Microsoft will release two security bulletins on March 14. One affects Microsoft Office and carries a security rating of critical. The other bulletin affects Windows and carries a security rating of important.
The company updated four previous security bulletins this week.
MS06-009 was updated to clarify what is required for a successful attack, and to clarify that Remote Web Workplace uses port 4125 for RDP connections after a user has been successfully authenticated. This port should not be exposed to the Internet.
MS06-005 was to explain that people may experience issues when they try to seek, fast rewind, or fast forward in Windows Media Player 10.
MS05-054 was revised to add acknowledgment for Berend-Jan Wever who worked with Microsoft on the "Mismatched Document Object Model Objects Memory Corruption vulnerability."
MS05-013 was revised due to new issues discovered with the Dhtmled.ocx ActiveX control, which doesn't work as expected after a program changes the Visible property of the control. See Knowledge Base article 906216 for details.