New Microsoft Security bulletins

Madrid, January 11 2006 - Microsoft has published two security bulletins - MS06-002 and MS06-003-, reporting the availability of updates to resolve several vulnerabilities in Windows, Office and Exchange Server.

Below we offer a short summary of the two new bulletins and the addresses at which they are available:

- Bulletin MS06-002: offers information about an update resolving a vulnerability allowing remote execution of code in Windows because of the way that it handles malformed embedded Web fonts. This security problem affects Windows 2000, Windows XP, Windows Server 2003, Windows 98 and Windows ME. More information at: http://www.microsoft.com/technet/security/bulletin/ms06-002.mspx

- Bulletin MS06-003: refers to a remote code execution vulnerability in Microsoft Outlook and Microsoft Exchange Server because of the way that it decodes the TNEF MIME attachment. This could allow an attacker to take complete control of the system. It affects Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, and Exchange Server. More information
at: http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

In addition, Microsoft published bulletin MS06-001 last Thursday, which refers to an update to resolve a problem in the processing of certain graphic files. This bulletin, which we previously reported, is available
at: http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

Oxygen3 24h-365d
by Panda Software