January 2006 | Tony Bradley

January 2006

by Tony Bradley • January 2, 2006 • 2006
Prior to 2006 even beginning, an exploit was circulating in the wild for a zero-day exploit of a vulnerability in the way Windows renders WMF image files. The ease with which the exploit could be executed without any user intervention caused a great deal of concern among network administrators and security experts. Last week, Microsoft released the patch for the WMF vulnerability, discussed in Security Bulletin MS06-001 below, ahead of schedule to address the urgent issue. The other two bulletins for January are also rated as Critical however and users should be aware of the risks and apply any appropriate patches to protect their systems.

To view a summary of the January bulletins, visit Microsoft Security Bulletin Summary for January, 2006. Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. You can also visit Windows Update to automatically determine what patches or updates your system needs.
- Microsoft Security Bulletin MS06-001
  Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  - http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
- Microsoft Security Bulletin MS06-002
  Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  - http://www.microsoft.com/technet/security/bulletin/ms06-002.mspx
- Microsoft Security Bulletin MS06-003
  Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  - http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx
Tags: Bulletin, code, concern, could allow remote code execution, criticality, deal, ease, Execution, exploit, image, intervention, January, Microsoft, microsoft exchange, microsoft outlook, microsoft security bulletin, microsoft security bulletins, mspx, network administrators, patches, remote, remote code execution microsoft, security, security experts, summary, system, technet security, user, vulnerability, way, web fonts, windows, WMF, wmf vulnerability, zero day
About Tony Bradley

Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

http://www.tonybradley.com
My Sites
Testimonials
“Tony Bradley is an expert in information security and a skilled writer. He has the unique ability among information security professionals to be able to take complex information technology and security subjects and translate them into terms that average users can understand and apply.”
Ben Rothke
BT
Twitter
- Facebook marketing may not be worth it for GM's $10 million, but that doesn't mean that Facebook ads don't work. It… https://t.co/4ilENa2T about 23 hours ago from ManageFlitter Reply Retweet Favorite
- Why Facebook Marketing Doesn't Work for GM. http://t.co/WN0RBkxa about 23 hours ago from TweetDeck Reply Retweet Favorite
- New and Improved SkyDrive Is a Threat to Dropbox. http://t.co/7pblpuQ7 01:58:01 PM May 16, 2012 from web Reply Retweet Favorite
@thetonybradley
Facebook

Tony Bradley on Facebook