[Dshield] XP Problem: Microsoft Security Bulletin Summary for
ottalini at mindspring.com
Tue Feb 14 20:20:57 GMT 2006
I was also was unable to install KB913446 on XP Pro SP2 with auto update, so
I ran a baseline security 2.0 scan
identified the missing update and then manually downloaded the patch
(http://www.microsoft.com/technet/security/bulletin/ms06-007.mspx) and it
installed without problem.
----- Original Message -----
To: <list at lists.dshield.org>
Sent: Tuesday, February 14, 2006 11:05 AM
Subject: [Dshield] XP Problem: Microsoft Security Bulletin Summary for
> Patches now available.
> Note: One problem has been detected in downloading and installing
> KB913446 -- it failed on three (3) XP SP2 machines that I tried it on
> (failed on download). Waiting to hear something about it elsewhere but
> nothing further to report at this time (12:40 CST -06:00 UTC).
> - ferg
> Critical (2)
> Cumulative Security Update for Internet Explorer (910620)
> A vulnerability exists in the Graphics Rendering Engine that could allow
> remote code execution.
> Vulnerability in Windows Media Player Could Allow Remote Code Execution
> A vulnerability exists in the way that Windows Media Player processes
> certain files that could allow remote code execution.
> Important (5)
> Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet
> Browsers Could Allow Remote Code Execution (911564)
> A remote code execution vulnerability exists in the Windows Media Player
> plug-in for non-Microsoft Internet browsers that can allow remote code
> Vulnerability in TCP/IP Could Allow Denial of Service (913446)
> A vulnerability exists that could allow an attacker to send a specially
> crafted IGMP that could cause an affected system to stop responding.
> Vulnerability in Web Client Service Could Allow Remote Code Execution
> A vulnerability exists in the Windows Web Client Service that could allow
> an attacker to take complete control of an affected system. An attacker
> must have valid logon credentials and be able to log on locally to exploit
> this vulnerability.
> A vulnerability exists in the Windows and Office in the Korean Input
> Method Editor Could Allow Elevation of Privilege (901190)
> A vulnerability exists in the Windows and Office Korean Input Method
> Editor that could allow an attacker to take complete control of an
> affected system. For an attack to be successful an attacker must be able
> to interactively log on to the affected system.
> Vulnerability in PowerPoint 2000 Could Allow Information Disclosure
> A vulnerability exists PowerPoint that could allow information disclosure.
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> ferg's tech blog: http://fergdawg.blogspot.com/
More information about the list