Microsoft Security Bulletins

September was a relatively light month for Security Bulletins from Microsoft. There are only three new bulletins, and only one of them is rated as Critical (one is Moderate, and the third is Important). The Critical Security Bulletin is MS06-054 which relates to a vulnerability in Microsoft Publisher that could allow an attacker to execute malicious code remotely on vulnerable systems.

To view a summary of the September bulletins, visit Microsoft Security Bulletin Summary for September, 2006. Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. You can also visit Windows Update to automatically determine what patches or updates your system needs.

• Microsoft Security Bulletin MS06-052
  Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution
  Microsoft Criticality: Important
  
  • http://www.microsoft.com/technet/security/bulletin/ms06-052.mspx

• Microsoft Security Bulletin MS06-053
  Vulnerability in Indexing Service Could Allow Cross-Site Scripting
  Microsoft Criticality: Moderate
  
  • http://www.microsoft.com/technet/security/bulletin/ms06-053.mspx

• Microsoft Security Bulletin MS06-054
  Vulnerability in Microsoft Publisher Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  
  • http://www.microsoft.com/technet/security/bulletin/ms06-054.mspx

• NOTE: This Security Bulletin and patch were released out-of cycle, on September 26, 2006 to address a zero-day exploit that was already being executed in the wild.
  Microsoft Security Bulletin MS06-055
  Vulnerability in Vector Markup Language Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  
  • http://www.microsoft.com/technet/security/bulletin/ms06-055.mspx