Microsoft Issues Three Critical Patches

**Strider** · 13-12-2006, 11:36 AM

Microsoft on Tuesday issued a patch for an earlier discovered flaw in Visual Studio 2005, while yet another cumulative patch for Internet Explorer was released, as well as one for a vulnerability within the Windows Media Format.

The Visual Studio flaw covers an issue that was first disclosed by researchers in early November. A remote code execution issue exists within a feature called the WMI Object Broker that is used by the WMI Wizard within Visual Studio. The vulnerability is exploited by viewing a specially crafted webpage, and could result in complete system takeover, Microsoft says.

Of the rest of the vulnerabilities, all were rated "important" by Microsoft. Three deal with remote code execution issues: one in the Simple Network Management Protocol (SNMP), another in a cumulative patch for Outlook Express, and a flaw within the Remote Installation Service.

Finally, a patch has been issued to deal with an elevation of privilege risk within Windows. In order to exploit it, however, valid logon credentials and the ability to log on locally is required.

More Info -
http://www.betanews.com/article/Micr...hes/1165962835

13-12-2006, 11:36 AM	#1
Strider Founder Join Date: Nov 2005 Location: The Last City Zion! Posts: 3,491 Thanks: 282 Thanked 341 Times in 294 Posts Rep Power: 61 OS:	Microsoft Issues Three Critical Patches Microsoft on Tuesday issued a patch for an earlier discovered flaw in Visual Studio 2005, while yet another cumulative patch for Internet Explorer was released, as well as one for a vulnerability within the Windows Media Format. The Visual Studio flaw covers an issue that was first disclosed by researchers in early November. A remote code execution issue exists within a feature called the WMI Object Broker that is used by the WMI Wizard within Visual Studio. The vulnerability is exploited by viewing a specially crafted webpage, and could result in complete system takeover, Microsoft says. Of the rest of the vulnerabilities, all were rated "important" by Microsoft. Three deal with remote code execution issues: one in the Simple Network Management Protocol (SNMP), another in a cumulative patch for Outlook Express, and a flaw within the Remote Installation Service. Finally, a patch has been issued to deal with an elevation of privilege risk within Windows. In order to exploit it, however, valid logon credentials and the ability to log on locally is required. More Info - http://www.betanews.com/article/Micr...hes/1165962835 __________________ Want to ask a question? Try This! A guide on how to post a question, reply to a post etc.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Updated critical patches and rebooted server (server did not reboo	Neil	Windows Security	0	28-08-2007 12:45 PM
Updated critical patches and rebooted server (server did not reboo	Neil	Windows Security	0	28-08-2007 12:44 PM
MS Critical Patches - Reboot - Did not reboot.	Neil	Windows Server 2003	12	28-08-2007 11:48 AM
Microsoft pulls four planned patches	Dark Star	Software Releases	0	06-01-2007 08:46 AM
Microsoft Confirms New Critical IE Flaw	MaYeR	Computer Security	0	24-03-2006 12:53 PM

New To Site?	Need Help?
Register to Participate Meet our Staff Refer Forum Rules Contact Us	Frequently Asked Questions Did you forget your password? Mark Forums Read

Microsoft Issues Three Critical Patches

Computer Security