Today's bulletins.

Bulletin MS06-018:

Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)

Okay, that's special - a denial of service in MSDTC, and the workaround is to ... disable MSDTC.  Clearly the workaround does exactly what the bulletin is trying to protect you against, so if you have any applications that rely on MSDTC, you will want to install this patch.

Bulletin MS06-019:

Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)

This one's nasty - someone can send your users a mail message containing a meeting request or appointment, and run code on your Exchange Server.  If you use Exchange Server, this one's really necessary - you could just block calendar attachments, but really, do you want your users stood outside your office with torches and pitchforks?

Bulletin MS06-020:

Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)

A remote code execution flaw in Flash?  Now there's a novelty.  This flaw was mentioned back in March, in a Security Advisory.  Hopefully you upgraded then, if not, update now.

Published Tue, May 9 2006 14:30 by Alun Jones
Filed under:

Leave a Comment

(required) 
(required) 
(optional)
(required) 
If you can't read this number refresh your screen
Enter the numbers above: