Tuesday, February 07, 2012
Register  Login
  Our sponsors   
  Users currently online   
Membership Membership:
Latest New User Latest: kevin
New Today New Today: 0
New Yesterday New Yesterday: 0
User Count Overall: 56
People Online People Online:
Visitors Visitors: 4
Members Members: 0
Total Total: 4
Online Now Online Now:
Wizardwrx
Viruswarn banner
you are here: Forums  Search

Welcome to the Viruswarning forums.  All your original content has been ported to the new forums as  well as new content and additional opportunities to interact with the authors of Viruswarn.com.  You can always access old content at www.leedrake.com/forum .  You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....

But at least it's all here.

Enjoy!
  Viruswarn Forums
Forums > Viruswarning Forum > Viruswarning archive
Subject: November 2006 Patch Tuesday

You are not authorized to post a reply.   
Author Messages
Lee Drake
Posts:6
11/17/2006 9:48 AM  
What it is
 
New Microsoft Security updates are being pushed out to clients with the November 14th updates.  These are in addition to the Microsoft Internet Explorer 7 update that is also being pushed out.   The patches address a variety of issues:
  • IE 6 update - If you have not already updated to IE7 Microsoft has released an update to IE 6 for a security vulnerability in IE6.  This update could allow a site to install spyware or malware on your machine without your knowledge.  If you haven't updated to IE7 this update is critical.  The update (MS06-067) addresses 3 different vulnerabilities in different parts of IE6 and before.  IE7 is not affected.
  • Microsoft Agent vulnerability - Again this vulnerability could allow spyware or malware to be introduced to your machien - regardless of the version of IE you are running.  (MS06-068)
  • Flash player vulnerabilty - millions of sites use Adobe Flash player.  Microsoft has found an issue with Flash version 6 that could allow a user to have spyware or malware installed on their machine through a specially crafted flash file.  Since flash player ships with some versions of Windows this patch is being sent out with the security releases - it is actually a patch for flash, not Windows.  If you have updated Flash already to version 9.0.16.0 per the Adobe Security bulletin APSB06-11 then this patch is not needed and won't be applied.  If you have not updated this will update your flash player to eliminate the vulnerability.(MS06-069)
  • A vulnerability exists in the Windows Workstation service that could allow a worm (Similar to Blaster) to spread throughout unprotected windows workstations (does not apply to servers).  This vulnerability is reduced if you run windows behind a firewall - but it still should be patched.  (MS06-070)
  • A vulnerability in XML core services (MS06-071) could allow an attacker to gain remote control over your machine.  Since XML core services isn't installed on everyone's machine this patch may or may not present itself for your particular configuration.  Typically the core services activeX control is installed as part of an internet enabled dabase application.
  • Two vulnerabilities exists in client services for netware that could allow a remote attacker to take over your machine.  Client services for netware is not installed by default on a machine - and is usually replaced by a full netware client.  The full netware client is not affected.  (MS06-066).  Since client services for netware isn't installed on every machine this item is rated important rather than critical. If you have the service installed however you should consider it a critical update.
  • Updates to the Microsoft Outlook junk mail filter - users of Outlook 2003 will have their junk mail filter automatically updated.  We strongly recommend upgrading to Outlook 2003 to take advantage of it's excellent spam filter.
  • Installation and running of the Microsoft Malicious software removal tool
 
What you should do
 
Run the full Windows Update located at http://update.microsoft.com .  If this screen offers you the opportunity to upgrade to the full Microsoft Update - please do so.  This will allow office updates to be pushed down to your machine in the same round as windows updates (for Office 2003), increasing your protection.
 
Further references
 
Security bulletin technical overview: http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx (includes lists of affected software)
 
 

logo120x120.gif 

www.os-cubed.com
ldrake@os-cubed.com

Lee Drake
OS-Cubed, Inc.
274 North Goodman St. Suite A401
Rochester, NY 14607

Main: 585-756-2444  
Cell: 585-509-0284
Fax: 585-756-2443

  
You are not authorized to post a reply.
Forums > Viruswarning Forum > Viruswarning archive > November 2006 Patch Tuesday


ActiveForums 3.6
  Register or Login


Forgot Password ?
Copyright 2006 by OS-Cubed, Inc.   Terms Of Use  Privacy Statement