Security Hero Rotating Header Image

November, 2006:

Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution – 11/14/2006

Microsoft Security Advisory (927892): Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution – 11/14/2006

Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS06-071 to address this issue. For more information about this issue, including download links for an available security update, please review MS06-071.

URL: http://www.microsoft.com/technet/security/advisory/927892.mspx

Vulnerability in the Microsoft DirectAnimation Path ActiveX Control Could Allow Remote Code Execution – 11/14/2006

Microsoft Security Advisory (925444): Vulnerability in the Microsoft DirectAnimation Path ActiveX Control Could Allow Remote Code Execution – 11/14/2006

Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS06-067 to address this issue. For more information about this issue, including download links for an available security update, please review MS06-067. The vulnerability addressed is the DirectAnimation Path ActiveX Vulnerability – CVE-2006-4777.

URL: http://www.microsoft.com/technet/security/advisory/925444.mspx

APSB06-11 Flash Player Update to Address Security Vulnerabilities – 11/14/2006

Microsoft Security Advisory (925143): Adobe Security Bulletin: APSB06-11 Flash Player Update to Address Security Vulnerabilities – 11/14/2006

Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation of security vulnerabilities in Macromedia Flash Player from Adobe, a third party software application that also was redistributed with Windows XP Service Pack 2 and Windows XP Professional x64 Edition. We have issued MS06-069 to address these issues. For more information about these issues, including download links for an available security update, please review MS06-069. This bulletin is for customers using Macromedia Flash Player version 6 from Adobe. The vulnerabilities addressed are the Macromedia Flash Player Vulnerabilities íV CVE-2006-3014, CVE-2006-3311, CVE-2006-3587, CVE-2006-3588, and CVE-2006-4640. Customers that have followed the guidance in Adobe Security Bulletin APSB06-11, issued September 12, 2006, are not at risk from these vulnerabilities.

URL: http://www.microsoft.com/technet/security/advisory/925143.mspx

Dutch Ministry of Transport, Public Works & Water Selects Infoblox Network Appliances

Dutch Ministry of Transport, Public Works & Water Selects Infoblox Network Appliances

Infoblox Inc., a developer of essential infrastructure for identity-driven networks (IDNs), today announced that the Dutch Ministry of Transport, Public Works & Water has selected and deployed Infoblox network appliances to improve the reliability and reduce the management complexity of its network identity infrastructure.

URL: http://feedproxy.google.com/~r/InfobloxNewsFeed/~3/95KWa-ZzRKQ/release.cfm

Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability

Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability

This Cisco Security Notice is being released in response to the Cisco VPN Concentrator Group Name Enumeration Vulnerability advisory published on June 20, 2005 by NTA Monitor at http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Concentrator/index.htm.

URL: http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_security_notice09186a00804a7912.html