Culture

Microsoft fixes only three flaws for Patch Tuesday

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

Sept. 12, 2006 11:19 a.m. PT

Microsoft has released its September 2006 security bulletin, which includes only three updates: One is listed as critical, one as important, and one as moderate. The critical update this month is specific to Microsoft Office Publisher. Missing is a patch for the recently announced vulnerablity in Microsoft Office Word 2000. Users of Windows 98 and Windows Me will notice that Microsoft no longer offers technical support for these two operating systems. To keep your Windows 98 and Me systems secure, see our roundup of compatible third-party security applications. All Microsoft security patches for Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.

MS06-052: Important
Entitled "Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007)," this bulletin affects users of Windows 2000 SP4, Windows XP x64, and Windows Server 2003 (SP1, SP2, and x64 editions). Successful exploitation could lead to remote code execution.

MS06-053: Moderate
Entitled "Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)," this bulltin affects users of Windows 2000, Windows XP (SP1, SP2, and x64 editions), and Windows Server 2003 (SP1, SP2, and x64 editions). Successful exploitation could lead to private information disclosure.

MS06-053: Critical
Entitled "Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)," this bulletin affects users of Microsoft Office 2000, Office 2002, and Office 2003. Successful exploitation could lead to remote code execution.