[Microsoft Alert] Microsoft Security Bulletin MS06-020

Vulnerabilities in Macromedia Flash Player from Adobe Could

Allow Remote Code Execution (913433)

Issued: May 9, 2006

Version: 1.0

 

Summary

Who should read this document: Customers who use Microsoft Windows

 

Impact of Vulnerability: Remote Code Execution

 

Maximum Severity Rating: Critical

 

Recommendation: Customers should apply the update immediately.

 

Security Update Replacement: None.

 

Vulnerability Details:

This update resolves publicly reported vulnerabilities. The vulnerabilities are documented in the "Vulnerability Details" section of this bulletin. These vulnerabilities are also documented in Macromedia Security Bulletin MPSB05-07 for customers using Flash Player 5 and 6.

 

Customers who have installed Flash Player 7 and higher are advised to download the latest version from the Adobe website. Customers that have followed the guidance in Adobe Security Bulletin APSB06-03 are not at risk from the vulnerability.

 

 

 

 

 

Affected Software:

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Microsoft Exchange Server 2003 Service Pack 2

 

Non-Affected Software:

Microsoft Windows 2000 Service Pack 4

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

Microsoft Windows Server 2003 x64 Edition

Windows XP Professional x64 Edition

 

Note: Flash Player does not ship with the versions of Microsoft Windows in the not affected software list. Customers who have installed Flash Player on these versions of Windows are encouraged to follow the guidance in the Adobe Security Bulletin ASPB06-03.

 

 

 

References: http://www.microsoft.com/security/bulletins/current.mspx (Microsoft Security Updates)

---