Windows VML security update MS06-055 released

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Windows VML security update MS06-055 released
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Tue, 26 Sep 2006 22:44:48 +0300 (EEST)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Security update for Windows Vector Markup Language (VML) vulnerability has been 
released.

Fix is available via Microsoft Update or downloadable with links included to 
MS06-055:
http://www.microsoft.com/technet/security/bulletin/ms06-055.mspx

Fix information has been added to Windows VML Vulnerability FAQ (CVE-2006-4868)
http://blogs.securiteam.com/?p=640

and details will be added shortly.

It appears that the timestamp of updated Vgx.dll library is 18th September, 
2006.

From the Security Update Information / File Information section of new MS 
bulletin:


Windows XP Service Pack 2 (all versions) and Windows XP Professional x64
Vgx.dll - 6.0.2900.2997 - 18-Sep-2006 - 14:28 (UTC) - 851,968

It is exactly the same day when Sunbelt reported that they were informed 
Microsoft security people:
http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html

- Juha-Matti

Prev by Date: Re: Re: Apple Remote Desktop root vulneravility
Next by Date: ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities
Previous by thread: rPSA-2006-0173-1 openoffice.org
Next by thread: RE: Windows VML security update MS06-055 released
Index(es):
- Date
- Thread