Vulnerabilities in Microsoft Products
Systems Affected
- Microsoft Windows
- Microsoft Visual Studio
- Microsoft Outlook Express
- Microsoft Media Player
- Microsoft Internet Explorer
Overview
Vulnerabilities in Microsoft Windows and Visual Studio could allow an attacker to gain control of your computer.
Solution
Apply Update
Microsoft has provided updates to remedy these vulnerabilities. To obtain these updates, visit the Microsoft Update web site. We also recommend enabling Automatic Updates.
Description
Vulnerabilities in Microsoft Windows, Visual Studio, Outlook Express,
Media Player, and Internet Explorer may allow an attacker to access
your computer, install and run malicious software on your computer, or
cause it to crash. An attacker could exploit these vulnerabilities by
using specially crafted network traffic, or by convincing you to view
a specially crafted web site or HTML email message.For more technical information, see US-CERT Technical Alert TA06-346A.
References
- Technical Alert TA06-346A - <http://www.us-cert.gov/cas/techalerts/TA06-346A.html>
- Vulnerability Notes for Microsoft December 2006 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms06-dec>
Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>
- Using Caution with Email Attachments - <http://www.us-cert.gov/cas/tips/ST04-010.html>
-->
- Microsoft Security Essentials - <http://www.microsoft.com/protect/>
- Microsoft security updates for December 2006 - <http://www.microsoft.com/athome/security/update/bulletins/200612.mspx>
- Microsoft Update - <https://update.microsoft.com/microsoftupdate/>
- Microsoft Automatic Updates - <http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx#EZB>
- Information from Microsoft regarding accidental release of
security updates for Office products for Mac - <http://blogs.technet.com/msrc/archive/2006/12/13/information-on-accidental-posting-of-pre-release-security-updates-for-office-for-mac.aspx>
.
Revision History
-
December 12, 2006: Initial release
December 15, 2006: Replaced information about Mac updates with a reference to a Microsoft explanation about the error.
This product is provided subject to this Notification and this Privacy & Use policy.