They released lots of security patches to help make your computer all nice and "secure" (at least until next month). Only big ones noted. First on the list is MS06-007, also known as TCP/IP DOS vulnerability. It's IGMP based, and the Windows firewall will block unicast attacks. Sounds great, except IGMP relates to multicasting, so it's vulnerable to multicast attacks, and the Windows firewall won't stop those. So basically you can attack the entire network easier than you can attack a single machine. Fun.
Second fun one is that the WebDAV client is remotely exploitable. One wonders why a client is accessible remotely over SMB ports, but it's not too surprising.
Third is not only is PowerPoint bad for you, but now it's also bad for your data security (at least viewing it embedded in web sites is). This one's sorta cheating because it's IE only.
There were more, but of course they're IE and Windows Media Player related. I say those don't count anymore since they seem to get major patches almost every cycle - if you're still using them you're just asking for trouble.
Copyright ©2000-2008 Jeremy Mooney (jeremy-at-qux-dot-net)
