It’s Microsoft’s monthly patch tuesday. They’ve released 10 bulletins instead of what was previously anounced by their advance notification which was suppose to be 11. Below is a list of today’s releases.

MS06-057
Vulnerability in Windows Shell Could Allow Remote Code Execution
Description: This update resolves a vulnerability in Windows that could allow remote code execution.
Severity Rating: Critical
http://www.microsoft.com/technet/security/bulletin/ms06-057.mspx

MS06-058
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution
Description: This update resolves vulnerabilities in PowerPoint that could allow remote code execution.
Severity Rating:Critical
http://www.microsoft.com/technet/security/bulletin/ms06-058.mspx

MS06-059
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
Description: This update resolves vulnerabilities in Excel that could allow remote code execution.
Severity Rating: Critical
http://www.microsoft.com/technet/security/bulletin/ms06-059.mspx

MS06-060
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
Description: This update resolves several vulnerabilities in Microsoft Word, the most critical of which could allow remote code execution.
Severity Rating:Critical
http://www.microsoft.com/technet/security/bulletin/ms06-060.mspx

MS06-061
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
Description: This update resolves vulnerabilities in Windows that could allow remote code execution.
Severity Rating: Critical
http://www.microsoft.com/technet/security/bulletin/ms06-061.mspx

MS06-062
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
Description: This update resolves vulnerabilities in Office that could allow remote code execution.
Severity Rating: Critical
http://www.microsoft.com/technet/security/bulletin/ms06-062.mspx

MS06-063
Vulnerability in Server Service Could Allow Denial of Service
Description: This update resolves several vulnerabilities in the Server service that could allow remote code execution
Severity Rating: Important
http://www.microsoft.com/technet/security/bulletin/ms06-063.mspx

MS06-056
Vulnerability in ASP.NET Could Allow Information Disclosure
Description: This update resolves a vulnerability in ASP.NET that could allow information disclosure.
Severity Rating: Moderate
http://www.microsoft.com/technet/security/bulletin/ms06-056.mspx

MS06-065
Vulnerability In Windows Object Packager Could Allow Remote Code Execution
Description: This update resolves a vulnerability in Object Packager that could allow remote code execution.
Severity Rating: Moderate
http://www.microsoft.com/technet/security/bulletin/ms06-065.mspx

MS06-064
Vulnerabilities in TCP/IP Could Allow Denial of Service
Description: This update resolves several vulnerabilities in Windows, the most critical of which could allow denial of service.
Severity Rating: Low
http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx

It’s been a while since we received and encountered malwares being spammed via email. Usually during the previous weeks, we were busy with the IM worms and 0day exploits, but now we received a trojan downloader being spammed through email. Here is a sample email from being spammed.

Trend will be detecting this downloader as TROJ_SMALL.DFY.

We also received other samples that are to be detected as BKDR_HAXDOOR.AUand TSPY_GAMANIA.CQ, and also another downloader detected as TROJ_DLOADER.EQO and the downloaded component as TSPY_GOLDUN.GQ.

Users should always be cautious in handling unsolicited emails as they are means for malwares to enter your computer system. Be aware of social engineering techniques used in these malicious emails leading for the the attached binary file to be executed or a hyperlink found in the body of the emails to be clicked by the user. Lastly, keep your pattern files updated to be protected from new malwares found “in-the-wild”.