CERT-In:Indian Computer Emergency Response Team

HOME > ADVISORIES

ADVISORIES

CERT-In Advisory CIAD-2006-46
Multiple Vulnerabilities in Microsoft Windows, Internet
Explorer, Outlook Express, Visual Studio and Windows
Media Player

Original issue date: December 13, 2006

Systems Affected

Microsoft Windows Operating Systems
Microsoft Internet Explorer
Microsoft Outlook Express
Microsoft Windows Media Player
Microsoft Visual Studio

Overview

Multiple vulnerabilities have been reported in various components of Microsoft Windows such as CRSS, RIS, Microsoft Internet Explorer, Microsoft Visual Studio, Outlook Express and Windows Media Player. This advisory describes these vulnerabilities addressed by the Microsoft Security Bulletins of December 2006.

Description

The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below

Microsoft Security Bulletin	Severity	CERT-In Vulnerability Notes
MS06-072: Cumulative Security Update for Internet Explorer	High	CIVN-2006-127: Microsoft Internet Explorer Memory Corruption and TIF Folder Information Disclosure Vulnerabilites
MS06-073: Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution	High	CIVN-2006-109:Microsoft Visual Studio WMI Object Broker ActiveX Code Execution Vulnerability
MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution	Medium	CIVN-2006-128:Remote Code Execution Vulnerability in SNMP
MS06-075: Vulnerability in Windows Could Allow Elevation of Privilege	Medium	CIVN-2006-129: Microsoft Windows File Manifest Corruption Vulnerability
MS06-076: Cumulative Security Update for Outlook Express	Medium	CIVN-2006-130:Windows Address Book Contact Record Vulnerability
MS06-077: Vulnerability in Remote Installation Service Could Allow Remote Code Execution	Medium	CIVN-2006-131: Remote Code Execution Vulnerability in Microsoft Windows RIS
MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution	High	CIVN-2006-132: Microsoft Windows Media Format Remote Code execution Vulnerability

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin December 2006
http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Advisory CIAD-2006-46 Multiple Vulnerabilities in Microsoft Windows, Internet Explorer, Outlook Express, Visual Studio and Windows Media Player

CERT-In Advisory CIAD-2006-46
Multiple Vulnerabilities in Microsoft Windows, Internet
Explorer, Outlook Express, Visual Studio and Windows
Media Player