Wednesday, January 11, 2006

Windows XP and Microsoft Office Patches Released

Microsoft has published two security bulletins- MS06-002 and MS06-003-, reporting the availability of updates to resolve several vulnerabilities in Windows, Office and Exchange Server.

Bulletin MS06-002: offers information about an update resolving avulnerability allowing remote execution of code in Windows because of the way that it handles malformed embedded Web fonts. This security problem affects Windows 2000, Windows XP, Windows Server 2003, Windows 98 and Windows ME.

More information at: http://www.microsoft.com/technet/security/bulletin/ms06-002.mspx-

Bulletin MS06-003: refers to a remote code execution vulnerability in Microsoft Outlook and Microsoft Exchange Server because of the way that it decodes the TNEF MIME attachment. This could allow an attacker to take complete control of the system. It affects Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, and Exchange Server.

More information at: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

In addition, Microsoft published bulletin MS06-001 last Thursday, which refers to an update to resolve a problem in the processing of certain graphic files.

This bulletin is available at: http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx