I just received this:
January 5, 2006,
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
http://www.microsoft.com/technet/security/Bulletin/ms06-Jan.mspx
Critical Bulletins:
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
http://www.microsoft.com/technet/security/Bulletin/ms06-001.mspx
This special bulletin is outside of our scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-233
. International customers should contact their local subsidiary.
Updated: January 5, 2005
Important Information for Thursday 5 January 2006
Microsoft announced that it would release a security update to help protect customers from exploitations of a vulnerability in the Windows Meta File (WMF) area of code in the Windows operating system on Tuesday, January 2, 2006, in response to malicious and criminal attacks on computer users that were discovered last week.
Microsoft will release the update today on Thursday, January 5, 2006, earlier than planned.
Microsoft originally planned to release the update on Tuesday, January 10, 2006 as part of its regular monthly release of security bulletins, once testing for quality and application compatibility was complete. However, testing has been completed earlier than anticipated and the update is ready for release.
In addition, Microsoft is releasing the update early in response to strong customer sentiment that the release should be made available as soon as possible.
Microsoft?s monitoring of attack data continues to indicate that the attacks are limited and are being mitigated both by Microsoft?s efforts to shut down malicious Web sites and with up-to-date signatures form anti-virus companies.
The security update will be available at 2:00 pm PT as MS06-001.
Enterprise customers who are using Windows Server Update Services will receive the update automatically. In additional the update is supported Microsoft Baseline Security Analyzer 2.0, Systems Management Server, and Software Update Services. Enterprise customers can also manually download the update from the Download Center.
more here
http://www.microsoft.com/technet/security/bulletin/advance.mspx
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic