IRIS

Instructional & Research Information Systems

EECS

Microsoft Security Bulletin Summary for June 2006

by 

********************************************************************
Title: Microsoft Security Bulletin Summary for June 2006
Issued: June 13, 2006
Version Number: 1.0
Bulletin: http://go.microsoft.com/fwlink/?LinkId=68324
********************************************************************



Summary:
========
This advisory contains information about all security updates
released this month. It is broken down by security bulletin severity.



Critical Security Bulletins
===========================



MS06-021 - Cumulative Security Update for Internet Explorer (916281)



- Affected Software:
- Windows Server 2003 Service Pack 1
- Windows Server 2003
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Windows XP Service Pack 2
- Windows XP Service Pack 1
- Windows XP Professional x64 Edition
- Windows 2000 Service Pack 4



- Review the FAQ section of bulletin MS06-021 for information
about these operating systems:
- Windows Millennium Edition (ME)
- Windows 98 Second Edition (SE)
- Windows 98



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-022 - Vulnerability in ART Image Rendering Could Allow Remote
Code Execution (918439)



- Affected Software:
- Windows Server 2003 Service Pack 1
- Windows Server 2003
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Windows XP Service Pack 2
- Windows XP Service Pack 1
- Windows XP Professional x64 Edition
- Windows 2000 Service Pack 4 with the Windows 2000 AOL Image
Support Update



- Review the FAQ section of bulletin MS06-022 for information
about these operating systems:
- Windows Millennium Edition (ME)
- Windows 98 Second Edition (SE)
- Windows 98



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-023 - Vulnerability in Microsoft JScript Could Allow Remote
Code Execution (917344)



- Affected Software:
- Windows Server 2003 Service Pack 1
- Windows Server 2003
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Windows XP Service Pack 2
- Windows XP Service Pack 1
- Windows XP Professional x64 Edition
- Windows 2000 Service Pack 4



- Review the FAQ section of bulletin MS06-023 for information
about these operating systems:
- Windows Millennium Edition (ME)
- Windows 98 Second Edition (SE)
- Windows 98



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-024 - Vulnerability in Windows Media Player Could Allow Remote
Code Execution (917734)



- Affected Software:
- Windows Media Player 10
- Windows Media Player 9
- Windows Media Player for XP
- Windows Media Player 7.1



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-025 - Vulnerability in Routing and Remote Access Could Allow
Remote Code Execution (911280)



- Affected Software:
- Windows Server 2003 Service Pack 1
- Windows Server 2003
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Windows XP Service Pack 2
- Windows XP Service Pack 1
- Windows XP Professional x64 Edition
- Windows 2000 Service Pack 4



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-026 - Vulnerability in Graphics Rendering Engine Could Allow
Remote Code Execution (918547)



- Affected Software:
- Windows Millennium Edition (ME)
- Windows 98 Second Edition (SE)
- Windows 98






- Impact: Remote Code Execution
- Version Number: 1.0






MS06-027 - Vulnerability in Microsoft Word Could Allow Remote Code
Execution (917336)



- Affected Software:
- Word 2003
- Word Viewer 2003
- Word 2002
- Word 2000
- Works Suite 2006
- Works Suite 2005
- Works Suite 2004
- Works Suite 2003
- Works Suite 2002
- Works Suite 2001
- Works Suite 2000



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-028 - Vulnerability in Microsoft PowerPoint Could Allow Remote
Code Execution (916768)



- Affected Software:
- PowerPoint 2003
- PowerPoint 2002
- PowerPoint 2000
- PowerPoint 2004 for Mac
- PowerPoint v.X for Mac



- Impact: Remote Code Execution
- Version Number: 1.0






Important Security Bulletins
============================



MS06-029 - Vulnerability in Microsoft Exchange Server Running
Outlook Web Access Could Allow Script Injection (912442)



- Affected Software:
- Exchange Server 2003 Service Pack 2
- Exchange Server 2003 Service Pack 1
- Exchange 2000 Server Pack 3 with the August 2004 Exchange 2000
Server Post-Service Pack 3 Update Rollup



- Impact: Remote Code Execution
- Version Number: 1.0






MS06-030 - Vulnerability in Server Message Block Could Allow
Elevation of Privilege (914389)



- Affected Software:
- Windows Server 2003 Service Pack 1
- Windows Server 2003
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Windows XP Service Pack 2
- Windows XP Service Pack 1
- Windows XP Professional x64 Edition
- Windows 2000 Service Pack 4



- Impact: Elevation of Privilege
- Version Number: 1.0



MS06-032 - Vulnerability in TCP/IP Could Allow Remote Code Execution
(917953)



- Affected Software:
- Windows Server 2003 Service Pack 1
- Windows Server 2003
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Windows XP Service Pack 2
- Windows XP Service Pack 1
- Windows XP Professional x64 Edition
- Windows 2000 Service Pack 4



- Impact: Remote Code Execution
- Version Number: 1.0






Moderate Security Bulletin
==========================



MS06-031 - Vulnerability in RPC Mutual Authentication Could Allow
Spoofing (917736)



- Affected Software:
- Windows 2000 Service Pack 4



- Impact: Spoofing
- Version Number: 1.0