Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Microsoft August 2006 Patches: STATUS - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft August 2006 Patches: STATUS
# Known Problems with this patch
Known Exploits
client rating server rating
MS06-040 Issue with:
  • Huge memory allocations on Windows 2003 server SP1 (32bit).
  • Microsoft Business Solutions?Navision 3.70 on above platform.
  • Websense Manager when using terminal services
Fix:
  • Hotfix available by calling Microsoft.
More information:
Botnets actively exploiting this in  the WILD

Exploit available in easy to use package

read more...
PATCH NOW
PATCH NOW
MS06-041 No reported problems

Critical Critical
MS06-042 Issue:
  • MSIE6SP1 crashes while using multiple application such as Peoplesoft, Siebel, and websites using HTTP 1.1 and compression such as the register on W2000 SP4 and XP SP1.
  • CA Unicenter Service Desk seems to cause MSIE to crash
  • Roll-up patch so it has all older issues as well.
Workaround:
  • Workaround to disable HTTP/1.1
  • Use alternate browser (for problem sites)
Fix:
  • Upgrade to MSIE 6 SP2
  • Fix will be published by Microsoft on August 22nd, 2006
  • Hotfix available by calling Microsoft
More Information:
Well known vulnerability since 2004
PATCH NOW
Important
MS06-043 No reported problems
Important Less urgent
MS06-044 No reported problems
Critical Critical
MS06-045 No confirmed problems
Critical Less urgent
MS06-046 No reported problems
Critical Important
MS06-047 No reported problems Trojan dropper reported in word document by Symantec, Trendmicro(1) and Trendmicro(2).  The dropper loads a backdoor: Trendmicro, Symantec
Critical Less urgent
MS06-048 No reported problems
Critical Less urgent
MS06-049 No reported problems
Important
Less urgent
MS06-050 No reported problems
Critical Important
MS06-051 No reported problems
Critical Critical

We will update issues on this page as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!