Microsoft Security Bulletin Summary for October, 2006

Microsoft Security Bulletin Summary for October, 2006
Published: October 10, 2006

Critical (6)
Microsoft Security Bulletin MS06-057
Vulnerability in Windows Explorer Could Allow Remote Execution (923191)
Published: October 10, 2006
http://www.microsoft.com/technet/security/bulletin/ms06-057.mspx


Microsoft Security Bulletin MS06-058
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)
Published: October 10, 2006
http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx

Microsoft Security Bulletin MS06-059
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
Published: October 10, 2006
http://www.microsoft.com/technet/security/Bulletin/MS06-059.mspx

Microsoft Security Bulletin MS06-060
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
Published: October 10, 2006
http://www.microsoft.com/technet/security/Bulletin/MS06-060.mspx

Microsoft Security Bulletin MS06-055
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
Published: September 26, 2006 | Updated: October 5, 2006
http://www.microsoft.com/technet/security/Bulletin/ms06-055.mspx

Microsoft Security Bulletin MS06-062
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
Published: October 10, 2006
http://www.microsoft.com/technet/security/Bulletin/MS06-062.mspx

Important (1)
Microsoft Security Bulletin MS06-063
Vulnerability in Server Service Could Allow Denial of Service (923414)
Published: October 10, 2006
http://www.microsoft.com/technet/security/bulletin/ms06-063.mspx

Moderate (2)
Microsoft Security Bulletin MS06-056
Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)
Published: October 10, 2006
http://www.microsoft.com/technet/security/Bulletin/MS06-056.mspx

Microsoft Security Bulletin MS06-065
Vulnerability in Windows Object Packager Could Allow Remote Execution (924496)
Published: October 10, 2006
http://www.microsoft.com/technet/security/bulletin/ms06-065.mspx

Low (1)
Microsoft Security Bulletin MS06-064
Vulnerabilities in TCP/IP Could Allow Denial of Service (922819)
http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx


This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Webcast
Microsoft will host a webcast tomorrow. The webcast focuses on addressing your questions and concerns about the security bulletins. Therefore, most of the live webcast is aimed at giving you the opportunity to ask questions and get answers from their security experts.

Start Time: Wednesday, october 11th, 2006 11:00 AM Pacific Time (US & Canada)
End Time: Wednesday, october 11th, 2006 12:00 PM Pacific Time (US & Canada)

Presenter: Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Just a brief update on some latest news just in with regards the Microsoft Security Bulletin Summary for October, 2006

Due to some network issues experienced on the Microsoft Update platform, the October security updates released today are not yet currently available via:

Microsoft Update
Automatic Updates
Windows Server Update Services (WSUS)
Windows Update v6
To be clear, it’s a delay due to the networking for these systems: there are no issues with the security updates themselves. Also, this issue doesn’t affect customers using Software Update Services (SUS), Windows Update v4 or Office Update.

Those of you affected by this delay who want to deploy the updates immediately can go ahead and download and deploy these updates manually by visiting http://www.microsoft.com/technet/security for the list of bulletins released today and then downloading the updates directly from the links in the bulletin.

Technical teams are engaged and have been working around the clock to resolve this problem and we anticipate that updates will be made available via the Microsoft Update platform by end of today October 10th.

We will post an update when the situation has been resolved and the updates are again available via this distribution channel.

-Craig
http://blogs.technet.com/msrc/archive/2006/10/10/October-2006-Bulletin-Release.aspx