Published: 2006-12-14T04:16+00:00    Last Updated: 2006-12-20T14:42+00:00

TRTA06-346A
Microsoft Updates for Multiple Vulnerabilities

Overview

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Visual Studio, Microsoft Outlook Express, Microsoft Media Player, and Microsoft Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

Event Information

Date (UTC)Description
2006-12-18 15:50 Internet Security Systems
AlertCon (2) => (1)
2006-12-13 02:06 JPCERT/CC
JPCERT-AT-2006-0020: Dec 2006 Microsoft Security Bulletin (including three critical patches)
2006-12-12 22:10 Internet Security Systems
AlertCon (1) => (2)
Microsoft: The Microsoft December Security Bulletin Release (MS06-072 - MS06-078), 3 "Critical" and 4 "Important", consisted of 11 issues.
2006-12-12 22:07 US-CERT
TA06-346A: Microsoft Updates for Multiple Vulnerabilities
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Visual Studio, Microsoft Outlook Express, Microsoft Media Player, and Microsoft Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
2006-12-12 Microsoft
Microsoft Security Advisory (927709): Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS06-073 to address this issue.
2006-12-12 Microsoft
MS06-DEC: Microsoft Security Bulletin Summary for December, 2006
Included in this advisory are updates for newly discovered vulnerabilities.
2006-12-12 Internet Security Systems
Critical Vulnerabilities in MS06-072
2006-12-12 Internet Security Systems
Critical Vulnerability in MS06-074
2006-12-12 Internet Security Systems
Critical Vulnerabilities in MS06-078
2006-11-09 SANS Internet Storm Center
Windows WMIObjectBroker (Visual Studio 2005) 0-Day Exploit
Rohit from Tippingpoint adviced us that he is seeing a large number of attacks from Russia using an un-patched vulnerability in the WMIObjectBroker ActiveX control (CVE-2006-4704). He is seeing it used as part of a drive-by download. Typically, the Trojan "Galopoper.A" is load.
2006-11-08 Microsoft
Microsoft Security Advisory (927709): Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution
Advisory updated to alert customers that we are aware of attacks using the reported vulnerability.
2006-11-01 19:21 Full-disclosure
[Full-disclosure] Microsoft patches the WMI Object Broker bug
a proof-of-concept code for WMI Object Broker Vulnerability (CVE-2006-4704,MS06-073)
#Cid: ie_createobject.pm
2006-11-01 US-CERT
Exploit Code Posted for Vulnerability in Microsoft's Visual Studio
a proof-of-concept code for WMI Object Broker Vulnerability (CVE-2006-4704,MS06-073)
US-CERT is aware of publicly available exploit code for a new vulnerability in the Windows Management Instrumentation (WMI) Object Broker ActiveX control.
2006-10-31 Microsoft
Microsoft Security Advisory (927709): Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution
Advisory published.
2006-08-31 Zero Day Initiative (ZDI)
ZDI-06-048: Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability
DHTML Script Function Memory Corruption Vulnerability(CVE-2006-5581,MS06-072)
Vulnerability Reported
2006-08-15 Secunia Research
2006-58: Internet Explorer Script Error Handling Memory Corruption
Script Error Handling Memory Corruption Vulnerability(CVE-2006-5579,MS06-072)
Vulnerability Reported
2006-06-15 Zero Day Initiative (ZDI)
ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
WMI Object Broker Vulnerability(CVE-2006-4704,MS06-073)
Vulnerability Reported

Other Information

CVE CVE-2006-4704
CVE-2006-5579
CVE-2006-5581