Microsoft warns of "critical" security flaws

Discussion in 'Computer Security' started by imhotep, Jun 14, 2006.

  1. imhotep

    imhotep Guest

    "SAN FRANCISCO (Reuters) - Microsoft Corp. on Tuesday warned of
    eight "critical" security flaws in its Windows operating system and Office
    software that could allow attackers to take control of a computer."

    "The significance of this large number of patches lies in the fact that 19
    of them are remote code executions," said Amol Sarwate, manager of the
    Vulnerability Research Lab at Qualys."

    http://news.yahoo.com/s/nm/20060613/ts_nm/microsoft_security_dc

    Imhotep

    --
    *************************************
    Pass a Net Neutrality Law in the US!!!!

    Save the Internet:
    http://www.savetheinternet.com/

    Its our net:
    http://www.itsournet.org/

    *************************************
    imhotep, Jun 14, 2006
    #1
    1. Advertising

  2. From: "imhotep" <>

    | "SAN FRANCISCO (Reuters) - Microsoft Corp. on Tuesday warned of
    | eight "critical" security flaws in its Windows operating system and Office
    | software that could allow attackers to take control of a computer."
    |
    | "The significance of this large number of patches lies in the fact that 19
    | of them are remote code executions," said Amol Sarwate, manager of the
    | Vulnerability Research Lab at Qualys."
    |
    | http://news.yahoo.com/s/nm/20060613/ts_nm/microsoft_security_dc
    |
    | Imhotep
    |

    You mean like this...



    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1



    National Cyber Alert System

    Technical Cyber Security Alert TA06-164A



    Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and
    Exchange Vulnerabilities

    Original release date: June 13, 2006
    Last revised: --
    Source: US-CERT



    Systems Affected

    * Microsoft Windows
    * Microsoft Windows Media Player
    * Microsoft Internet Explorer
    * Microsoft PowerPoint for Windows and Mac OS X
    * Microsoft Word for Windows
    * Microsoft Office
    * Microsoft Works Suite
    * Microsoft Exchange Server Outlook Web Access

    For more complete information, refer to the Microsoft Security
    Bulletin Summary for June 2006.



    Overview

    Microsoft has released updates that address critical vulnerabilities
    in Microsoft Windows, Word, PowerPoint, Media Player, Internet
    Explorer, and Exchange Server. Exploitation of these vulnerabilities
    could allow a remote, unauthenticated attacker to execute arbitrary
    code or cause a denial of service on a vulnerable system.



    I. Description

    Microsoft Security Bulletin Summary for June 2006 addresses
    vulnerabilities in Microsoft Windows, Word, PowerPoint, Media Player,
    Internet Explorer, and Exchange Server. Further information is
    available in the following US-CERT Vulnerability Notes:

    VU#722753 - Microsoft IP Source Route Vulnerability

    A vulnerability in Microsoft Windows could allow a remote attacker to
    execute arbitrary code on a vulnerable system.
    (CVE-2006-2379)

    VU#446012 - Microsoft Word object pointer memory corruption
    vulnerability

    A memory corruption vulnerability in Microsoft Word could allow a
    remote attacker to execute arbitrary code with the privileges of the
    user running Word.
    (CVE-2006-2492)

    VU#190089 - Microsoft PowerPoint malformed record vulnerability

    Microsoft PowerPoint fails to properly handle malformed records. This
    may allow a remote attacker to execute arbitrary code on a vulnerable
    system.
    (CVE-2006-0022)

    VU#923236 - Microsoft Windows ART image handling buffer overflow

    Microsoft Windows ART image handling routines are vulnerable to a
    heap-based buffer overflow. This vulnerability may allow a remote,
    unauthenticated attacker to execute arbitrary code on a vulnerable
    system.
    (CVE-2006-2378)

    VU#390044 - Microsoft JScript memory corruption vulnerability

    Microsoft JScript contains a memory corruption vulnerability. This
    vulnerability may allow a remote, unauthenticated attacker to execute
    arbitrary code on a vulnerable system.
    (CVE-2006-1313)

    VU#338828 - Microsoft Internet Explorer exception handling
    vulnerability

    Microsoft Internet Explorer fails to properly handle exception
    conditions. This may allow a remote, unauthenticated attacker to
    execute arbitrary code.
    (CVE-2006-2218)

    VU#417585 - Microsoft DXImageTransform Light filter fails to validate
    input

    The Microsoft DXImageTransform Light COM object fails to validate
    input, which may allow a remote attacker to execute arbitrary code on
    a vulnerable system.
    (CVE-2006-2383)

    VU#959049 - Multiple COM objects cause memory corruption in Microsoft
    Internet Explorer

    Microsoft Internet Explorer (IE) allows instantiation of COM objects
    not designed for use in the browser, which may allow a remote attacker
    to execute arbitrary code or crash IE.
    (CVE-2006-2127)

    VU#136849 - Microsoft Internet Explorer UTF-8 decoding vulnerability

    Microsoft Internet Explorer fails to properly decode UTF-8 encoded
    HTML. This may allow a remote, unauthenticated attacker to execute
    arbitrary code on a vulnerable system.
    (CVE-2006-2382)

    VU#909508 - Microsoft Graphics Rendering Engine fails to properly
    handle WMF images

    Microsoft Windows Graphics Rendering Engine contains a vulnerability
    that may allow a remote attacker to execute arbitrary code on a
    vulnerable system.
    (CVE-2006-2376)

    VU#608020 - Microsoft Windows Media Player PNG processing buffer
    overflow

    Microsoft Windows Media Player contains a stack-based buffer overflow
    vulnerability that may allow a remote, unauthenticated attacker to
    execute arbitrary code on a vulnerable system.
    (CVE-2006-0025)

    VU#814644 - Microsoft Remote Access Connection Manager service
    vulnerable to buffer overflow

    A vulnerability in the Microsoft Remote Access Connection Manager may
    allow a remote attacker to execute arbitrary code on a vulnerable
    system.
    (CVE-2006-2371)

    VU#631516 - Microsoft Routing and Remote Access does not properly
    handle RPC requests

    There is a vulnerability in the Microsoft Windows Routing and Remote
    Access Service that could allow an attacker to take control of the
    affected system.
    (CVE-2006-2370)

    VU#138188 - Microsoft Outlook Web Access for Exchange Server script
    injection vulnerability

    A script injection vulnerability exists in Microsoft Exchange Server
    running Outlook Web Access.
    (CVE-2006-1193)

    In MS06-027 Microsoft has released updates for the Word vulnerability
    described in Technical Cyber Security Alert TA06-139A.



    II. Impact

    A remote, unauthenticated attacker could execute arbitrary code on a
    vulnerable system. An attacker may also be able to cause a denial of
    service.



    III. Solution

    Apply Updates

    Microsoft has provided updates for these vulnerabilities in the
    Security Bulletins. Microsoft Windows updates are available on the
    Microsoft Update site.

    Workarounds

    Please see the US-CERT Vulnerability Notes for workarounds.



    Appendix A. References

    * Microsoft Security Bulletin Summary for June 2006 -
    <http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx>

    * Technical Cyber Security Alert TA06-139A -
    <http://www.us-cert.gov/cas/techalerts/TA06-139A.html>

    * US-CERT Vulnerability Notes for Microsoft Updates for June 2006 -
    <http://www.kb.cert.org/vuls/byid?searchview&query=ms06-june>

    * US-CERT Vulnerability Note VU#446012 -
    <http://www.kb.cert.org/vuls/id/446012>

    * US-CERT Vulnerability Note VU#190089 -
    <http://www.kb.cert.org/vuls/id/190089>

    * US-CERT Vulnerability Note VU#923236 -
    <http://www.kb.cert.org/vuls/id/923236>

    * US-CERT Vulnerability Note VU#390044 -
    <http://www.kb.cert.org/vuls/id/390044>

    * US-CERT Vulnerability Note VU#338828 -
    <http://www.kb.cert.org/vuls/id/338828>

    * US-CERT Vulnerability Note VU#417585 -
    <http://www.kb.cert.org/vuls/id/417585>

    * US-CERT Vulnerability Note VU#136849 -
    <http://www.kb.cert.org/vuls/id/136849>

    * US-CERT Vulnerability Note VU#909508 -
    <http://www.kb.cert.org/vuls/id/909508>

    * US-CERT Vulnerability Note VU#722753 -
    <http://www.kb.cert.org/vuls/id/722753>

    * US-CERT Vulnerability Note VU#959049 -
    <http://www.kb.cert.org/vuls/id/959049>

    * US-CERT Vulnerability Note VU#138188 -
    <http://www.kb.cert.org/vuls/id/138188>

    * US-CERT Vulnerability Note VU#608020 -
    <http://www.kb.cert.org/vuls/id/608020>

    * US-CERT Vulnerability Note VU#814644 -
    <http://www.kb.cert.org/vuls/id/814644>

    * US-CERT Vulnerability Note VU#631516 -
    <http://www.kb.cert.org/vuls/id/631516>

    * CVE-2006-2492 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2492>

    * CVE-2006-0022 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0022>

    * CVE-2006-2378 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2378>

    * CVE-2006-1313 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1313>

    * CVE-2006-2218 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2218>

    * CVE-2006-2383 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2383>

    * CVE-2006-2127 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2127>

    * CVE-2006-2382 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2382>

    * CVE-2006-2376 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2376>

    * CVE-2006-2379 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2379>

    * CVE-2006-1193 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1193>

    * CVE-2006-0025 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0025>

    * CVE-2006-2371 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2371>

    * CVE-2006-2370 -
    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2370>

    * Microsoft Update - <https://update.microsoft.com/microsoftupdate>

    * Securing Your Web Browser -
    <http://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex
    plorer>



    ____________________________________________________________________

    The most recent version of this document can be found at:

    <http://www.us-cert.gov/cas/techalerts/TA06-164A.html>
    ____________________________________________________________________

    Feedback can be directed to US-CERT Technical Staff. Please send
    email to <> with "TA06-164A Feedback VU#390044" in the
    subject.
    ____________________________________________________________________

    For instructions on subscribing to or unsubscribing from this
    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
    ____________________________________________________________________

    Produced 2006 by US-CERT, a government organization.

    Terms of use:

    <http://www.us-cert.gov/legal.html>
    ____________________________________________________________________



    Revision History

    June 13, 2006: Initial release



    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)

    iQEVAwUBRI8+kn0pj593lg50AQKHOwgAvRyUSM1UUAm9rMCEqmqK2F7Nc0zmyBF/
    LJQMV04M44DBzO/uAJvj1Bagsg1+eCQB9L86qL3WzKZev200gkYUki1xOJ/S7yv2
    8K3ovQ9g2HFTuovw6tO2GE6EO5tWyGO0RjW4juEIe03vUF8rvkBzhQFjl4YCK7Lk
    J+O3eula74ZcDExuT/8tzbYmUnW2V5YB4n8THdZmwUcQBG8HgCiYBeA5Ne0Gs2/l
    FqcGY6/GcileVChU98p3GBQWp8B+WSUSxGSFEmRl4BnRhB0Me8/RmJt0+Bxs+RJP
    mokjmXu0dBFZUAMP0drS1ZBnhu8/s2jo0gvu5qoDmL4el5Y1Lj6bGA==
    =k+F0
    -----END PGP SIGNATURE-----


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Jun 14, 2006
    #2
    1. Advertising

  3. imhotep

    imhotep Guest

    David H. Lipman wrote:

    > From: "imhotep" <>
    >
    > | "SAN FRANCISCO (Reuters) - Microsoft Corp. on Tuesday warned of
    > | eight "critical" security flaws in its Windows operating system and
    > | Office software that could allow attackers to take control of a
    > | computer."
    > |
    > | "The significance of this large number of patches lies in the fact that
    > | 19 of them are remote code executions," said Amol Sarwate, manager of
    > | the Vulnerability Research Lab at Qualys."
    > |
    > | http://news.yahoo.com/s/nm/20060613/ts_nm/microsoft_security_dc
    > |
    > | Imhotep
    > |
    >
    > You mean like this...
    >
    >
    >
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    >
    >
    > National Cyber Alert System
    >
    > Technical Cyber Security Alert TA06-164A
    >
    >
    >
    > Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and
    > Exchange Vulnerabilities
    >
    > Original release date: June 13, 2006
    > Last revised: --
    > Source: US-CERT
    >
    >
    >
    > Systems Affected
    >
    > * Microsoft Windows
    > * Microsoft Windows Media Player
    > * Microsoft Internet Explorer
    > * Microsoft PowerPoint for Windows and Mac OS X
    > * Microsoft Word for Windows
    > * Microsoft Office
    > * Microsoft Works Suite
    > * Microsoft Exchange Server Outlook Web Access
    >
    > For more complete information, refer to the Microsoft Security
    > Bulletin Summary for June 2006.
    >
    >
    >
    > Overview
    >
    > Microsoft has released updates that address critical vulnerabilities
    > in Microsoft Windows, Word, PowerPoint, Media Player, Internet
    > Explorer, and Exchange Server. Exploitation of these vulnerabilities
    > could allow a remote, unauthenticated attacker to execute arbitrary
    > code or cause a denial of service on a vulnerable system.
    >
    >
    >
    > I. Description
    >
    > Microsoft Security Bulletin Summary for June 2006 addresses
    > vulnerabilities in Microsoft Windows, Word, PowerPoint, Media Player,
    > Internet Explorer, and Exchange Server. Further information is
    > available in the following US-CERT Vulnerability Notes:
    >
    > VU#722753 - Microsoft IP Source Route Vulnerability
    >
    > A vulnerability in Microsoft Windows could allow a remote attacker to
    > execute arbitrary code on a vulnerable system.
    > (CVE-2006-2379)
    >
    > VU#446012 - Microsoft Word object pointer memory corruption
    > vulnerability
    >
    > A memory corruption vulnerability in Microsoft Word could allow a
    > remote attacker to execute arbitrary code with the privileges of the
    > user running Word.
    > (CVE-2006-2492)
    >
    > VU#190089 - Microsoft PowerPoint malformed record vulnerability
    >
    > Microsoft PowerPoint fails to properly handle malformed records. This
    > may allow a remote attacker to execute arbitrary code on a vulnerable
    > system.
    > (CVE-2006-0022)
    >
    > VU#923236 - Microsoft Windows ART image handling buffer overflow
    >
    > Microsoft Windows ART image handling routines are vulnerable to a
    > heap-based buffer overflow. This vulnerability may allow a remote,
    > unauthenticated attacker to execute arbitrary code on a vulnerable
    > system.
    > (CVE-2006-2378)
    >
    > VU#390044 - Microsoft JScript memory corruption vulnerability
    >
    > Microsoft JScript contains a memory corruption vulnerability. This
    > vulnerability may allow a remote, unauthenticated attacker to execute
    > arbitrary code on a vulnerable system.
    > (CVE-2006-1313)
    >
    > VU#338828 - Microsoft Internet Explorer exception handling
    > vulnerability
    >
    > Microsoft Internet Explorer fails to properly handle exception
    > conditions. This may allow a remote, unauthenticated attacker to
    > execute arbitrary code.
    > (CVE-2006-2218)
    >
    > VU#417585 - Microsoft DXImageTransform Light filter fails to validate
    > input
    >
    > The Microsoft DXImageTransform Light COM object fails to validate
    > input, which may allow a remote attacker to execute arbitrary code on
    > a vulnerable system.
    > (CVE-2006-2383)
    >
    > VU#959049 - Multiple COM objects cause memory corruption in Microsoft
    > Internet Explorer
    >
    > Microsoft Internet Explorer (IE) allows instantiation of COM objects
    > not designed for use in the browser, which may allow a remote attacker
    > to execute arbitrary code or crash IE.
    > (CVE-2006-2127)
    >
    > VU#136849 - Microsoft Internet Explorer UTF-8 decoding vulnerability
    >
    > Microsoft Internet Explorer fails to properly decode UTF-8 encoded
    > HTML. This may allow a remote, unauthenticated attacker to execute
    > arbitrary code on a vulnerable system.
    > (CVE-2006-2382)
    >
    > VU#909508 - Microsoft Graphics Rendering Engine fails to properly
    > handle WMF images
    >
    > Microsoft Windows Graphics Rendering Engine contains a vulnerability
    > that may allow a remote attacker to execute arbitrary code on a
    > vulnerable system.
    > (CVE-2006-2376)
    >
    > VU#608020 - Microsoft Windows Media Player PNG processing buffer
    > overflow
    >
    > Microsoft Windows Media Player contains a stack-based buffer overflow
    > vulnerability that may allow a remote, unauthenticated attacker to
    > execute arbitrary code on a vulnerable system.
    > (CVE-2006-0025)
    >
    > VU#814644 - Microsoft Remote Access Connection Manager service
    > vulnerable to buffer overflow
    >
    > A vulnerability in the Microsoft Remote Access Connection Manager may
    > allow a remote attacker to execute arbitrary code on a vulnerable
    > system.
    > (CVE-2006-2371)
    >
    > VU#631516 - Microsoft Routing and Remote Access does not properly
    > handle RPC requests
    >
    > There is a vulnerability in the Microsoft Windows Routing and Remote
    > Access Service that could allow an attacker to take control of the
    > affected system.
    > (CVE-2006-2370)
    >
    > VU#138188 - Microsoft Outlook Web Access for Exchange Server script
    > injection vulnerability
    >
    > A script injection vulnerability exists in Microsoft Exchange Server
    > running Outlook Web Access.
    > (CVE-2006-1193)
    >
    > In MS06-027 Microsoft has released updates for the Word vulnerability
    > described in Technical Cyber Security Alert TA06-139A.
    >
    >
    >
    > II. Impact
    >
    > A remote, unauthenticated attacker could execute arbitrary code on a
    > vulnerable system. An attacker may also be able to cause a denial of
    > service.
    >
    >
    >
    > III. Solution
    >
    > Apply Updates
    >
    > Microsoft has provided updates for these vulnerabilities in the
    > Security Bulletins. Microsoft Windows updates are available on the
    > Microsoft Update site.
    >
    > Workarounds
    >
    > Please see the US-CERT Vulnerability Notes for workarounds.
    >
    >
    >
    > Appendix A. References
    >
    > * Microsoft Security Bulletin Summary for June 2006 -
    > <http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx>
    >
    > * Technical Cyber Security Alert TA06-139A -
    > <http://www.us-cert.gov/cas/techalerts/TA06-139A.html>
    >
    > * US-CERT Vulnerability Notes for Microsoft Updates for June 2006 -
    > <http://www.kb.cert.org/vuls/byid?searchview&query=ms06-june>
    >
    > * US-CERT Vulnerability Note VU#446012 -
    > <http://www.kb.cert.org/vuls/id/446012>
    >
    > * US-CERT Vulnerability Note VU#190089 -
    > <http://www.kb.cert.org/vuls/id/190089>
    >
    > * US-CERT Vulnerability Note VU#923236 -
    > <http://www.kb.cert.org/vuls/id/923236>
    >
    > * US-CERT Vulnerability Note VU#390044 -
    > <http://www.kb.cert.org/vuls/id/390044>
    >
    > * US-CERT Vulnerability Note VU#338828 -
    > <http://www.kb.cert.org/vuls/id/338828>
    >
    > * US-CERT Vulnerability Note VU#417585 -
    > <http://www.kb.cert.org/vuls/id/417585>
    >
    > * US-CERT Vulnerability Note VU#136849 -
    > <http://www.kb.cert.org/vuls/id/136849>
    >
    > * US-CERT Vulnerability Note VU#909508 -
    > <http://www.kb.cert.org/vuls/id/909508>
    >
    > * US-CERT Vulnerability Note VU#722753 -
    > <http://www.kb.cert.org/vuls/id/722753>
    >
    > * US-CERT Vulnerability Note VU#959049 -
    > <http://www.kb.cert.org/vuls/id/959049>
    >
    > * US-CERT Vulnerability Note VU#138188 -
    > <http://www.kb.cert.org/vuls/id/138188>
    >
    > * US-CERT Vulnerability Note VU#608020 -
    > <http://www.kb.cert.org/vuls/id/608020>
    >
    > * US-CERT Vulnerability Note VU#814644 -
    > <http://www.kb.cert.org/vuls/id/814644>
    >
    > * US-CERT Vulnerability Note VU#631516 -
    > <http://www.kb.cert.org/vuls/id/631516>
    >
    > * CVE-2006-2492 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2492>
    >
    > * CVE-2006-0022 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0022>
    >
    > * CVE-2006-2378 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2378>
    >
    > * CVE-2006-1313 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1313>
    >
    > * CVE-2006-2218 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2218>
    >
    > * CVE-2006-2383 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2383>
    >
    > * CVE-2006-2127 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2127>
    >
    > * CVE-2006-2382 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2382>
    >
    > * CVE-2006-2376 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2376>
    >
    > * CVE-2006-2379 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2379>
    >
    > * CVE-2006-1193 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1193>
    >
    > * CVE-2006-0025 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0025>
    >
    > * CVE-2006-2371 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2371>
    >
    > * CVE-2006-2370 -
    > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2370>
    >
    > * Microsoft Update - <https://update.microsoft.com/microsoftupdate>
    >
    > * Securing Your Web Browser -
    > <http://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex
    > plorer>
    >
    >
    >
    > ____________________________________________________________________
    >
    > The most recent version of this document can be found at:
    >
    > <http://www.us-cert.gov/cas/techalerts/TA06-164A.html>
    > ____________________________________________________________________
    >
    > Feedback can be directed to US-CERT Technical Staff. Please send
    > email to <> with "TA06-164A Feedback VU#390044" in the
    > subject.
    > ____________________________________________________________________
    >
    > For instructions on subscribing to or unsubscribing from this
    > mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
    > ____________________________________________________________________
    >
    > Produced 2006 by US-CERT, a government organization.
    >
    > Terms of use:
    >
    > <http://www.us-cert.gov/legal.html>
    > ____________________________________________________________________
    >
    >
    >
    > Revision History
    >
    > June 13, 2006: Initial release
    >
    >
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: GnuPG v1.2.1 (GNU/Linux)
    >
    > iQEVAwUBRI8+kn0pj593lg50AQKHOwgAvRyUSM1UUAm9rMCEqmqK2F7Nc0zmyBF/
    > LJQMV04M44DBzO/uAJvj1Bagsg1+eCQB9L86qL3WzKZev200gkYUki1xOJ/S7yv2
    > 8K3ovQ9g2HFTuovw6tO2GE6EO5tWyGO0RjW4juEIe03vUF8rvkBzhQFjl4YCK7Lk
    > J+O3eula74ZcDExuT/8tzbYmUnW2V5YB4n8THdZmwUcQBG8HgCiYBeA5Ne0Gs2/l
    > FqcGY6/GcileVChU98p3GBQWp8B+WSUSxGSFEmRl4BnRhB0Me8/RmJt0+Bxs+RJP
    > mokjmXu0dBFZUAMP0drS1ZBnhu8/s2jo0gvu5qoDmL4el5Y1Lj6bGA==
    > =k+F0
    > -----END PGP SIGNATURE-----
    >
    >


    No. I do not believe these are patched yet. I believe these are coming out
    next patch Tuesday....

    Imhotep

    --
    *************************************
    Pass a Net Neutrality Law in the US!!!!

    Save the Internet:
    http://www.savetheinternet.com/

    Its our net:
    http://www.itsournet.org/

    *************************************
    imhotep, Jun 14, 2006
    #3
  4. imhotep

    Jbob Guest

    >"imhotep" <> wrote in message
    >news:...
    > No. I do not believe these are patched yet. I believe these are coming out
    > next patch Tuesday....
    >
    > Imhotep
    >


    Sorry to dissapoint you but the patches for all of these was released
    yesterday, not next patch Tuesday.

    http://news.zdnet.com/2100-1009_22-6083424.html?tag=nl.e550 Patches for 21
    flaws
    Jbob, Jun 14, 2006
    #4
  5. imhotep

    imhotep Guest

    Jbob wrote:

    >>"imhotep" <> wrote in message
    >>news:...
    >> No. I do not believe these are patched yet. I believe these are coming
    >> out next patch Tuesday....
    >>
    >> Imhotep
    >>

    >
    > Sorry to dissapoint you but the patches for all of these was released
    > yesterday, not next patch Tuesday.
    >
    > http://news.zdnet.com/2100-1009_22-6083424.html?tag=nl.e550 Patches for
    > 21 flaws



    The original poster (me) posted this *before* the patches were release to
    give people a heads up (check the date if you wish). Sorry to disappoint
    you!

    Imhotep

    --
    *************************************
    Pass a Net Neutrality Law in the US!!!!

    Save the Internet:
    http://www.savetheinternet.com/

    Its our net:
    http://www.itsournet.org/

    *************************************
    imhotep, Jun 15, 2006
    #5
  6. imhotep wrote:

    > The original poster (me) posted this *before* the patches were release to
    > give people a heads up (check the date if you wish). Sorry to disappoint
    > you!


    Sorry to disappoint you, but you posted on exactly patch Tuesday after
    the patches were released.
    Sebastian Gottschalk, Jun 15, 2006
    #6
  7. imhotep

    imhotep Guest

    Sebastian Gottschalk wrote:

    > imhotep wrote:
    >
    >> The original poster (me) posted this *before* the patches were release to
    >> give people a heads up (check the date if you wish). Sorry to disappoint
    >> you!

    >
    > Sorry to disappoint you, but you posted on exactly patch Tuesday after
    > the patches were released.


    ....maybe you should call Yahoo can complain. The story was released from
    Yahoo at Tue Jun 13, 6:19 PM ET and I posted it at 10...I hope that does
    not disappoint you too much...

    On a sincere note, just what the hell does this have to do with the many
    patches released or their severity? Just trying to waste other people's
    time?

    Imhotep

    --
    *************************************
    Pass a Net Neutrality Law in the US!!!!

    Save the Internet:
    http://www.savetheinternet.com/

    Its our net:
    http://www.itsournet.org/

    *************************************
    imhotep, Jun 16, 2006
    #7
  8. imhotep

    VanguardLH Guest

    Bill wrote:

    > I need help with" Microsoft Security Essentials "
    > and windows defender.


    Oh yeah, that was detailed so anyone would know how to reply, uh huh.
    Plus you just had to hijack someone else's 4 YEAR OLD thread, too.


    --- Posting Hints ---

    ALWAYS REVIEW your message before submitting it. You want someone OTHER
    than yourself to understand your post. Also remember that no one here
    is looking over your shoulder to see at what you are pointing. If you
    don't well explain your situation by providing the DETAILS that you
    already know, don't expect others to know what is your situation.
    Explain YOUR computing environment and just what actions you take to
    reproduce the problem.

    Often you get just one chance per potential respondent to elicit a reply
    from them. If they skip your post because you gave them nothing to go
    on (no details, no versions, no OS, no context) then they will usually
    move on to the next post and never return to yours.

    What is Usenet:
    http://en.wikipedia.org/wiki/Usenet
    http://en.wikipedia.org/wiki/Newsgroups
    http://www.masonicinfo.com/newsgroups.htm
    http://www.mcfedries.com/Ramblings/usenet-primer.asp

    How to post to newsgroups:
    http://66.39.69.143/goodpost.htm
    http://support.microsoft.com/kb/555375
    http://users.tpg.com.au/bzyhjr/liszt.html
    http://www.mugsy.org/asa_faq/getting_along/usenet.shtml

    Regarding error or status messages:
    - Do NOT omit the message.
    - Do NOT describe the message.
    - Do NOT summarize the message.
    - Do NOT paraphrase the message.
    - Do NOT truncate the message.
    - Do show the ENTIRE message (but munge or star out personal info,
    like your username in an e-mail address but not the domain).
    And DETAIL the steps to reproduce the error or problem.

    Bye.
    VanguardLH, Sep 9, 2010
    #8
  9. imhotep

    Regis Guest

    Arthur T. <> writes:

    >In Message-ID:<i69vdc$i9q$>,
    >VanguardLH <> wrote:
    >
    >
    > (much snippage)
    >>--- Posting Hints ---

    >
    > You didn't include one of my favorite links:
    >http://www.catb.org/esr/faqs/smart-questions.html



    On the o ther hand, the guy actually asked a security related question,
    which frankly, is above average round here lately.

    Sure it was a grossly underspecified security related question, but it
    WAS a security related question.

    Do not be chased off by the flames... original poster, please resubmit
    what issues you're having with MSE and windows defender. Or perhaps did
    you get duped by the fake antivirus product that has been designed to
    look nearly exactly like it... but is instead scareware?
    Regis, Sep 10, 2010
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mcploppy ©

    FYI: MICROSOFT WARNS OF CRITICAL WINDOWS FLAW

    Mcploppy ©, Jul 24, 2003, in forum: Computer Support
    Replies:
    21
    Views:
    737
  2. Au79

    MICROSOFT warns of fresh IE, Windows flaws

    Au79, Feb 10, 2006, in forum: Computer Support
    Replies:
    0
    Views:
    396
  3. Au79
    Replies:
    1
    Views:
    451
  4. Au79
    Replies:
    0
    Views:
    370
  5. Au79
    Replies:
    1
    Views:
    484
    Fuzzy Logic
    Jan 10, 2007
Loading...

Share This Page