[IS&T Security-FYI] Critical Microsoft Updates Released Nov. 14
Monique Yeaton
myeaton at MIT.EDU
Thu Nov 16 12:08:26 EST 2006
One correction ... MIT WAUS has deployed the latest patches as of
yesterday afternoon, 11/15/2006.
Monique
On Nov 16, 2006, at 10:27 AM, Monique Yeaton wrote:
>
> ------------------------
>
> **Microsoft Updates are Released for Critical Vulnerabilities found
> in Windows machines**
>
> The Bulletin Summary Microsoft released this week concerns Security
> Bulletins MS06-066 through MS06-071, five of which are listed as
> Critical and one that is rated as Important.
>
> <http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx>
>
> Of most concern to the MIT community is MS06-070, a Workstation
> Service Memory Corruption Vulnerability. It can affect some pre-
> Windows XP SP2 machines as well XP SP2 machines that can be accessed
> with administrative privilege. Server 2003 is not vulnerable.
>
> Firewall best practices and standard default firewall configurations
> can help protect networks from attacks that originate outside the
> enterprise parameter. Best practices recommend that systems that are
> connected to the Internet have a minimal number of ports exposed.
>
> Updates have been posted online or are automatically downloaded
> through Microsoft's Automatic Update Service. If you use MIT's local
> Windows Automatic Update Service (WAUS), the Windows updates will be
> downloaded after the necessary testing.
>
> Download the update for Windows 2000:
> http://www.microsoft.com/downloads/details.aspx?familyid=3ad5c57d-
> d3f6-46a1-8dee-3e16d0977f80&displaylang=en
>
> Download the update for Windows XP:
> http://www.microsoft.com/downloads/details.aspx?
> familyid=f4c8e767-4ed2-4e36-aa43-612f3017efc7&displaylang=en
>
> ----------------
>
> The Microsoft updates address 6 different vulnerabilities in
>
> -Windows 2000 and XP2
> -Internet Explorer
> -Macromedia Flash Player
> -Microsoft Agent
> -Microsoft XML core Service
> -Client Service for NetWare.
>
> To download all of the updates manually:
> Visit Windows Update <http://go.microsoft.com/?LinkID=275655> and
> click "Scan for updates."
>
> Visit the Protect your PC site <http://go.microsoft.com/?
> LinkID=263669> to learn how to have the latest security updates
> delivered directly to your computer.
>
> The very best first line of defense against vulnerabilities is to
> take Microsoft patches automatically whenever feasible. We want to
> thank everyone who already uses Microsoft's Automatic Update Service
> or MIT's local Windows Automatic Update Service.
>
> ----------------
>
> Resources:
>
> Nov 2006 Bulletin Summary, which includes details of each of the
> vulnerabilities: <http://www.microsoft.com/technet/security/bulletin/
> ms06-nov.mspx>
>
>
> Monique Yeaton
> IT Security Awareness Consultant
> MIT Information Services & Technology (IS&T)
> N42-040, tel: (617) 253-2715
>
>
>
> _______________________________________________
> ist-security-fyi mailing list
> ist-security-fyi at mit.edu
> http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
More information about the ist-security-fyi
mailing list