Status Tracking Note TRTA06-101A

Microsoft Windows and Internet Explorer Vulnerabilities

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

Event Information

Date (UTC)	Description
2006-04-11 22:10	US-CERT TA06-101A: Microsoft Windows and Internet Explorer Vulnerabilities Via US-CERT Mailing List
2006-04-11 20:37	Microsoft MS06-APR: Microsoft Security Bulletin Summary for April, 2006 Via Microsoft Mailing List
2006-04-11	Internet Security Systems Cumulative Security Update for Internet Explorer Internet Security Systems Protection Alert
2006-04-11	Internet Security Systems Microsoft MDAC Remote Code Execution Internet Security Systems Protection Alert
2006-03-24 07:22	Microsoft Microsoft Security Advisory (917077): Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution Via Microsoft Mailing List
2006-03-23 08:50	Secunia Microsoft Internet Explorer "createTextRange()" Code Execution DHTML Method Call Memory Corruption Vulnerability(CVE-2006-1359,MS06-013,VU#876678) Public disclosure
2006-03-22 09:13	Bugtraq IE crash DHTML Method Call Memory Corruption Vulnerability(CVE-2006-1359,MS06-013,VU#876678) a proof-of-concept code for this vulnerability
2006-03-22	US-CERT Vulnerability in Microsoft Internet Explorer US-CERT Current Activity US-CERT reported a proof-of-concept code for this vulnerability.
2006-03-16 19:22	Full-Disclosure [Full-disclosure] Remote overflow in MSIE script action handlers (mshtml.dll) Multiple Event Handler Memory Corruption Vulnerability(CVE-2006-1245,MS06-013,VU#984473) a proof-of-concept code for this vulnerability
2006-02-28 23:40	Microsoft Microsoft Security Advisory (912945): Non-Security Update for Internet Explorer Via Microsoft Mailing List
2006-02-10	Secunia Microsoft Internet Explorer "createTextRange()" Code Execution DHTML Method Call Memory Corruption Vulnerability(CVE-2006-1359,MS06-013,VU#876678) Vulnerability discovered


Date first published (UTC):	2006-04-11T22:11+00:00
Date last updated (UTC):	2006-04-19T22:09+00:00