¡Hola everyone!, Ben Richeson here. I just want to take a quick moment here to introduce myself as one of the newest members to the MSRC as well as to post (my first blog entry!) about an update to MS06-061.
Today, MS06-061 has been re-released to re-offer a revised version of the security update to customers with Windows 2000 Service Pack 4 only. While the original version of MS06-061 for Windows 2000 did fully protect against the vulnerabilities discussed in the bulletin, it did not correctly set the kill bit for Microsoft XML Parser 2.6. The revised version we released today protects against all the vulnerabilities discussed in MS06-061 and correctly sets the kill bit for Microsoft XML Parser 2.6. We are recommending all Windows 2000 customers go ahead and deploy this revised version. All other customers need take no action with this re-release.
Also, additional information has been included in the security bulletin for customers wishing to remove the security update for Microsoft XML Core Services 4.0 and Microsoft XML Core Services 6.0.
*This posting is provided “AS IS” with no warranties, and confers no rights.*