Microsoft Security Bulletin Summary for Septemeber 2006
Guide to Severity Rating System
Check Other Bulletins
|
Critical
|
|
Microsoft Security Bulletin MS06-054
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution
Update Number: 910729
Serverity Rating: Critical
Affected Software:
· Office Publisher 2000 for XP on Microsoft Office 2000 Service Pack 3
· Office Publisher 2002 on Microsoft Office XP Service Pack 3
· Office Publisher 2003 on Microsoft Office 2003 Service Pack 1 and Service Pack 2
This update resolves a newly-discovered, privately-reported vulnerability. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. More information for this update can be found at:
http://www.microsoft.com/technet/security/bulletin/MS06-054.mspx
|
|
Important
|
|
Microsoft Security Bulletin MS06-052
Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution
Update Number: 919007
Serverity Rating: Important
Affected Software:
· Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Non-Affected Software:
· Microsoft Windows 2000 Service Pack 4
· Microsoft Windows XP Professional x64 Edition
· Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
· Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
· Microsoft Windows Server 2003 x64 Edition
This update resolves a newly discovered, privately reported, vulnerability.An attacker who successfully exploited the vulnerability could take complete control of the affected system. The Windows service needed that would allow PGM communications is not installed by default. More information for this update can be found at:
http://www.microsoft.com/technet/security/bulletin/MS06-052.mspx
|
|
Moderate
|
|
Microsoft Security Bulletin MS06-053
Vulnerability in Indexing Service Could Allow Cross-Site Scripting
Update Number: 920685
Serverity Rating: Moderate
Affected Software:
· Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
· Microsoft Windows 2000 Service Pack 4
· Microsoft Windows XP Professional x64 Edition
· Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
· Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
· Microsoft Windows Server 2003 x64 Edition
This update resolves a newly discovered, privately reported, vulnerability.The vulnerability could allow an attacker to gain unauthorized access to information. Note that this vulnerability would not allow an attacker to execute code to elevate their user rights directly, but it could be used to produce useful information that could be used to further compromise the affected system. More information for this update can be found at:
http://www.microsoft.com/technet/security/bulletin/MS06-053.mspx
|
