SkiifGeek's Journal: Microsoft (Multiple) - Remote Hacker Automatic Control

-- Products Affected --
        Windows 2000, XP, 2003
        Internet Explorer
        Microsoft Office 2000, XP (2002), 2003, 2004, v.X

        -- Technical Description --
        MS06-066 - Memory corruption leading to arbitrary code execution and Denial of Service in Netware Client Services. Moderate
        MS06-067 - ActiveX (DirectAnimation) and HTML rendering memory corruption leading to arbitrary code execution with Internet Explorer. Patch also sets the ActiveX killbit on the control associated with WinZip 10.0, and permanently sets the ActiveX activation setting to 'notify before use', in line with the change attempted earlier this year. Exploits have been circulating for some time. Critical
        MS06-068 - Microsoft Agent (which includes Clippy) contains a buffer overflow that can lead to arbitrary code execution. Although this is ActiveX related and can be activated from Internet Explorer, Microsoft have not linked it to MS06-067. Critical
        MS06-069 - Adobe Flash Player (formerly Macromedia Flash Player) has several vulnerabilities that can lead to a buffer overflow condition and arbitrary code execution. Critical
        MS06-070 - Workstation service has a buffer overflow that can lead to arbitrary code execution. Critical
        MS06-071 - XML Core Services (XMLHTTP ActiveX object) has a vulnerability that leads to arbitrary code execution. Critical

        -- Description --
        Microsoft have issued six patches for the November Security Patch Update. All but one of the patches are rated as Critical, but all patches address serious vulnerabilities that allow an attacker to take complete control of a vulnerable system. Users and administrators should be aware that Microsoft has ceased supporting Windows systems derived from the 9x kernel (95, 98, ME), and have also ceased supporting the Windows XP SP1 system. Exploits have been circulating, with detailed source code, for a number of the patched vulnerabilities, so it is considered essential that patches are applied as soon as possible.

        -- Recommended Action --
        Apply the numerous patches from Microsoft at the earliest opportunity.

        -- Source --
        Multiple, including
        feed://blogs.technet.com/msrc/atom.xml
        http://www.beskerming.com/premium/patch_pack.html
        http://store.eSellerate.net/s.asp?s=STR3448907936&Cmd=BUY&SKURefnum=SKU10225855655
        http://www.microsoft.com/technet/security/Bulletin/MS06-066.mspx
        http://www.microsoft.com/technet/security/Bulletin/MS06-067.mspx
        http://www.microsoft.com/technet/security/Bulletin/MS06-068.mspx
        http://www.microsoft.com/technet/security/Bulletin/MS06-069.mspx
        http://www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
        http://www.microsoft.com/technet/security/Bulletin/MS06-071.mspx

        -- Threat Matrix --
                        U O
        Home User 10 10 (Highly Critical)
        Corporate 10 10 (Highly Critical)