Better workaround informa... |
Take Aways from SANS Log ... »
Patches finally released for nasty zero-day exploits and more
Tue, 11 Jul 2006 15:30:04 GMT
Today Microsoft released 7 bulletins that cover every supported version of Windows and Office – including the Mac versions of Office. Web server admins will want to pay particular attention to MS06-033 and MS06-034 which impact ASP.NET 2.0 and ASP respectively. Both workstations and servers are vulnerable to MS06-035 – especially if you have the Messenger or Alerter services started. All Windows computers that have the DHCP Client service started need to install MS06-036 which I think will be very attractive as a worm infection vector. Finally, MS06-037,038 and 039 impact every version of Office and some related applications including Project, Visio, OneNote and Visual Studio including the 2 zero-day exploits. All in all I recommend installation of all of these updates. For my detailed analysis of these bulletins and further recommendations see the home page.
Understanding the Difference between “Account Logon” and “Logon/Logoff” Events in the Windows Security Log
Virtualization Security: What Are the Real World Risks?
Why Workstation Security Logs Are So Important
Always Enable Auditing - Even for Logs and Systems You Don’t Actively Review
powered by Bloget™