lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 26 Sep 2006 22:44:48 +0300 (EEST)
From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: Windows VML security update MS06-055 released

Security update for Windows Vector Markup Language (VML) vulnerability has been released.

Fix is available via Microsoft Update or downloadable with links included to MS06-055:
http://www.microsoft.com/technet/security/bulletin/ms06-055.mspx

Fix information has been added to Windows VML Vulnerability FAQ (CVE-2006-4868)
http://blogs.securiteam.com/?p=640

and details will be added shortly.

It appears that the timestamp of updated Vgx.dll library is 18th September, 2006.

>>From the Security Update Information / File Information section of new MS bulletin:

Windows XP Service Pack 2 (all versions) and Windows XP Professional x64
Vgx.dll - 6.0.2900.2997 - 18-Sep-2006 - 14:28 (UTC) - 851,968

It is exactly the same day when Sunbelt reported that they were informed Microsoft security people:
http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html

- Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ