Thursday, May 11, 2006

Microsoft Releases 3 New Security Bulletins

On May 9th, Microsoft released three new security bulletins, two of which are rated critical and one rated as moderate on the company's security rating scale.

Below is more detail regarding the new Microsoft Security Bulletins:

MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)
Severity: Moderate
http://www.microsoft.com/technet/security/Bulletin/MS06-018.mspx

MS06-019: Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS06-019.mspx

**MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS06-020.mspx

MSRT-001: Malicious Software Removal Tool (May Update) http://www.microsoft.com/security/malwareremove/default.mspx

Additional information about these bulletins can be found on Microsoft's TechNet Web Site at http://www.microsoft.com/technet/security/bulletin/ms06-May.mspx. Additional details on these bulletins can also be found on Shavlik Technologies'
president and CEO Mark Shavlik's blog at heres the update

Shavlik Technologies recommends installation of these patches as soon as possible in order to ensure networks are secure. Deployment is simple with Shavlik NetChk Protect, our integrated patch and spyware management solution. Manage two of the most persistent network security risks through one console! For more information about Shavlik NetChk Protect, or to sign up for a free Webinar, click http://www.shavlik.com/netchk-protect.aspx.

**MS06-020 is a patch for Macromedia Flash versions 5 and 6. The patch from Microsoft will bring an XP SP1 or SP SP2 system running Flash 5 or Flash 6 up to the latest version of Flash 6. Flash 5 and Flash 6 on other OSes may still be vulnerable but Microsoft has not released patches for these other Operating Systems. In these instances, Shavlik recommends installing the patches from Adobe/Macromedia (discussed below).

Shavlik has updated the patch scan engine to detect Macromedia Flash as a product. Customers running Shavlik HFNetChkPro or Protect versions 5.5 or
5.6 will automatically receive the new scan engine during the next scan.
For 5.5 and 5.6 customers, the 06-020 patch will appear under the new product heading 'Macromedia Flash'.

For 5.1 and earlier customers, MS06-020 will not appear in the scan results.
Instead, you can remediate the vulnerability discussed in MS06-020 by installing either the APSB-0603 patch in the Shavlik database. (You may need to install MPSB-0507 before you can scan for and install APSB-0603)

The Flash patch from Microsoft does NOT patch Flash 5 or Flash 6 if installed on XP Gold, NT4, Windows 2000, or Windows Server 2003. If you are running Flash 5 or Flash 6 on any of these systems, they will be scanned and can be patched via the Operating System patch APSB-0603. By installing this patch, you will be able to protect yourself from the vulnerability in MS06-020 (even though MS hasn't released patches for these platforms).

In summary, no matter what version of the Shavlik console you are running, you can remediate the MS06-020 vulnerability on ALL of your OSes via the application of either MS06-020 or APSB-0507.

Shavlik recommends upgrading to version 5.6 to get the latest enhancements to the Shavlik scan engine, including support for Macromedia Flash.


Posted by: Jamie Rochfort | 11:11 PM |