January 2006
Prior to 2006 even beginning, an exploit was circulating in the wild for a zero-day exploit of a vulnerability in the way Windows renders WMF image files. The ease with which the exploit could be executed without any user intervention caused a great deal of concern among network administrators and security experts. Last week, Microsoft released the patch for the WMF vulnerability, discussed in Security Bulletin MS06-001 below, ahead of schedule to address the urgent issue. The other two bulletins for January are also rated as Critical however and users should be aware of the risks and apply any appropriate patches to protect their systems.
To view a summary of the January bulletins, visit Microsoft Security Bulletin Summary for January, 2006. Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. You can also visit Windows Update to automatically determine what patches or updates your system needs.
- Microsoft Security Bulletin MS06-001
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
Microsoft Criticality: Critical - Microsoft Security Bulletin MS06-002
Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution
Microsoft Criticality: Critical - Microsoft Security Bulletin MS06-003
Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution
Microsoft Criticality: Critical