ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Desktop platforms Toolkit in association with http://ad.doubleclick.net/clk;205413468;14699245;m?http://adfarm.mediaplex.com/ad/ck/2397-58840-22058-14

Microsoft's February security bulletins

John McCormick

Published: 21 Feb 2006 14:30 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

...2003 disables the Web Client Service by default.

Fix
Install the update. As a workaround, disable the Web Client Service in Windows XP. (To do so, go to Control Panel | Administrative Tools | Services | WebClient.) Blocking TCP Ports 139 and 445 will also stop some attacks.

MS06-009
Microsoft Security Bulletin MS06-009, Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege, addresses the Korean IME vulnerability (CVE-2006-0008). This is a newly disclosed threat, and no exploits have appeared in the wild.

Applicability
While this threat affects a variety of Microsoft software, it only affects the Korean language version of these applications. Read the entire security bulletin for more details.

Risk level
This is an important threat for all affected versions.

Mitigating factors
In addition to only affecting the Korean language versions, there's a variety of mitigating factors. See the security bulletin for more details.

Fix
Install the update. A variety of Microsoft-approved workarounds are available, including blocking TCP port 3389 at the enterprise perimeter firewall.

MS06-010
Microsoft Security Bulletin MS06-010, Vulnerability in PowerPoint 2000 Could Allow Information Disclosure, also fixes a threat that affects only a small amount of users. This update addresses the PowerPoint Temporary Internet Files Information Disclosure vulnerability (CVE-2006-0004). This is a newly disclosed threat, and no exploits have appeared in the wild.

Applicability
This only affects PowerPoint 2000, which is part of Microsoft Office 2000 Service Pack 3. This threat doesn't affect any other versions of PowerPoint.

Risk level
Microsoft has rated this an important threat.

Mitigating factors
In addition to only affecting one version of PowerPoint, potential attackers would have to convince users to visit a malicious Web site or open a suspicious email.

Fix
Install the update. Some Microsoft-approved workarounds are available. Read the entire security bulletin for more details.

Final word
Is anyone out there still using IE 5.01? If so, it really is time to upgrade — not just install the MS06-004 patch. Likewise, the other critical bulletin shouldn't be much threat to computers in a corporate environment.

Next

Previous

1 2 3 4


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
210 out of 489 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

1 comment

  1. I would like to know why we call the bulletins "Se... Leslie Satenstein

More In Desktop platforms


Company/Topic Alerts

Create a new alert from the list below:








Related Jobs

Senior 2nd Line Support Engineer, Technical Support / Service Engineer

Software Engineer - Security

IT Support Analyst

Desktop Management Benchmarking

Test Your Desktop Management Systems

How good are your company's desktop management solutions? How do they compare with those of your peers?

Take two minutes to complete our new Desktop Management and Energy Consumption benchmark, and find out what issues your business needs to focus on.