Microsoft Products Contain Multiple Vulnerabilities

Systems Affected

• Microsoft Windows
• Microsoft Office
• Microsoft Works Suite
• Microsoft Internet Explorer

Overview

Critical vulnerabilities in Microsoft Windows, Office, Works Suite, and Internet Explorer may allow an attacker to take control of your computer.

Solution

Apply Update

Microsoft has provided updates to remedy these vulnerabilities. To obtain these updates, visit the Microsoft Update web site. US-CERT also recommends enabling Automatic Updates.

Microsoft Office 2000 users must visit the Microsoft Office Update web site to get the appropriate updates.

Apple Mac OS X users should obtain updates from the Mactopia web site.

Description

Vulnerabilities in Microsoft Windows, Office, Works Suite, and Internet Explorer may allow an attacker to access your computer, install and run malicious software on your computer, or cause it to crash.

We are aware of attacks using the vulnerability described in VU#650769.

For more technical information, see US-CERT Technical Alert TA06-220A.

References

• Microsoft Security Bulletin Summary for August 2006 - <http://www.microsoft.com/technet/security/bulletin/ms06-aug.mspx>
• US-CERT Vulnerability Note VU#650769 - <http://www.kb.cert.org/vuls/id/650769>
• Microsoft Update - <https://update.microsoft.com/microsoftupdate/>
• Microsoft Office Update - <http://officeupdate.microsoft.com/>
• Use Microsoft Update to help keep your computer current - <http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx>
• Mactopia - <http://www.microsoft.com/mac/>

Feedback can be directed to US-CERT.

Produced 2006 by US-CERT, a government organization. Terms of use

Revision History

August 8, 2006: Initial release