Happy MS patch Tuesday

Well, twelve patches with nine rated as critical have been officially announced. The list of vulnerabilities is longer than the fixes, so I give MS credit for finding a way to reduce the numbers (ah, the cumulative update). Yet, at least one patch requires a reboot and several deal with exploit code in the wild, so the significance of the vulnerabilities should be reviewed:

Critical

* MS06-040 – Vulnerability in Server Service Could Allow Remote Code Execution
* MS06-041 – Vulnerability in DNS Resolution Could Allow Remote Code Execution
* MS06-042 – Cumulative Security Update for Internet Explorer
* MS06-043 – Vulnerability in Microsoft Windows Could Allow Remote Code Execution
* MS06-044 – Vulnerability in Microsoft Management Console Could Allow Remote Code Execution
* MS06-046 – Vulnerability in HTML Help Could Allow Remote Code Execution
* MS06-047 – Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution
* MS06-048 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
* MS06-051 – Vulnerability in Windows Kernel Coul d Result in Remote Code Execution

Moderate

* MS06-045 – Vulnerability in Windows Explorer Could Allow Remote Code Execution
* MS06-049 – Vulnerability in Windows Kernel Could Result in Elevation of Privilege
* MS06-050 – Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.