Microsoft patches 11 critical vulnerabilities, one worm candidate
Thursday November 16, 2006 at 7:17 am CST
Posted by Monty Ijzerman
This month, Microsoft has patched 13 vulnerabilities. Among them is one that can be used to create a worm targeting Windows 2000 systems. The MS06-070 Workstation Service vulnerability can be remotely exploited without user interaction. On Windows 2000, no authentication is needed when sending traffic to this service. Details on this vulnerability have been published.
The vulnerabilities in Internet Explorer DirectAnimation.PathControl AxtiveX object and in XML Core Service, both exploited in the wild, have been addressed in this month’s patch cycle.
The update of our graphs of last month is found below. The graphs show that Microsoft is continuing the trend of patching a large number of critical vulnerabilities each month.
November 16th, 2006 at 12:06 pm
[…] Trackback […]
December 12th, 2006 at 5:51 pm
[…] The update of our graphs of last month is found below. The top graph shows that Microsoft almost hit one hundred critical vulnerabilities for 2006. The year is not over and Microsoft may provide out-of-cycle patches for the current 0-Day Word vulnerabilities. […]