Microsoft releases two critical security patches
- MS06-018: Moderate - Entitled "Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service," this advisory affects Windows 2000 SP4, Windows XP (SP1 and SP2) and Windows 2003 Server. It does not affect Windows XP x64 edition, nor Windows versions Me, 98 SE, or 98.
- MS06-019: Critical - Entitled "Vulnerability in Microsoft Exchange Could Allow Remote Code Execution," this bulletin affects Microsoft Exchange Server 2000 and 2003. This update will change some of the permissions allowed within Microsoft Exchange Server by limiting users who send "on behalf of" another user. Exploitation of this flaw could allow a remote attacker to run malicious code on a vulnerable PC.
- MS06-020: Critical - Entitled "Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution," this bulletin affects all versions of Windows except Windows 2000 and Windows 2003 Server. Although Flash is a software product created by Adobe, versions of Flash have been distributed within versions of Windows 98, 98 SE, Me, and XP. If you are running Flash version 4.0.28, 5.0.44, or 6.0.79, you need to update with this patch. Adobe has an additional details in its own security bulletin.