copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

AU-2006.0023 -- AusCERT Update - [Win] - Re-release of software update for MS06-025

Date: 28 June 2006
References: AL-2006.0044  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

AusCERT Update AU-2006.0023 - [Win]
Re-release of software update for MS06-025
28 June 2006

        AusCERT Update Summary
        ----------------------

Publisher:            Microsoft
Operating System:     Windows Server 2003 SP1 and prior
                      Windows XP SP2 and prior
                      Windows 2000 SP4 and prior
CVE Names:            CVE-2006-2370 CVE-2006-2371

Ref:                  AL-2006.0044

Original Bulletin:    
  http://support.microsoft.com/kb/911280
  http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx

Comment: The original security update fixing MS06-025 caused
         incompatibility with certain dial-up networking configurations
         and serial device scripts.
         This re-released security update fixes these compatibility issues.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

********************************************************************
Title: Microsoft Security Bulletin Re-Release
Issued: June 27, 2006
********************************************************************

Summary
=======
The following bulletin has undergone a major revision increment. 
Please see the appropriate bulletin for more details.

  * MS06-025

 
Bulletin Information:
=====================

* MS06-025

  - http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx
  - Reason for Revision: Microsoft updated this bulletin and the
    associated security updates to address the issues affecting 
    customers identified in Microsoft Knowledge Base Article 911280. 
  - Originally posted: June 13, 2006
  - Updated: June 27, 2006
  - Bulletin Severity Rating: Critical
  - Version: 2.0
   
********************************************************************

Support:
========
Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Microsoft Support Lifecycle for Business and Developer Software
===============================================================
The Microsoft Support Lifecycle policy provides consistent and 
predictable guidelines for product support availability at the 
time that the product is released. Under this policy, Microsoft 
will offer a minimum of ten years of support. This includes five 
years of Mainstream Support and five years of Extended Support for 
Business and Developer products. Microsoft will continue to provide 
security update support, at a supported Service Pack level, for a 
minimum of ten years through the Extended support phase. For more 
information about the Microsoft Support Lifecycle, visit 
http://support.microsoft.com/lifecycle/ or contact your Technical 
Account Manager.


Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
  valuable information to help you protect your network. This
  newsletter provides practical security tips, topical security
  guidance, useful resources and links, pointers to helpful
  community resources, and a forum for you to provide feedback
  and ask security-related questions.
  You can sign up for the newsletter at:

  http://www.microsoft.com/technet/security/secnews/default.mspx

* Microsoft has created a free e-mail notification service that
  serves as a supplement to the Security Notification Service
  (this e-mail). The Microsoft Security Notification Service: 
  Comprehensive Version. It provides timely notification of any 
  minor changes or revisions to previously released Microsoft 
  Security Bulletins and Security Advisories. This new service 
  provides notifications that are written for IT professionals and 
  contain technical information about the revisions to security 
  bulletins. To register visit the following Web site:

  http://www.microsoft.com/technet/security/bulletin/notify.mspx

* Protect your PC: Microsoft has provided information on how you
  can help protect your PC at the following locations:

  http://www.microsoft.com/security/protect/

  If you receive an e-mail that claims to be distributing a
  Microsoft security update, it is a hoax that may be distributing a
  virus. Microsoft does not distribute security updates through
  e-mail. You can learn more about Microsoft's software distribution
  policies here:
  
http://www.microsoft.com/technet/security/topics/policy/swdist.mspx

********************************************************************
THE INFORMATION PROVIDED IN THE THIS EMAIL IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBRKF08xCvwTv3q93mAQJylBAAm5Hi1LVY7Sj/WF/wkv8knYepBOWEN9F7
Y/nN7aTlVY89NM4V/OYtrrhfYmrNYqMrJ+yg8luJOMxM+hbY4dV4mMrn8X7y+j4Y
nJynprlwbRVlTL6jp9ZRVj6JgTXpPviTT4ACeewi3sXcQ8rSvsNJbBCM3Y0jQD5m
J0Hv0CEZhilGHV//RTPcuSj1du61WLqvNbxrEaoupEb+n2jaig/iSWXtPP1r2UZf
3knjBcpzKm6rQTeQeZz+/A7ypELLZjBeo6XxJoNyVId7Eoi5/KFUA/h3j4qP2DGi
bNZhVG2RnQdnK9/YBOxaGJq+oUIMUV6loFOsD1Y0nL3OLOTmPb6IhxzM4OJVRVpb
PYVirPmijeqh7GIMs9+31G5h1FrLvrdHuWUGL65mcuMS86QlMaHDIyyyHkOS34kL
jplE2I+TjTAmC+8cMLClZYsbUeISUwS5cDgj7abuiCiZx5VgsLlhz0WpwkeoK8zT
KXAz+JjN7O3FNW0Fn4JqqYBf1JRjHCqkSRyWCoKLUGHZZuPtkfz7BkQt2ljKSGkN
zhpKvz9t/ZhzDXcIWLYmjw2YgruSm+ATCnZy+NaV6DIXz8L1qvT8DhrNfxiRITVz
LkdvWIew9Khym5/BVYiTmJ6TkbW5PbsRSJELQxZ1QfNUPgboDxMfynZ0eYfj721j
NtdMs7PfVco=
=qgdB
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRKHdsyh9+71yA2DNAQKx0wP5AbuZdws3J6QHlxCLaDMrKDrn/l+6YdWx
zJx2yh+teG9j+oEhipc4XuBjZMrRc00W9i1GYZJn/fWTl8uwl66hxC52ajEaA2C9
X1Q9Wl0nz0HrAUl0M+oNRI6WWk6W6qBK3TmDyLoe/YNpi37aoRnNygqAa9kJxSYk
uM3eYKtXtMY=
=DUL9
-----END PGP SIGNATURE-----