution

Apply Update

     Microsoft has provided updates to remedy these vulnerabilities. To
     obtain these updates, visit the Microsoft Update web site. We also
     recommend enabling Automatic Updates.

Description

     Vulnerabilities in Microsoft Windows, Visual Studio, Outlook
     Express, Media Player, Internet Explorer, Office 2004 for Mac, and
     Microsoft Office v. X for Mac may allow an attacker to access your
     computer, install and run malicious software on your computer, or
     cause it to crash. An attacker could exploit these vulnerabilities
     by using specially crafted network traffic, or by convincing you to
     view a specially crafted web site or HTML email message.

     For more technical information, see US-CERT Technical Alert
     TA06-346A.

References

     * Technical Alert TA06-346A -
       <http://www.us-cert.gov/cas/techalerts/TA06-346A.html>
     * Vulnerability Notes for Microsoft December 2006 updates -
       <http://www.kb.cert.org/vuls/byid?searchview&query=ms06-dec>
     * Microsoft Security Essentials -
       <http://www.microsoft.com/protect/>
     * Microsoft security updates for December 2006 -
       <http://www.microsoft.com/athome/security/update/bulletins/200612.mspx>
     * Microsoft Update - <https://update.microsoft.com/microsoftupdate/>
     * Microsoft Automatic Updates -
       
<http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx#EZB>
     * Microsoft Office 2004 for Mac 11.3.1 Update -
       
<http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/office2004/Office2004_11.3.1.xml>
     * Microsoft Office v. X for Mac Security Update (2006-12-12) -
       
<http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/officex/OfficeX_12_12_2006.xml>


____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA06-346A.html>
____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "SA06-346 Feedback VU#622008"
   the subject.
____________________________________________________________________

     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History:

   December 12, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRX8qhuxOF3G+ig+rAQKB1gf8D1pPK0c2mmZ40cXuC7BhusZ2I/9Y8miu
BR/Ef4XlcruI7jsqG4zZeXzesdWPm0NgLKVGe3Eet/vLuahK4P2UFVQDDI57gYkX
1ARRCxRVEloyC04gRmHcD4ZBm5yDx/Y6anNRHcpos8GtCCOfOIQptS3KtllWJFrl
+yinDQ9q2WRgTwK/GhvGkoMSXza8FAgfJJdCOngr0Xph44TGQVNYz73U+BaqayVC
Q+gaKmP3Y8zwhuhSwOJxsxBCdUyd2M6J8MSOQmRGcSzdffohIeTfXFTnZ0cmclHB
BZ5vd3jO+M5lCyF9px3FXSwy3A78AOc89ExCumEP0Q3mfJzSd7Us9Q==
=F04J
-----END PGP SIGNATURE-----
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA06-346A -- Vulnerabilities in Microsoft Products, US-CERT Alerts <=
Next by Date:  US-CERT Cyber Security Alert SA06-354A -- Mozilla Addresses Multiple Vulnerabilities, US-CERT Alerts
Next by Thread:  US-CERT Cyber Security Alert SA06-354A -- Mozilla Addresses Multiple Vulnerabilities, US-CERT Alerts
Indexes:  [Date] [Thread] [Top] [All Lists]