Microsoft has published six security bulletins with five rated critical. Affected products are Windows, Internet Explorer, XML Core Services, Flash Player, Netware client services, Microsoft Agent, Workstation service. These bulletins provide patches for thirteen vulnerabilities.

MS06-066: Netware Client Service Buffer Overflow (Ref. Lexsi 7743)
MS06-067: Internet Explorer DirectAnimation and HTML Rendering Vulnerability (Ref. Lexsi 7742, 7507, 7431)
MS06-068: Microsoft Agent (Ref. Lexsi 7745),
MS06-069: Adobe Flash Player (Ref. Lexsi 7494, 7493, 7214, 7140),
MS06-070: Workstation service (Ref. Lexsi 7744),
MS06-071: MSXML Core Services (Ref. Lexsi 7688).

The Internet Explorer remote code execution Vulnerabilty (MS06-067) and the XML Core services vulnerability (MS06-071) should be patched immediately on clients.

According to the Microsoft msrc Blog, Microsoft has extended the lifetime of SUS till Tuesday July 10th, 2007. So those of you not having completed deploying WSUS to replace their SUS have a few more months time. Moreover, you can notice in these Microsoft bulletins that Windows XP SP1 is now not supported anymore. Now you have to upgrade to SP2 absolutely, although everyone did it since a long time.

For CSI subscribers, you can consult our alert which will be published soon / Pour les abonnés CSI, vous pouvez retrouver notre alerte détaillée qui va être disponible bientôt.