Microsoft Security Bulletin MS06-068 - Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)

MS Agent is a services that developers can use to add interactive personalities in the form of animated characters to the UI of their applications. The vulnerability lies in the MS Agent ActiveX control being invoked with bad data from malicious web or email content. You can either set the kill bits on the associated controls using my handy and free KillBits administrative template or deploy the patch after testing. I recommend testing since the vulnerability is not public or actively being exploited in attacks.
Vista isn’t vulnerable due to changes in MsAgent.

Get this valuable commentary each month as soon as Microsoft releases security updates!

Free log parser scripts, a clear explanation of Microsoft's latest security bulletin, helpful security tips, how-to's and more.

Upcoming Webinars by Randy Franklin Smith

Beyond Single Event Analysis: Analyzing Multiple Events to Reduce False Positives and Gain Deeper Insight into the Security Log

Auditing File Access with the Windows Server 2008 Security Log: The Good, Bad and Ugly

How to Secure Web Based Applications with 2-Factor Authentication

Eliminating Admin Rights on Workstations and Laptops: Avoiding the Pitfalls and Making it Work in the Real World

Additional Links

A
D
V

NEW! GFI EventsManager 8 Extends Event Management Capabilities. Find Out More.

Get Randy's Security Log Resource Kit

Sick of LimitLogin? Get UserLock for real logon control