Status Tracking Note TRTA06-164A

Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities

Overview

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Word, PowerPoint, Media Player, Internet Explorer, and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Event Information

Date (UTC)Description
2006-06-23 Microsoft
Microsoft Security Advisory (921923): Proof of Concept Code Published Affecting the Remote Access Connection Manager Service
2006-06-23 Microsoft
Microsoft Knowledge Base Article 911280: MS06-025: Vulnerability in Routing and Remote Access could allow remote code execution
2006-06-16 14:40 Internet Security Systems
AlertCon (2) => (1)
2006-06-14 11:31 SANS Internet Storm Center
Exploits for most recent Microsoft Patches
MS06-024: Windows Media Player (Exploit released by penetration testing vendor to customers).
MS06-025: RRAS (Exploit released by penetration testing vendor to customers).
MS06-027: Word remote code execution (Exploit available before release of patch).
MS06-030: SMB Priviledge Escalation (Two exploits released to the public).
MS06-032: IP Source Routing Exploit (DoS exploits released privately (trivial exploit)).
2006-06-14 09:48 Microsoft
MS06-JUN: Microsoft Security Bulletin Summary for June, 2006
Via Microsoft Mailing List
2006-06-13 22:41 US-CERT
TA06-164A: Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities
Via US-CERT Mailing List
2006-06-13 22:11 Bugtraq
[REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock
SMB Invalid Handle Vulnerability(CVE-2006-2374,MS06-030)
a proof-of-concept code for this vulnerability
2006-06-13 22:00 Bugtraq
[REVERSEMODE ADVISORY] MS06-030 - Microsoft Mrxsmb.sys privilege escalation advisory
SMB Driver Elevation of Privilege Vulnerability(CVE-2006-2373,MS06-030)
a proof-of-concept code for this vulnerability
2006-06-13 19:25 Internet Security Systems
AlertCon (1) => (2)
2006-06-13 17:38 NGSSoftware Insight Security Research
High Risk Vulnerability in Microsoft Windows Remote Access Connection Manager (RASMAN) service
Full details will be published on the 13th September 2006.
2006-06-13 Symantec
SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
Graphics Rendering Vulnerability(CVE-2006-2376,MS06-026)
Full disclosure on July 11, 2006
2006-06-13 Internet Security Systems
Cumulative Security Update for Internet Explorer for June 2006
Internet Security Systems Protection Alert
2006-06-13 Internet Security Systems
Vulnerability in Windows Media Player Could Allow Code Execution
Internet Security Systems Protection Alert
2006-04-27 Zero Day Initiative (ZDI)
ZDI-06-018: Microsoft Internet Explorer DXImageTransform ActiveX Memory
COM Object Instantiation Memory Corruption Vulnerability(CVE-2006-1303,MS06-021)
Vulnerability Reported
2006-04-26 Secunia
SA19762: Internet Explorer Exception Handling Memory Corruption Vulnerability
Microsoft Exchange Server when running Outlook Web Access Vulnerability(CVE-2006-2218,MS06-021)
Vulnerability discovered
2006-02-22 iDefense
Windows Media Player PNG Chunk Decoding Stack-Based Buffer Overflow
Windows Media Player PNG Vulnerability(CVE-2006-0025,MS06-024)
Vulnerability Reported
2006-02-09 Full-disclosure
[Full-disclosure] Re: Is Windows TCP/IP source routing PoC code available?
IP Source Route Vulnerability (CVE-2006-2379,MS06-032)
a proof-of-concept code for this vulnerability
#winicmpdos.cmd
#win2knatdos.cmd
2006-02-07 iDefense
Microsoft Internet Explorer ART File Heap Corruption Vulnerability
ART Image Rendering Vulnerability(CVE-2006-2378,MS06-022)
Vulnerability Reported
2006-02-07 iDefense
Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk DoS
SMB Invalid Handle Vulnerability(CVE-2006-2374,MS06-030)
Vulnerability Reported
2006-01-20 Zero Day Initiative (ZDI)
ZDI-06-017: Microsoft Internet Explorer UTF-8 Decoding Heap Overflow Vulnerability
HTML Decoding Memory Corruption Vulnerability(CVE-2006-2382,MS06-021)
Vulnerability Reported
2005-12-09 iDefense
Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow
SMB Driver Elevation of Privilege Vulnerability(CVE-2006-2373,MS06-030)
Vulnerability Reported
2005-10-27 SEC-CONSULT
SEC-CONSULT Security Advisory 20060613-0: HTML Code Injection in Outlook Web Access
Microsoft Exchange Server when running Outlook Web Access Vulnerability(CVE-2006-1193,MS06-029)
Vulnerability discovered


Date first published (UTC): 2006-06-14T03:45+00:00
Date last updated (UTC): 2006-07-11T20:19+00:00