Summary:  On November 3 2006 Microsoft released security advisory 927892.  This advisory addresses a vulnerability in Microsoft Core XML Services that could allow a remote attacker to gain control of a vulnerable system.  The most probable vector of exploitation is the viewing of a specifically-crafted website.  At the time of this writing (9:30 AM 11/6/06) several Internet Security-Related agencies are reporting the existence and public release of proof-of-concept code to exploit this vulnerability.  No patch has yet been made available by Microsoft to definitively fix the issue.  Security Advisory 927892 does offer some advice on best practices to minimize the risk of exploit and also some technical workarounds.

Recommended Actions:  Persons who manage, maintain or use systems that run MSXML are encouraged to read Security advisory 927892 (and the other associated information; links are provided below) to obtain a better understanding of the vulnerability and the risks/benefits of the vendor-suggested workaround options.

ITS Actions:  At this time, ITS is taking no specific additional actions to address this software vulnerability.  An update will be issued if the situation changes.

Resources:

Microsoft Security Advisory 927892:
http://www.microsoft.com/technet/security/advisory/927892.mspx

SANS Article on the vulnerability:
http://isc.sans.org/diary.php?storyid=1823

FrSirt advisory:
http://www.frsirt.com/english/advisories/2006/4334

Secunia Advisory:
http://secunia.com/advisories/22687/

US-CERT Advisory:
http://www.kb.cert.org/vuls/id/585137