I can’t explain why I clicked on the US-CERT Technical Advisory Alert that landed in my box an hour ago. But I did. And lo and behold, the vulnerabilities extend to Microsoft’s Mac products:
Microsoft Updates for Multiple Vulnerabilities
Original release date: December 12, 2006
Last revised: —
Source: US-CERTSystems Affected
* Microsoft Windows
* Microsoft Visual Studio
* Microsoft Outlook Express
* Microsoft Media Player
* Microsoft Internet Explorer
* Microsoft Office 2004 for Mac
* Microsoft Office v. X for Mac
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Visual Studio, Microsoft Outlook Express, Microsoft Media Player, and Microsoft Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
The Mac OSX vulnerabilities include Office v. X, Microsoft Word X for Mac, Microsoft Excel X for Mac, Microsoft PowerPoint X for
Mac, Microsoft Entourage X for Mac. Those still using Office2004 applications are also at risk: Office 2004 Standard Edition, Office 2004 Student
and Teacher Edition, Office 2004 Professional Edition, Word 2004, Excel
2004, PowerPoint 2004, Entourage 2004.
CERT References:
* US-CERT Vulnerability Notes for Microsoft December 2006 updates –
<http://www.kb.cert.org/vuls/byid?searchview&query=ms06-dec>
* Microsoft Security Bulletin Summary for December 2006 –
<http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx>
* Microsoft Update – <https://update.microsoft.com/microsoftupdate/>
* Windows Server Update Services –
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>
* Microsoft Office 2004 for Mac 11.3.1 Update –
<http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/office2004/Office2004_11.3.1.xml>
* Microsoft Office v. X for Mac Security Update (2006-12-12) –
<http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/officex/OfficeX_12_12_2006.xml>