HelpWithWindows Newsletter Volume 9, Number 19
October 7, 2006

In this issue:

Microsoft Issues New Security Patch, Fights 'Zero-Day' exploits

by Arie Slob

Hello Windows users,

On the 26th September Microsoft issued a patch for a very serious security issue that affects Internet Explorer 5 & 6. For details please see Microsoft's security Bulletin MS06-055.

The patch fixes a critical vulnerability in the way Internet Explorer (and some versions of Outlook) renders VML (Vector Markup Language) graphics.

According to Verisign's iDefense Rapid Response Team there are already over 3,000 Web sites infecting users with malware that exploited the VML bug. By persuading a user to access a specially crafted HTML document, a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user or cause a denial of service condition in Internet Explorer.

On the 5th October Microsoft updated the MS06-055 security bulletin to include Microsoft Windows 2000 Service Pack 4 as being affected.

Microsoft is also currently investigating another vulnerability for which exploit code already exists. This time the vulnerability is in Windows Shell that - when exploited - could allow remote code execution. Microsoft have issued a Security Advisory 926043 in which they state that they are currently working on a security patch which is scheduled to be released October 10th as part of the 'normal' monthly patch cycle.

But that's not all… Microsoft is also investigating public reports of limited 'zero-day' attacks using a vulnerability in Microsoft PowerPoint 2000/2002/2003, as well as Microsoft PowerPoint 2004 and v. X for Mac.

A 'zero-day' attack is an exploit that is being released before or on the same day that the vulnerability becomes public knowledge.

You can read more about PowerPoint vulnerability in Microsoft Security Advisory 925984.

Windows XP SP1: No Longer Supported

Next Tuesday, October 10, 2006 marks the end of the road for Windows XP Servica Pack 1 (SP1). After this date, customers still running on SP1 will find themselves stranded without any further security updates.

If you still have not installed SP2 (which was released September 17, 2004), you might want to considder doing so.

Recent Support BBS Postings


Recommended Web sites

Each month we will feature a few Web sites here, ones which sent us the most visitors to our Web site in the previous month. We would encourage you to visit these popular Web sites yourself!

Here are some sites in the Top 15 for September 2006:

The Top 15 sites are listed on our Web site.


Back Issues, unsubscribing etc.

HelpWithWindows Newsletter Current Issue

This Newsletter is also available on-line. You can view previous issues in the on-line archive.


Windows Desktop Search: Add-in for UNC/FAT

By downloading this Add-in, you will have the ability to search your shared network directories and FAT drive(s) via selection in your Windows Desktop Search Advanced Options.

Supported OS: Windows Server 2003; Windows XP SP2

Recommend This Newsletter!

Do you enjoy reading this Newsletter? Why not tell your friend(s) about it?

Recommend this Newsletter!

Flight Simulator X Trial Version

The Flight Simulator X trial version includes two airports, three missions, and three different aircraft. All of the missions take place at St. Maarten in the Caribbean.

System Requirements

  • Supported OS: Windows Vista; Windows XP
  • Processor: 1 Ghz or higher
  • Ram: 256 MB of system RAM for Windows XP SP2 / 512 MB Vista
  • Video Card: 32 MB DirectX 9 compatible video card required

Latest Microsoft & Windows News from around the Internet

Browsing the Web and Reading E-mail Safely as an Administrator

Microsoft Security Engineer Michael Howard discusses how you can run as an administrator and access Internet data safely by dropping unnecessary administrative privileges when using any tool to access the Internet.

Read Full Article

Tell a friend about this Newsletter!

Need Help with Windows? Ask your questions here!

FREE Software!

Our Web Sites

Rose City Software

Copyright(c) 1998-2006, HelpWithWindows.com. All rights reserved.
HelpWithWindows is a division of InfiniSource, Inc.