This just came across my desk.

The purpose of this alert is to provide you with a summary of the Microsoft September 26 2006 Security Bulletin release.

 

New Security Bulletins for September 26 2006

 

Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:

 

MAXIMUM SEVERITY

BULLETIN NUMBER

PRODUCTS AFFECTED

IMPACT

Critical

MS06-055

Windows XP SP1/SP2/X64, Windows 2003/SP1/SP1 for Itanium/2003 for x64

Remote Code Execution

 

The summary for this bulletin can be found at the following page:

 

http://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx

 

Re-released Security Bulletins

 

In addition, Microsoft is re-releasing the following security bulletins

(NOTE: This list conains ONLY those products affected by the re-release and the severity of the vulnerability for those products affected by the re-release)

 

 

MAXIMUM SEVERITY RATING

BULLETIN NUMBER

PRODUCTS AFFECTED (re-release only)

IMPACT

Important

MS06-049

Windows 2000 SP4

Elevation of Privilege

 

Information on these re-released bulletins may be found at the following pages:

http://www.microsoft.com/technet/security/Bulletin/MS06-049.mspx

 

Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.

 

 

TechNet Webcast: Information about Microsoft's 26 September 2006 Security Bulletins (Level 100)

Wednesday, September 27, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)

 http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032311209&Culture=en-US

 

================================================

Security Bulletin Details

================================================

 

MS06-055

 

Title:  Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)

 

Affected Software:

  • Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  • Microsoft Windows Server 2003 x64 Edition

 

Affected Components:

  • Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
  • Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4

 

Impact of Vulnerability:  Remote Code Execution

 

Maximum Severity Rating:  Critical

 

Restart required:  Maybe, if the file is in use.  See KB Article 887012 at http://support.microsoft.com/kb/887012

 

Update can be uninstalled:  Yes, Add or Remove Programs

 

More information on this vulnerability is available at: http://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx

**********************************************************************

 

Re-Release Information:

 

MS06-049

 

Title:  Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)

 

Affected Software (re-release only):

  • Microsoft Windows 2000 Service Pack 4

 

Impact of Vulnerability:  Elevation of Privilege

 

Maximum Severity Rating:  Important

 

Reason for Re-release:

The update has been revised and re-released for Microsoft Windows 2000 Service Pack 4 to address issues identified in Microsoft Knowledge Base Article 920958.

 

More information on this re-released bulletin is available at: http://www.microsoft.com/technet/security/bulletin/MS06-049.mspx

Cheers, Jeffa