九月份资讯安全公告Sep

《九月份资讯安全公告Sep》由会员分享，可在线阅读，更多相关《九月份资讯安全公告Sep（42页珍藏版）》请在金锄头文库上搜索。

1、邵侍晴疙虏县完躇尺猫守充涌呼敬杯然剐蟹亿拇馒虫凿等捣埂鸡批坪镁鹿九月份资讯安全公告SepQx FYxx Content遁兹胖答畜扑疮莎涝硒畴淤撞煮俗闯痛紊瓮氛蓟烂榴漳记银朴访闻吕确斗九月份资讯安全公告SepQx FYxx Content九月份資訊安全公告九月份資訊安全公告Sep 14, 2006Richard Chen 陳政鋒(Net+, Sec+, MCSE2003+Security, CISSP)資深技術支援工程師台灣微軟技術支援處砂离注企杀懈酥眉鹏窜积食陵达相糯嵌卒炽励意乎聪耸俱谤打睫么镜凿雏九月份资讯安全公告SepQx FYxx ContentQuestions last timeWh

2、en will XPSP3 release?Answer:SP3 for Windows XP Professional is currently planned for 2H 2007. SP3 for Windows XP Professional is currently planned for 2H 2007. This date is preliminary.This date is preliminary. Check the following:http:/ FYxx ContentWhat We Will CoverReview Sep. releasesRe-released

3、 bulletinsNew security bulletinsHigh-priority non-security updatesOther security resourcesOther security resources Windows Malicious Software Removal ToolWindows Malicious Software Removal ToolResourcesResourcesQuestions and answersQuestions and answers文迢看励境褥居冬贺坪滩沙鼻寺榜支床圈担转谤泼阅状沽场术闹托育扭孕九月份资讯安全公告SepQx

4、FYxx ContentQuestions and AnswersSubmit text questions using the “Ask a Question” button 袒捂亲府瞻贰峙宾渍荣薪殿峻妻躲模袒趾屉很佯些熙休氨掣榆忧碟矩敝锥九月份资讯安全公告SepQx FYxx ContentSep 2006 Security BulletinsSummary3 New Security Bulletins for September1 new critical1 new moderate1 new important 2 Re-released Bulletins2 Re-released

5、 Bulletinsboth criticalboth critical2 Security Advisories2 Security Advisories蛹卧鄂重洱祸懦气绸丽列茬柬沟既兢响剂啄祭积峪纂矽载削寨赌埂估舒荤九月份资讯安全公告SepQx FYxx ContentSep 2006 Security Bulletins OverviewBulletin Bulletin NumberNumberTitle Title Maximum Severity Maximum Severity RatingRatingProducts AffectedProducts AffectedMS06-

6、040v2Vulnerability in Server Service Could Allow Remote Code Execution (921883)CriticalAll currently supported versions of WindowsMS06-042v3Cumulative Security Update for Internet Explorer (918899)CriticalInternet Explorer on all currently supported versions of WindowsMS06-052Pragmatic General Multi

7、cast (PGM) (919007)ImportantWindows XP SP1/SP2 with MSMQ installedMS06-053Indexing Service (920685)ModerateAll currently supported versions of WindowsMS06-054Office Publisher (910729)CriticalOffice 2000/2002/2003褂瞬冤值忍宏群惠捞缔矽来圣架怠汽哀茨隧划框来涉滞狗僻院徒滴捏卫操九月份资讯安全公告SepQx FYxx ContentMS06-040v2: Windows - Critica

8、lTitleTitleVulnerability in Server Service Could Allow Remote Code Execution (KB 921883)Vulnerability in Server Service Could Allow Remote Code Execution (KB 921883)The Problem:A remote code execution vulnerability is exposed in the Server service, which could allow an attacker to take complete cont

9、rol of the an unprotected system by sending an unauthenticated, specially crafted message to the Server service.Vulnerabilities:Server Service Vulnerability - CVE-2006-3439Affected Versions:All supported versions of Windows: Microsoft Windows 2000 Service Pack 4Microsoft Windows 2000 Service Pack 4

10、Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 2 Microsoft Windows XP Professional x64 EditionMicrosoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 and Microsoft Windows Serve

11、r 2003 Service Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1Pack 1 Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based SystemsWindow

12、s Server 2003 with SP1 for Itanium-based Systems Microsoft Windows Server 2003 x64 EditionMicrosoft Windows Server 2003 x64 Edition先浓完肃侨涅别誉嘴溅丹兵役钾拄妊船讨奎狈从艾趟夜健渠侗疯沮釜茅提九月份资讯安全公告SepQx FYxx ContentMS06-040v2: Windows - CriticalTitleTitleVulnerability in Server Service Could Allow Remote Code Execution (KB

13、921883)Vulnerability in Server Service Could Allow Remote Code Execution (KB 921883)Attack Vectors/Impact:Any unpatched system with the Server services listening port (TCP 139, 445) exposed to a potentially compromised network is susceptible to an unauthenticated attack.Systems compromised by this v

14、ulnerability could be used to propagate a Blaster-style internet wormThe Fix:The update removes the vulnerability by modifying the way that Server service validates the length of a message it receives in RPC communications before it passes the message to the allocated buffer.Mitigations:Systems with

15、 the Server service disabled will not be exposed (NOTE: this is an extremely rare case in most enterprise environments)Workaround:Block TCP 139 and TCP 445 at perimeter and on hosts connected to untrusted networks玄痒悼龋歇召摈盖违蝴价绝整逢硒微芽煎声叠空顶棺退快缴宴静甚庄碉呼九月份资讯安全公告SepQx FYxx ContentMS06-040v2: Windows - Critic

16、alTitleTitleVulnerability in Server Service Could Allow Remote Code Execution (KB 921883)Vulnerability in Server Service Could Allow Remote Code Execution (KB 921883)Detection and Deployment: Detectable via MBSA 1.2*, MBSA 2.0, SMS 2.0*, SMS 2003 Deployable via WU, MU, SUS*, WSUS, SMS 2.0*, SMS 2003

17、 * does not support x64 and ia64 versions of WindowsDoes this supersede any updates? NoPublicly Disclosed (?)This vulnerability was initially reported through responsible disclosure, but was later disclosed publiclyMSRC was made aware of public exploitation prior to bulletin releaseReboot and Uninst

18、all Information:Installing the update requires a reboot of the systemThis update is uninstallable进毋任项怨畦戮搪规葵橇珐窄冲贮艺换碳校仰靶闹汾途粉耘陆箕袜挝喀淫九月份资讯安全公告SepQx FYxx ContentMS06-040v2: Windows - CriticalTitleTitleVulnerability in Server Service Could Allow Remote Code Execution (KB 921883)Vulnerability in Server Ser

19、vice Could Allow Remote Code Execution (KB 921883)What is this reason for this re-release? Initial building of WS03 SP1 updates for MS06-040 required netapi32.dll be loaded at a different base address in memory due to increase in code sizeRe-basing can cause applications that reserve large amounts o

20、f contiguous memory to fail.Subsequent code changes allowed the base address for netapi32.dll to be changed back to its original location.921883 has been updated to include the original pre- MS06-040 base address that was included in hotfix 924054.Other information:921883 v2 will automatically upgra

21、de systems requiring the new update (ie. uninstall of 921883 v1 is not required)Only WS03 SP1 systems (and systems that use the WOW64 components from that OS) are affected: WS03 SP1 (x86/x64/ia64)WS03 SP1 (x86/x64/ia64) WinXP x64WinXP x64More Information: For more Information, please review the FAQ

22、at:http:/ FYxx ContentQuestions about MS06-040v2?政梁龄凤茶毫撰乳迫攫击廉使晦攫脏矽裁萧胎垢盆褂贞疑际豹孩萍劝烈碌九月份资讯安全公告SepQx FYxx ContentMS06-042v3: IE Cumulative (Critical)TitleTitleMS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-MS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-re

23、leasereleaseThe Problem: This update resolves several newly discovered, publicly and privately reported vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, c

24、hange, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.New Vulnerabilities Long URL Buffer Overflow Vulnerability CVE-2006-3869 Long

25、 URL Buffer Overflow Vulnerability CVE-2006-3873沿钎哺纵叹龋苦迎叫嚣磐赊胜形挥茹暇赃阵誊淋弯梅审劳养鸵嗣争浚料堪九月份资讯安全公告SepQx FYxx ContentMS06-042v3: IE Cumulative (Critical)TitleTitleMS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-MS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-rel

26、easereleaseAffected Software Microsoft Windows 2000 Service Pack 4Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 Edition

27、Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 and Microsoft Windows Server 2003 SP1Microsoft Windows Server 2003 and Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Microsoft Windows Server 2003 for Itanium-based S

28、ystems and Microsoft Windows Server 2003 with SP1 for Itanium-based SystemsWindows Server 2003 with SP1 for Itanium-based Systems Microsoft Windows Server 2003 x64 EditionMicrosoft Windows Server 2003 x64 Edition迢恭味匪席孽网渡砾稠锑指稍烃免幅拐柏滓幢荒地彪娶消认雷拢筑恋牟蜘九月份资讯安全公告SepQx FYxx ContentMS06-042v3: IE Cumulative (Cr

29、itical)TitleTitleMS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-MS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-releasereleaseWho needs to install MS06-042v3? If v1 or v2 is NOT installed: All Affected Software (above) If v1 or v2 is installed, the fo

30、llowing still need to install MS06-042: IE 5.01 SP4 on Windows 2000 SP4 IE 5.01 SP4 on Windows 2000 SP4 IE 6 SP1 for Windows XP SP1 and Windows 2000 SP4 IE 6 SP1 for Windows XP SP1 and Windows 2000 SP4 IE 6 for Windows Server 2003 IE 6 for Windows Server 2003Who does NOT needs to install MS06-042v3?

31、 If v1 or v2 is installed, the following does NOT need to install MS06-042: IE 6 for Windows XP SP2 IE 6 for Windows XP SP2 IE 6 for Windows Server 2003 SP1 IE 6 for Windows Server 2003 SP1终什灾琉婿爬琶癸这敢层胚除绳歹湿捆商凳吹抨市箔秘钨豁浊案炳厨帐眺九月份资讯安全公告SepQx FYxx ContentMS06-042v3: New VulnerabilitiesVulnerabilityLong URL

32、 Buffer Overflow Vulnerability - CVE-2006-3869Possible Attack VectorsRemote code Execution: From a malicious web site with a specially crafted Web page (via Email attachment or IM request etc)Impact of AttackAttackers could take complete control of an affected systemThe FixThe Fix: Modified the way

33、IE handles long URLs when navigating to websites using the HTTP 1.1 protocol and compression.VulnerabilityLong URL Buffer Overflow Vulnerability CVE-2006-3873 Possible Attack VectorsRemote code Execution: From a malicious web site with a specially crafted Web page (via Email attachment or IM request

34、 etc)Impact of AttackAttackers could take complete control of an affected systemThe FixThe Fix: Modified the way IE handles long URLs when navigating to websites using the HTTP 1.1 protocol and compression.谷酝丸滔渠凹雹塞氓寡锐袋迸廉景哗叉痕涪摇造庚伶浮楷刘复寂贱晾颊瞪九月份资讯安全公告SepQx FYxx ContentMS06-042v3: IE Cumulative (Critical

35、)TitleTitleMS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-MS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-releasereleaseMitigations Web based attacks require user to visit malicious webs Html email is opened in restricted zone: OE6, OL2002, OL2003, an

36、d OL2002 w/OL email security update LUA: Attackers who successfully exploited these vulns could gain the same user rights as the local user. IE on Windows Server 2003 Enhanced Security ConfigurationWorkaround (New) Disable the HTTP 1.1 protocol in Internet Explorer.(New) Disable the HTTP 1.1 protoco

37、l in Internet Explorer. Disable caching of your Web sites content Disable caching of your Web sites content Set Active Scripting to Disabled or Prompt in the Internet Zone Set Active Scripting to Disabled or Prompt in the Internet Zone Set Internet and Local intranet security zone settings to “High”

38、 Set Internet and Local intranet security zone settings to “High” Add Trusted sites to the trusted site zone Add Trusted sites to the trusted site zone Read email in plain text format Read email in plain text format Disable Com Object instantiation (set kill bit) Disable Com Object instantiation (se

39、t kill bit)Detection and Deployment Next Page眺辜锡翁范软僧偶飞味膛羽硫焦埔肆赎貉啮号君听切伟蜡鄂霄汤迸音氏愚九月份资讯安全公告SepQx FYxx ContentMS06-042v3: IE Cumulative (Critical)TitleTitleMS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-MS06-042v3 Cumulative Security Update for Internet Explorer (918899) Re-releas

40、ereleaseDoes this supersede any updates? MS06-021Other information:Is a Restart required? YESIs there an uninstall option? YESAre the new vulnerabilities publicly known? CVE-2006-3869: CVE-2006-3869: Publicly KnownPublicly Known: : YESYES Publicly Exploited: Publicly Exploited: NONO CVE-2006-3873: C

41、VE-2006-3873: Publicly Known: Publicly Known: NONO Publicly Exploited: Publicly Exploited: NONOMore Information:FAQ: http:/ FYxx ContentQuestions about MS06-042v3?盛哨脉堑椅参帛台涣转嵌观厢生趁嗅述廷渐说驹券漓嗽虽纱霜溉希验慧葱九月份资讯安全公告SepQx FYxx ContentMS06-052: Pragmatic General Multicast (PGM) -MS06-052: Pragmatic General Multi

42、cast (PGM) -ImportantImportantTitleTitleVulnerability in Pragmatic General Multicast (PGM) Could Result in Remote Vulnerability in Pragmatic General Multicast (PGM) Could Result in Remote Code Execution KB919007Code Execution KB919007The ProblemThis update resolves a newly discovered, privately repo

43、rted, vulnerability which is documented in the Vulnerability Details section of this bulletin.An attacker who successfully exploited the vulnerability could take complete control of the affected system VulnerabilitiesPGM Code Execution Vulnerability - CVE-2006-3442 Affected versionsMicrosoft Windows

44、 XP Service Pack 1 Microsoft Windows XP Service Pack 2 Attack Vectors/ImpactThere is a remote code execution vulnerability that could allow an attacker to send a specially crafted multicast message to an affected system and execute code on the affected system. 誓携楞投疏韦权更专耗哇子丝咕个真连茫仔迭着坯颈秀旭纬炬膝扛漏律拌九月份资讯安全

45、公告SepQx FYxx ContentMS06-052: Pragmatic General Multicast (PGM) -MS06-052: Pragmatic General Multicast (PGM) -ImportantImportantTitleTitleVulnerability in Pragmatic General Multicast (PGM) Could Result in Remote Code Vulnerability in Pragmatic General Multicast (PGM) Could Result in Remote Code Exec

46、ution KB919007Execution KB919007The FixThe update removes the vulnerability by modifying the way that the MSMQ Service validates a PGM message before it passes the message to the allocated buffer. MitigationsFor customers who require the affected component, firewall best practices and standard defau

47、lt firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.Pragmatic General Multicast (PGM) is only supported when Microsoft Messag

48、e Queuing (MSMQ) 3.0 is installed. The MSMQ service is not installed by default.WorkaroundWe have not identified any workarounds for this vulnerability.癣任遣咨纸谰厂敢难妹电库绞涉偿脑狸忱评窜揖攻教志兵曲蛰扫肾诞鸥况九月份资讯安全公告SepQx FYxx ContentMS06-052: Pragmatic General Multicast (PGM) -MS06-052: Pragmatic General Multicast (PGM)

49、-ImportantImportantTitleTitleVulnerability in Pragmatic General Multicast (PGM) Could Result in Remote Vulnerability in Pragmatic General Multicast (PGM) Could Result in Remote Code Execution KB919007Code Execution KB919007Does this supersede any updates? NoOther information Was the vulnerability pu

50、blicly known? No Are there any known exploits? No Is a Restart required? Yes Is there an uninstall option? Yes More Information For more Information, please review the FAQ at:http:/ FYxx ContentQuestions on MS06-052?昔硬臭检坝鼎罢攘燎戴祸炽摇骨呐总拉桓耘高镇贰财灌澎蔫乏瘩斜姬肾慧九月份资讯安全公告SepQx FYxx ContentMS06-053: Indexing Servic

51、e - ModerateTitleTitleVulnerability in Indexing Service Could Allow Cross-Site Scripting (KB920685)Vulnerability in Indexing Service Could Allow Cross-Site Scripting (KB920685)The ProblemThere is an information disclosure vulnerability in Indexing Service because of the way that it handles query val

52、idation, creating the possibility of cross-site scripting.The vulnerability could allow an attacker to run client-side script on behalf of a user. The script could spoof content, disclose information, or take any action that the user could take on the affected web siteVulnerabilitiesMicrosoft Indexi

53、ng Service Vulnerability - CVE-2006-0032 Affected versionsMicrosoft Windows 2000 Service Pack 4Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 EditionMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 Micro

54、soft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based SystemsMicrosoft Windows Server 2003 x64 Edition判沈好困肥浊抬饰沃鱼臃寐笆伶伯埃侵抡文蜡渴歧斥垫棚绩弊徒盎翼锗抓九月份资讯安全公告SepQx FYxx ContentMS06-053: Indexing Service - ModerateTitleTitleVulnerability in Indexing Service

55、Could Allow Cross-Site Scripting KB920685Vulnerability in Indexing Service Could Allow Cross-Site Scripting KB920685Attack Vectors /Impact:A user would have to be enticed to click on a URL which goes to a malicious web site which hosts the exploit.The Fix:The update removes the vulnerability by modi

56、fying the way that Indexing Service validates the length of a message before it passes the message to the allocated buffer.Mitigations:By default, Internet Information Services 6.0 is not enabled on Windows Server On Windows Server 2003, if the Internet Information Services (IIS) has been enabled, t

57、he Indexing Service is not enabled by default. When Indexing Service is installed, web-based query pages must be created or installed manually that will allow IIS to receive queries from anonymous users and pass those queries to the Indexing Service.(Continued on the next slide)历耶泉膛靛际舒痪汇阜漾座询盼内广烈浆瑶瞪戴

58、战杭苫仔亩络竿竹妓品矣九月份资讯安全公告SepQx FYxx ContentMS06-053: Indexing Service - ModerateTitleTitleVulnerability in Indexing Service Could Allow Cross-Site Scripting KB920685Vulnerability in Indexing Service Could Allow Cross-Site Scripting KB920685Mitigations (Continued):The attacker would have to persuade users

59、 to visit the Web site, typically by getting them to click a link in an e-mail message or instant messenger message that takes users to the attackers Web site.Firewall best practices and standard default firewall configurations (E.g. systems that connected to the Internet have a minimal number of po

60、rts) can help protect networks from attacks that originate outside the enterprise perimeter.Workarounds:Firewall best practices and standard default firewall configurations (E.g. systems that connected to the Internet have a minimal number of ports) can help protect networks from attacks that origin

61、ate outside the enterprise perimeter. Block at the firewall: Block at the firewall: UDP ports UDP ports 137 and 138 and TCP ports 139 and 44.137 and 138 and TCP ports 139 and 44. To help protect from network-based attempts to exploit this vulnerability, use a personal To help protect from network-ba

62、sed attempts to exploit this vulnerability, use a personal firewall, such as the firewall, such as the Internet Connection FirewallInternet Connection Firewall, enable advanced TCP/IP filtering on , enable advanced TCP/IP filtering on systems that support this feature, block the affected ports by us

63、ing IPSec on the affected systems that support this feature, block the affected ports by using IPSec on the affected systems.systems. Remove the Indexing ServiceRemove the Indexing Service内篆蜡媒顷钓扳陀母谬楚光捡洱肃殷财陷夹茵驳赦冉鹿搓站昔列拷姓滋撒九月份资讯安全公告SepQx FYxx ContentMS06-053: Indexing Service - ModerateTitleTitleVulner

64、ability in Indexing Service Could Allow Cross-Site Scripting KB920685Vulnerability in Indexing Service Could Allow Cross-Site Scripting KB920685Does this supersede any updates? NoOther information Was the vulnerability publicly known? No Are there any known exploits? No Is a Restart required? No Is

65、there an uninstall option? YesMore Information For more Information, please review the FAQ at: http:/ FYxx ContentQuestions about MS06-053?狭黑吴庞蓬筋散改瞪务店镇鞘龟疯妇岂节荚秤痕澎坷太禄屡挛浴狼本妈介九月份资讯安全公告SepQx FYxx ContentMS06-054: Office - CriticalTitleTitleVulnerability in Microsoft Publisher Could Allow Remote Code Exec

66、utionVulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)(910729)The ProblemA remote code execution vulnerability exists in Publisher, and could be exploited when a malformed string included in a Publisher file is parsed. An attacker could exploit the vulnerability by cons

67、tructing a specially crafted Publisher file that could allow remote code execution. VulnerabilitiesMicrosoft Publisher Vulnerability - CVE-2006-0001Microsoft Publisher Vulnerability - CVE-2006-0001Affected versionsOffice Publisher 2000Office Publisher 2002Office Publisher 2003Attack Vectors/ImpactFo

68、r an attack to be successful a user must open an attachment that is sent in an e-mail message or visit a Web site that contains a Web page that is used to exploit this vulnerability . An attacker who successfully exploited this vulnerability could take . An attacker who successfully exploited this v

69、ulnerability could take complete control of an affected plete control of an affected system.The FixThe update removes the vulnerability by modifying the way that Publisher parses the file and validates the length of a string before passing it to the allocated buffer. 趣洪素藏径茄弓梅铜槛硷穴绽铬拈承婚噶厨馏蛤狈悠位噪瓶辽麻繁蚜勘池

70、九月份资讯安全公告SepQx FYxx ContentMS06-054: Office - CriticalTitleTitleVulnerability in Microsoft Publisher Could Allow Remote Code ExecutionVulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)(910729)MitigationsUsers whose accounts are configured to have fewer user rights on the

71、 system could be less impacted than users who operate with administrative user rights. an attacker would have to persuade users to visit the Web site The vulnerability cannot be exploited automatically through e-mail For Office 2000, you may install the Office Document Open Confirmation Tool for Off

72、ice 2000 and you will then be prompted with Open, Save, or Cancel before opening a document. Office 2002 and 2003 include this feature by default. Workaround Do not open or save Publisher files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources Detection a

73、nd DeploymentSoftware MBSA 1.2.1 MBSA 2.0 SMS 2.0 SMS 2003Microsoft Publisher 2000 Yes No Yes YesMicrosoft Publisher 2002 Yes Yes Yes YesMicrosoft Publisher 2003 Yes Yes Yes Yes胆雇债鹅耸淌汹酚气皱疯拆簧饿川茫鲜稠都疥设娶踏种谆咸嘎磕捌断追腾九月份资讯安全公告SepQx FYxx ContentMS06-054: Office - CriticalTitleTitleVulnerability in Microsoft

74、Publisher Could Allow Remote Code ExecutionVulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)(910729)Does this supersede any updates? NoneOther information Was the vulnerability publicly known? NO Are there any known exploits? NO Is a Restart required? YES, this update c

75、hanges shared Office dll files in addition to Publisher files. Although the security vulnerability only exists in Publisher a reboot is required to complete the installation of all files in the update. Is there an uninstall option? NOMore Information For more Information, please review the FAQ at: h

76、ttp:/ FYxx ContentQuestions about MS06-054?库楷砖芋啪雨淀丢马拇腥帛坍钒环奔慨芍谦鞍碑尧坝违泊介带渣傻溜糟羌九月份资讯安全公告SepQx FYxx ContentSecurity Advisory (1 of 2)Security Advisory 922582 - Minifilter can block AU and WSUS Non-security updateNon-security update This update addresses an error that could result when using a minifilter-

77、based application on a This update addresses an error that could result when using a minifilter-based application on a system. system. Specific Error Code: Specific Error Code: 0x800700020x80070002 This error code could occur when updating any of the following Microsoft tools: This error code could

78、occur when updating any of the following Microsoft tools: Automatic UpdatesAutomatic Updates WU Web siteWU Web site MU Web siteMU Web site Inventory Tool for Microsoft Updates (ITMU) for Microsoft Systems Management Server (SMS) Inventory Tool for Microsoft Updates (ITMU) for Microsoft Systems Manag

79、ement Server (SMS) 2003 2003 SUSSUS WSUSWSUS Windows Server 2003 R2 is the only version of Windows that ships with a minifilter-based application, Windows Server 2003 R2 is the only version of Windows that ships with a minifilter-based application, but it is not installed by default. but it is not i

80、nstalled by default. ISVs are building new applications using the minifilter technology; this error could affect any systems ISVs are building new applications using the minifilter technology; this error could affect any systems in the future.in the future. Customers should evaluate and deploy the u

81、pdate.Customers should evaluate and deploy the update. More information:More information:http:/ FYxx ContentSecurity Advisory (2 of 2)Security Advisory 925143 Adobe Security Bulletin: APSB06-11 FlashPlayer Update to Address Security VulnerabilitiesRecent security vulnerabilities in Macromedia Flash

82、Player from Adobe redistributed with Microsoft Windows XP SP1 & SP2.The Microsoft Security Response Center is in communication with Adobe.Adobe has made updates available on their Web site.Customers who use Flash Player should follow the Adobe guidance.For more information please see Adobe Security

83、Bulletin located at:http:/ KB925143:http:/ FYxx ContentSep 2006 Non-Security UpdatesNUMBERNUMBERTITLETITLEDistributionDistribution922582Update for WindowsMU, WU920872Update for Windows XPMU, WU912580Update for Outlook 2003 Junk E-mail FilterMU确村佣这脓伤痊挝步间伤窜渗滁伏擞水肩蹋册嫂框你维规宦磷窗滴躇迭闹九月份资讯安全公告SepQx FYxx Conte

84、ntDetection and DeploymentSUSSUSMUMUWSUSWSUSMBSA2MBSA2MBSA MBSA ESTESTCSACSASMSSMSMS06-040 Server ServiceMS06-042 IE CumulativeMS06-052 PGMMS06-053 Index ServerMS06-054 Publisher* MU does MU does notnot support detection for vulnerable Office 2000 products support detection for vulnerable Office 200

85、0 products For Office 2000, use SMS/WSUS/MBSA1.2/OfficeUpdateToolFor Office 2000, use SMS/WSUS/MBSA1.2/OfficeUpdateTool氧赛剃羽代割砧帚筑缘诚骚晶夕芹让黑闯诣嘉尤各杯寺超叔漳牙河溶组和九月份资讯安全公告SepQx FYxx ContentOther Update InformationBulletinBulletinRestartRestartUninstallUninstallReplacesReplacesOn productsOn productsMS06-040v2Re

86、quiredYesNoneAll productsMS06-042v3RequiredYesMS06-021All products MS06-052RequiredYesNoneWindows XP SP1/XP2MS06-053NoYesNoneAll productsMS06-054RequiredNoNoneOffice Publisher 2000/2002/2003咯瓮孝危冠吃卜带饵褪丝传爱确宅妻祈律栈级赘搭弥初警委酣咬宗锣姥超九月份资讯安全公告SepQx FYxx ContentWindows Malicious Software Removal ToolTwenty-first

87、 monthly incremental update. The September update adds the ability to remove:Win32/BancosWin32/HaxdoorWin32/Sinteri Available as priority update through Windows Update or Available as priority update through Windows Update or Microsoft Update for Windows XP usersMicrosoft Update for Windows XP users

88、 Offered through WSUS; not offered through SUS 1.0Offered through WSUS; not offered through SUS 1.0 Also as an ActiveX control or download at Also as an ActiveX control or download at FYxx ContentLifecycle Support InformationEnd of public security support for Windows XP SP 110 October 2006 Support

89、EOL for Software Update Services (SUS) 1.0Support EOL for Software Update Services (SUS) 1.0 6 December 20066 December 2006 Public security support for Windows 98, 98 SE, and Public security support for Windows 98, 98 SE, and Millennium Edition HAS ENDED as of 11 July 2006.Millennium Edition HAS EN

90、DED as of 11 July 2006. See See for more information for more information石秽凌繁近忘忙餐孵漱裙定勒甸肋然艺邻乾阜昨怎遇冤吁垃札膳暗或汕芜九月份资讯安全公告SepQx FYxx ContentResourcesSeptember Security Bulletin Webcast (US) http:/ Security Bulletins Summaryhttp:/ Bulletins S A Bloghttp:/ R Columnhttp:/ IT Pro Security N Security C FYxx Con

91、tentQuestions and AnswersSubmit text questions using the “Ask a Question” button Dont forget to fill out the surveyFor upcoming and previously recorded webcasts: http:/ webcast content ideas?Got webcast content ideas?E-mail us at: E-mail us at: 恕捍挠页潜人赞酉佩侯撰畜宫搏盆孪咽糙忿感凳赐叹吐阮行练闭纺酌络曙九月份资讯安全公告SepQx FYxx Content太晌枪减溺嗽傲饿夸你怔藏姥另薯迸虾呜烁瘟镍纵葡硼抚足国澡堡厂盐搞九月份资讯安全公告SepQx FYxx Content