X

Three critical Microsoft security patches released

Three critical Microsoft security patches released

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
See full bio
Robert Vamosi
2 min read
Microsoft has released its April 2006 security bulletin, which includes five updates: three critical, one important, and one moderate. All versions of Windows are affected by the vulnerabilities addressed in the three critical bulletins. This monthly update covers Windows updates, but two of the updates are specific to Microsoft Office, neither considered by Microsoft to be critical. All of the patches are available via Microsoft Update or via the individual bulletins detailed below. Also see Critical megapatch sews up 10 holes in IE on News.com for more infromation.

MS06-013: Critical

Entitled "Cumulative Security Update for Internet Explorer," this security bulletin addresses 10 of the most recent high-profile vulnerabilities affecting the browser, including the CreateTextRange flaw, which is known to have been exploited and used against unpatched systems.

MS06-014: Critical

Entitled "Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution," this security bulletin addresses vulnerabilities in this ActiveX control, and it affects all versions of Windows.

MS06-015: Critical

Entitled "Vulnerability in Windows Explorer Could Allow Remote Code Execution," this security bulletin addresses a vulnerability that could allow a remote attacker to take control of your PC through this popular file manager. The vulnerability affects all versions of Windows.

MS06-016: Important

Entitled "Cumulative Security Update for Outlook Express," this security bulletin addresses the way this e-mail client handles Windows Address Book files.

MS06-017: Moderate

Entitled "Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting," this security bulletin addresses a cross-site scripting flaw in FrontPage Web site building software and SharePoint collaboration software and affects only Microsoft FrontPage Server Extensions running on Server 2003, Windows 2000, and Windows XP. Microsoft FrontPage 2002 itself is not affected.


Mobile Guides

Phones
Foldable Phones
Headphones
Mobile Accessories
Smartwatches
Wireless Plans