[Microsoft Alert] Microsoft Security Bulletin MS06-021

Cumulative Security Update for Internet Explorer (916281)

Issued: June 13, 2006

Version: 1.0

 

Summary

Who should read this document: Customers who use Microsoft Windows

 

Impact of Vulnerability: Remote Code Execution

 

Maximum Severity Rating: Critical

 

Recommendation: Customers should apply the update immediately.

 

Security Update Replacement: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

 

 

Vulnerability Details:

A remote code execution vulnerability exists in the way Internet Explorer handles exceptional conditions. As a result, system memory may be corrupted in such a way that an attacker could execute arbitrary code if a user visited a specially crafted Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

 

 

Affected Software:

Microsoft Windows 2000 Service Pack 4

 

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

 

Microsoft Windows XP Professional x64 Edition

 

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

 

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

 

Microsoft Windows Server 2003 x64 Edition

 

Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) — Review the FAQ section of this bulletin for details about these operating systems.

 

 

 

References: http://www.microsoft.com/security/bulletins/current.mspx (Microsoft Security Updates)

---