Microsoft fills holes in big April security fix

By Simon Aughton and Matt Whipp

Posted on 12 Apr 2006 at 11:11

An unspecified error can be exploited to spoof information displayed in the address bar and other parts of the trust UI.

Some unspecified vulnerabilities exist in the two ActiveX controls included with Danim.dll and Dxtmsft.dll.

Security Bulletin MS06-014 details the critical Microsoft Data Access Components RDS.Dataspace ActiveX Vulnerability.

The vulnerability is caused due to an unspecified error in the behaviour of the RDS.Dataspace ActiveX control as it fails to ensure that it interacts safely with a website and can be exploited by malicious people to compromise a vulnerable system.

Security Bulletin MS06-016 concerns an important vulnerability in Outlook Express versions 5.5 and 6.

The vulnerability is caused due to a boundary error when parsing Windows Address Book (.wab) files. This can be exploited to cause a buffer overflow if a user is tricked into opening a specially crafted .wab file and can be exploited by malicious people to compromise a user's system.

Security Bulletin MS06-015 details a critical vulnerability in Windows Explorer.

The vulnerability is caused due to an error in Windows Explorer when handling of COM objects. This can be exploited to execute arbitrary code by tricking a user into connecting to a malicious file server. Successful exploitation requires that a netbios/CIFS connections can be established.

Finally, Security Bulletin MS06-017 reports a moderate vulnerability in FrontPage Server Extensions. Unspecified input is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.

Patches for all the vulnerabilities are available from www.microsoft.com/security.

Microsoft has also released an update for its Malicious Software Removal Tool.