Summary: This advisory contains information about all security updates
released this month. It is broken down by security bulletin severity.
Critical Security Bulletins
===========================
===========================
MS06-035 – Vulnerability in Server Service Could Allow Remote Code
Execution
(917159)
Execution
(917159)
– Affected Software:
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows XP Home Service Pack 2
– Windows XP Home Service Pack 1
– Windows 2000 Service Pack 4
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows XP Home Service Pack 2
– Windows XP Home Service Pack 1
– Windows 2000 Service Pack 4
– Impact: Remote Code Execution
– Version Number: 1.0
– Version Number: 1.0
MS06-036 – Vulnerability in DHCP Client Service Could Allow Remote
Code
Execution (914388)
Code
Execution (914388)
– Affected Software:
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows XP Home Service Pack 2
– Windows XP Home Service Pack 1
– Windows 2000 Service Pack 4
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows XP Home Service Pack 2
– Windows XP Home Service Pack 1
– Windows 2000 Service Pack 4
– Impact: Remote Code Execution
– Version Number: 1.0
– Version Number: 1.0
MS06-037 – Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution
(917285)
Execution
(917285)
– Affected Software:
– Excel 2003
– Excel Viewer 2003
– Excel 2002
– Excel 2000
– Excel v.X for Mac
– Excel 2004 for Mac
– Excel 2003
– Excel Viewer 2003
– Excel 2002
– Excel 2000
– Excel v.X for Mac
– Excel 2004 for Mac
– Impact: Remote Code Execution
– Version Number: 1.0
– Version Number: 1.0
MS06-038 – Vulnerabilities in Microsoft Office Could Allow Remote
Code Execution
(917284)
Code Execution
(917284)
– Affected Software:
– Office 2003 Service Pack 2
– Office 2003 Service Pack 1
– Office XP Service Pack 3
– Office 2000 Service Pack 3
– Office v.X for Mac
– Office 2004 for Mac
– Project 2002
– Project 2000
– Visio 2002
– Works Suite 2006
– Works Suite 2005
– Works Suite 2004
– Office 2003 Service Pack 2
– Office 2003 Service Pack 1
– Office XP Service Pack 3
– Office 2000 Service Pack 3
– Office v.X for Mac
– Office 2004 for Mac
– Project 2002
– Project 2000
– Visio 2002
– Works Suite 2006
– Works Suite 2005
– Works Suite 2004
– Impact: Remote Code Execution
– Version Number: 1.0
– Version Number: 1.0
MS06-039 – Vulnerabilities in Microsoft Office Filters Could Allow
Remote Code
Execution (915384)
Remote Code
Execution (915384)
– Affected Software:
– Office 2003 Service Pack 2
– Office 2003 Service Pack 1
– Office XP Service Pack 3
– Office 2000 Service Pack 3
– Project 2002
– Project 2000
– Works Suite 2006
– Works Suite 2005
– Works Suite 2004
– Office 2003 Service Pack 2
– Office 2003 Service Pack 1
– Office XP Service Pack 3
– Office 2000 Service Pack 3
– Project 2002
– Project 2000
– Works Suite 2006
– Works Suite 2005
– Works Suite 2004
– Impact: Remote Code Execution
– Version Number: 1.0
– Version Number: 1.0
Important Security Bulletins
============================
============================
MS06-033 – Vulnerability in ASP.NET Could Allow Information
Disclosure (917283)
Disclosure (917283)
– Affected Software:
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows XP Home Service Pack 2
– Windows XP Home Service Pack 1
– Windows 2000 Service Pack 4
– .NET Framework 2.0
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows XP Home Service Pack 2
– Windows XP Home Service Pack 1
– Windows 2000 Service Pack 4
– .NET Framework 2.0
– Impact: Information Disclosure
– Version Number: 1.0
– Version Number: 1.0
MS06-034 – Vulnerability in Microsoft Internet Information Services
using Active
Server Pages Could Allow Remote Code Execution (917537)
using Active
Server Pages Could Allow Remote Code Execution (917537)
– Affected Software:
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows 2000 Service Pack 4
– Windows Server 2003 Service Pack 1
– Windows Server 2003
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 x64 Edition
– Windows XP Professional Service Pack 2
– Windows XP Professional Service Pack 1
– Windows XP Professional x64 Edition
– Windows 2000 Service Pack 4
– Impact: Remote Code Execution
– Version Number: 1.0
– Version Number: 1.0
Update Availability:
===================
Updates are available to address these issues.
For additional information, including Technical Details,
Workarounds, answers to Frequently Asked Questions,
and Update Deployment Information please read
the Microsoft Security Bulletin Summary for this
month at: http://go.microsoft.com/fwlink/?LinkId=69768
===================
Updates are available to address these issues.
For additional information, including Technical Details,
Workarounds, answers to Frequently Asked Questions,
and Update Deployment Information please read
the Microsoft Security Bulletin Summary for this
month at: http://go.microsoft.com/fwlink/?LinkId=69768
