Tuesday, May 09, 2006

Microsoft releases two critical security patches

Microsoft has gone ahead and made available its May 2006 security bulletin, which includes three updates: Two are critical, and one moderate. All versions of Windows will be affected by at least one of the critical update bulletins. These updates will update your Windows, and does not include any MS Office updates. All of the three updates can be downloaded via Microsoft Update or via the individual bulletins explained below.
  1. MS06-018: Moderate - Entitled "Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service," this advisory affects Windows 2000 SP4, Windows XP (SP1 and SP2) and Windows 2003 Server. It does not affect Windows XP x64 edition, nor Windows versions Me, 98 SE, or 98.
  2. MS06-019: Critical - Entitled "Vulnerability in Microsoft Exchange Could Allow Remote Code Execution," this bulletin affects Microsoft Exchange Server 2000 and 2003. This update will change some of the permissions allowed within Microsoft Exchange Server by limiting users who send "on behalf of" another user. Exploitation of this flaw could allow a remote attacker to run malicious code on a vulnerable PC.
  3. MS06-020: Critical - Entitled "Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution," this bulletin affects all versions of Windows except Windows 2000 and Windows 2003 Server. Although Flash is a software product created by Adobe, versions of Flash have been distributed within versions of Windows 98, 98 SE, Me, and XP. If you are running Flash version 4.0.28, 5.0.44, or 6.0.79, you need to update with this patch. Adobe has an additional details in its own security bulletin.

[via: cnet]


Post a Comment

<< Home