Status Tracking Note TRTA06-101A

Microsoft Windows and Internet Explorer Vulnerabilities

Overview

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Event Information


Date (UTC)Description
2006-04-11 22:10 US-CERT
TA06-101A: Microsoft Windows and Internet Explorer Vulnerabilities
Via US-CERT Mailing List
2006-04-11 20:37 Microsoft
MS06-APR: Microsoft Security Bulletin Summary for April, 2006
Via Microsoft Mailing List
2006-04-11 Internet Security Systems
Cumulative Security Update for Internet Explorer
Internet Security Systems Protection Alert
2006-04-11 Internet Security Systems
Microsoft MDAC Remote Code Execution
Internet Security Systems Protection Alert
2006-03-24 07:22 Microsoft
Microsoft Security Advisory (917077): Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution
Via Microsoft Mailing List
2006-03-23 08:50 Secunia
Microsoft Internet Explorer "createTextRange()" Code Execution
DHTML Method Call Memory Corruption Vulnerability(CVE-2006-1359,MS06-013,VU#876678)
Public disclosure
2006-03-22 09:13 Bugtraq
IE crash
DHTML Method Call Memory Corruption Vulnerability(CVE-2006-1359,MS06-013,VU#876678)
a proof-of-concept code for this vulnerability
2006-03-22 US-CERT
Vulnerability in Microsoft Internet Explorer
US-CERT Current Activity
US-CERT reported a proof-of-concept code for this vulnerability.
2006-03-16 19:22 Full-Disclosure
[Full-disclosure] Remote overflow in MSIE script action handlers (mshtml.dll)
Multiple Event Handler Memory Corruption Vulnerability(CVE-2006-1245,MS06-013,VU#984473)
a proof-of-concept code for this vulnerability
2006-02-28 23:40 Microsoft
Microsoft Security Advisory (912945): Non-Security Update for Internet Explorer
Via Microsoft Mailing List
2006-02-10 Secunia
Microsoft Internet Explorer "createTextRange()" Code Execution
DHTML Method Call Memory Corruption Vulnerability(CVE-2006-1359,MS06-013,VU#876678)
Vulnerability discovered


Date first published (UTC): 2006-04-11T22:11+00:00
Date last updated (UTC): 2006-04-19T22:09+00:00