Search:

August 2006

12 Microsoft Security Advisories: MS06-040 - MS06-051

ID: 00542
Ref: 521/2006
Date: 09 August 2006:14:22:41
Version: 1

Title: 12 Microsoft Security Advisories: MS06-040 - MS06-051
Abstract: 12 Microsoft Security Advisories: MS06-040 - MS06-051
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft

Title
=====

12 Microsoft Security Advisories: MS06-040 - MS06-051

Detail
======

1.

Bulletin Identifier: Microsoft Security Bulletin MS06-040

Bulletin Title: Vulnerability in Server Service Could Allow Remote Code Execution (921883)
Executive Summary: This update resolves several vulnerabilities in the Server service that
could allow remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx

2.

Bulletin Identifier Microsoft Security Bulletin MS06-041

Bulletin Title: Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)
Executive Summary: This update resolves several vulnerabilities in the DNS service that
could allow remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-041.mspx

3.

Bulletin Identifier Microsoft Security Bulletin MS06-042

Bulletin Title: Cumulative Security Update for Internet Explorer (918899)

Executive Summary: This update resolves several vulnerabilities in Internet Explorer that
could allow remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx

4.

Bulletin Identifier Microsoft Security Bulletin MS06-043

Bulletin Title: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)

Executive Summary: This update resolves a vulnerability in Outlook Express that could allow
remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-043.mspx

5.

Bulletin Identifier Microsoft Security Bulletin MS06-044

Bulletin Title: Vulnerability in Microsoft Management Console Could Allow Remote Code Execution
(917008)

Executive Summary: This update resolves a vulnerability in the Microsoft Management Console that
could allow remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-044.mspx

6.

Bulletin Identifier Microsoft Security Bulletin MS06-045

Bulletin Title: Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)

Executive Summary: This update resolves a vulnerability in Windows Explorer that could allow
remote code execution.

Maximum Severity Rating: Important

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-045.mspx

7.

Bulletin Identifier Microsoft Security Bulletin MS06-046

Bulletin Title: Vulnerability in HTML Help Could Allow Remote Code Execution (922616)

Executive Summary: This update resolves several vulnerabilities in HTML Help that could allow
remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-046.mspx

8.

Bulletin Identifier Microsoft Security Bulletin MS06-047

Bulletin Title: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote
Code Execution (921645)

Executive Summary: This update resolves a vulnerability in Visual Basic for Applications
that could allow remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Office 2000 Service Pack 3
# Microsoft Project 2000 Service Release 1
# Microsoft Access 2000 Runtime Service Pack 3
# Microsoft Office XP Service Pack 3
# Microsoft Project 2002 Service Pack 1
# Microsoft Visio 2002 Service Pack 2
# Microsoft Works Suite 2004, 2005, 2006
# Microsoft Visual Basic for Applications SDK 6.0, 6.2, 6.3, 6.4

URL: http://www.microsoft.com/technet/security/bulletin/ms06-047.mspx

9.

Bulletin Identifier Microsoft Security Bulletin MS06-048

Bulletin Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)

Executive Summary: This update resolves two vulnerabilities in PowerPoint that could allow
remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
Microsoft Office 2000 Service Pack 3
# Microsoft PowerPoint 2000
Microsoft Office XP Service Pack 3
# Microsoft PowerPoint 2002
Microsoft Office 2003 Service Pack 1 or Service Pack 2
# Microsoft Office PowerPoint 2003
Microsoft Office 2004 for Mac
# PowerPoint 2004 for Mac
Microsoft Office v. X for Mac
# PowerPoint 2004 v. X for Mac

URL: http://www.microsoft.com/technet/security/bulletin/ms06-048.mspx

10.

Bulletin Identifier Microsoft Security Bulletin MS06-049

Bulletin Title: Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)

Executive Summary: This update resolves several vulnerabilities in the Windows kernel that could
allow elevation of privilege.

Maximum Severity Rating: Important

Impact of Vulnerability: Elevation of Privilege

Affected Software:

Microsoft Windows 2000 Service Pack 4

URL: http://www.microsoft.com/technet/security/bulletin/ms06-049.mspx

11.

Bulletin Identifier Microsoft Security Bulletin MS06-050

Bulletin Title: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote
Code Execution (920670)

Executive Summary: This update resolves two vulnerabilities in the hyperlink object library that
could allow remote code execution. User interaction is required for an attacker to exploit these
vulnerabilities.

Maximum Severity Rating: Important

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-050.mspx

12.

Bulletin Identifier Microsoft Security Bulletin MS06-051

Bulletin Title: Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)

Executive Summary: This update resolves several vulnerabilities in the Windows kernel that could
allow remote code execution.

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Affected Software:
# Microsoft Windows 2000 Service Pack 4
# Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
# Microsoft Windows XP Professional x64 Edition
# Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
# Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003
with SP1 for Itanium-based Systems
# Microsoft Windows Server 2003 x64 Edition

URL: http://www.microsoft.com/technet/security/bulletin/ms06-051.mspx