[Microsoft Alert] Microsoft Security Bulletin MS06-022

Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)

Issued: June 13, 2006

Version: 1.0

 

Summary

Who should read this document: Customers who use Microsoft Windows

 

Impact of Vulnerability: Remote Code Execution

 

Maximum Severity Rating: Critical

 

Recommendation: Customers should apply the update immediately.

 

Security Update Replacement: None

 

 

Vulnerability Details:

There is a remote code execution vulnerability in the way that Windows handles ART images. An attacker could exploit the vulnerability by constructing a specially crafted ART image that could potentially allow remote code execution if a user visited a Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

 

 

Affected Software:

Microsoft Windows XP Service Pack 1

 

Microsoft Windows XP Service Pack 2

 

Microsoft Windows XP Professional x64 Edition

 

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

 

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

 

Microsoft Windows Server 2003 x64 Edition

 

Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) — Review the FAQ section of this bulletin for details about these operating systems.

 

 

 

References: http://www.microsoft.com/security/bulletins/current.mspx (Microsoft Security Updates)

 

---