National Cyber Alert System

                   Cyber Security Alert SA06-010A


Microsoft Windows, Outlook, and Exchange Vulnerabilities

   Original release date: January 10, 2006
   Last revised: --
   Source: US-CERT

Systems Affected

     * Microsoft Windows
     * Microsoft Outlook
     * Microsoft Exchange

Overview

     Microsoft has released updates that address critical
     vulnerabilities in Windows, Outlook, and Exchange.


Solution

Apply Updates

     Microsoft has provided updates to remedy these vulnerabilities. To
     obtain the updates, visit the Microsoft Update web site. US-CERT
     also recommends enabling Automatic Updates.

Description

     Microsoft Security Bulletins for January 2006 address
     vulnerabilities in Microsoft Windows, Outlook, and Exchange. These
     vulnerabilities may allow an attacker to take control of your
     computer or cause it to crash. For more technical information, see
     US-CERT Technical Cyber Security Alert TA06-010A.


References

     * US-CERT Technical Cyber Security Alert TA06-010A.html -
       <http://www.us-cert.gov/cas/techalerts/TA06-010A.html>

     * US-CERT Vulnerability Note VU#915930 -
       <http://www.kb.cert.org/vuls/id/915930>

     * US-CERT Vulnerability Note VU#252146 -
       <http://www.kb.cert.org/vuls/id/252146>

     * Microsoft Security Bulletin Summary for January 2006 -
       <http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx>

     * Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

     * Security Essentials -
       http://www.microsoft.com/athome/security/protect/default.aspx

____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA06-010A.html>
____________________________________________________________________

   Feedback can be directed to US-CERT. Please send email to
   <cert@cert.org> with "SA06-010A Feedback VU#915930" in the subject.
____________________________________________________________________

   Mailing list information:  <http://www.us-cert.gov/cas/>
____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:  http://www.us-cert.gov/legal.html
____________________________________________________________________

Revision History

   January 10, 2006: Initial release