Microsoft Security Bulletin MS06-069 - Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)

This update patches a vulnerability in Adobe's Flash Player which is redistributed by Microsoft in Internet Explorer on Windows XP. You can use the Microsoft security update unless you've upgraded to Flash 7 or higher, which case you'll gave to deploy the update provided by Adobe at http://www.adobe.com/support/security/bulletins/apsb06-11.html. This vulnerability allows attackers to execute arbitrary code on a user's PC if they can succeed in getting the user to play malformed Flash .SWF content such as through email, a rogue website or a website that fails to prevent rogue content from being posted. I recommend that you install either the Microsoft or Adobe patch to workstations after fully testing it on a limited rollout. Remember, you are vulnerable on any Windows computer that has Flash Player 8.0.24.0 or earlier installed.  Windows XP SP2 systems are the only supported versions of Windows that come pre-loaded with a vulnerable Flash player.

Get this valuable commentary each month as soon as Microsoft releases security updates!

Free log parser scripts, a clear explanation of Microsoft's latest security bulletin, helpful security tips, how-to's and more.