September 2006 | Tony Bradley

September 2006

by Tony Bradley • September 2, 2006 • 2006
September was a relatively light month for Security Bulletins from Microsoft. There are only three new bulletins, and only one of them is rated as Critical (one is Moderate, and the third is Important). The Critical Security Bulletin is MS06-054 which relates to a vulnerability in Microsoft Publisher that could allow an attacker to execute malicious code remotely on vulnerable systems.

To view a summary of the September bulletins, visit Microsoft Security Bulletin Summary for September, 2006. Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. You can also visit Windows Update to automatically determine what patches or updates your system needs.
- Microsoft Security Bulletin MS06-052
  Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution
  Microsoft Criticality: Important
  - http://www.microsoft.com/technet/security/bulletin/ms06-052.mspx
- Microsoft Security Bulletin MS06-053
  Vulnerability in Indexing Service Could Allow Cross-Site Scripting
  Microsoft Criticality: Moderate
  - http://www.microsoft.com/technet/security/bulletin/ms06-053.mspx
- Microsoft Security Bulletin MS06-054
  Vulnerability in Microsoft Publisher Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  - http://www.microsoft.com/technet/security/bulletin/ms06-054.mspx
- NOTE: This Security Bulletin and patch were released out-of cycle, on September 26, 2006 to address a zero-day exploit that was already being executed in the wild.
  Microsoft Security Bulletin MS06-055
  Vulnerability in Vector Markup Language Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  - http://www.microsoft.com/technet/security/bulletin/ms06-055.mspx
Tags: attacker, Bulletin, Bulletins, Click, code, could allow remote code execution, critical security, criticality, Execution, General Multicast, Important, indexing service, malicious code, Microsoft, microsoft publisher, microsoft security bulletin, microsoft security bulletins, Moderate, month, mspx, multicast, patches, pgm, Publisher, remote, remote code execution microsoft, security, September, summary, system, technet security, third, vector markup language, visit, vulnerability, vulnerable systems, zero day, zero day exploit
About Tony Bradley

Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

http://www.tonybradley.com
My Sites
Testimonials
“Tony is a talented writer with a broad background in the area of information security. He has a produced a rather impressive body of work on the subject.”
Stuart Caitlin
BT
Twitter
- Facebook marketing may not be worth it for GM's $10 million, but that doesn't mean that Facebook ads don't work. It… https://t.co/4ilENa2T about 23 hours ago from ManageFlitter Reply Retweet Favorite
- Why Facebook Marketing Doesn't Work for GM. http://t.co/WN0RBkxa about 23 hours ago from TweetDeck Reply Retweet Favorite
- New and Improved SkyDrive Is a Threat to Dropbox. http://t.co/7pblpuQ7 01:58:01 PM May 16, 2012 from web Reply Retweet Favorite
@thetonybradley
Facebook

Tony Bradley on Facebook