******************************************************************** Title: Microsoft Security Bulletin Summary for June 2006 Issued: June 13, 2006 Version Number: 1.0 Bulletin: http://go.microsoft.com/fwlink/?LinkId=68324 ********************************************************************
Summary: ======== This advisory contains information about all security updates released this month. It is broken down by security bulletin severity.
Critical Security Bulletins ===========================
MS06-021 - Cumulative Security Update for Internet Explorer (916281)
- Affected Software: - Windows Server 2003 Service Pack 1 - Windows Server 2003 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 x64 Edition - Windows XP Service Pack 2 - Windows XP Service Pack 1 - Windows XP Professional x64 Edition - Windows 2000 Service Pack 4
- Review the FAQ section of bulletin MS06-021 for information about these operating systems: - Windows Millennium Edition (ME) - Windows 98 Second Edition (SE) - Windows 98
- Impact: Remote Code Execution - Version Number: 1.0
MS06-022 - Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)
- Affected Software: - Windows Server 2003 Service Pack 1 - Windows Server 2003 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 x64 Edition - Windows XP Service Pack 2 - Windows XP Service Pack 1 - Windows XP Professional x64 Edition - Windows 2000 Service Pack 4 with the Windows 2000 AOL Image Support Update
- Review the FAQ section of bulletin MS06-022 for information about these operating systems: - Windows Millennium Edition (ME) - Windows 98 Second Edition (SE) - Windows 98
- Impact: Remote Code Execution - Version Number: 1.0
MS06-023 - Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)
- Affected Software: - Windows Server 2003 Service Pack 1 - Windows Server 2003 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 x64 Edition - Windows XP Service Pack 2 - Windows XP Service Pack 1 - Windows XP Professional x64 Edition - Windows 2000 Service Pack 4
- Review the FAQ section of bulletin MS06-023 for information about these operating systems: - Windows Millennium Edition (ME) - Windows 98 Second Edition (SE) - Windows 98
- Impact: Remote Code Execution - Version Number: 1.0
MS06-024 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734)
- Affected Software: - Windows Media Player 10 - Windows Media Player 9 - Windows Media Player for XP - Windows Media Player 7.1
- Impact: Remote Code Execution - Version Number: 1.0
MS06-025 - Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)
- Affected Software: - Windows Server 2003 Service Pack 1 - Windows Server 2003 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 x64 Edition - Windows XP Service Pack 2 - Windows XP Service Pack 1 - Windows XP Professional x64 Edition - Windows 2000 Service Pack 4
- Impact: Remote Code Execution - Version Number: 1.0
MS06-026 - Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)
- Affected Software: - Windows Millennium Edition (ME) - Windows 98 Second Edition (SE) - Windows 98
- Impact: Remote Code Execution - Version Number: 1.0
MS06-027 - Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)
- Affected Software: - Word 2003 - Word Viewer 2003 - Word 2002 - Word 2000 - Works Suite 2006 - Works Suite 2005 - Works Suite 2004 - Works Suite 2003 - Works Suite 2002 - Works Suite 2001 - Works Suite 2000
- Impact: Remote Code Execution - Version Number: 1.0
MS06-028 - Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768)
- Affected Software: - PowerPoint 2003 - PowerPoint 2002 - PowerPoint 2000 - PowerPoint 2004 for Mac - PowerPoint v.X for Mac
- Impact: Remote Code Execution - Version Number: 1.0
Important Security Bulletins ============================
MS06-029 - Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)
- Affected Software: - Exchange Server 2003 Service Pack 2 - Exchange Server 2003 Service Pack 1 - Exchange 2000 Server Pack 3 with the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup
- Impact: Remote Code Execution - Version Number: 1.0
MS06-030 - Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)
- Affected Software: - Windows Server 2003 Service Pack 1 - Windows Server 2003 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 x64 Edition - Windows XP Service Pack 2 - Windows XP Service Pack 1 - Windows XP Professional x64 Edition - Windows 2000 Service Pack 4
- Impact: Elevation of Privilege - Version Number: 1.0
MS06-032 - Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)
- Affected Software: - Windows Server 2003 Service Pack 1 - Windows Server 2003 - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 x64 Edition - Windows XP Service Pack 2 - Windows XP Service Pack 1 - Windows XP Professional x64 Edition - Windows 2000 Service Pack 4
- Impact: Remote Code Execution - Version Number: 1.0
Moderate Security Bulletin ==========================
MS06-031 - Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736)
- Affected Software: - Windows 2000 Service Pack 4
- Impact: Spoofing - Version Number: 1.0