In the update released on Monday, the vulnerable software packages identified by SANS as being highly targeted and highly vulnerable -- if unpatched -- include the following:
1. Microsoft Internet Explorer.
2. Microsoft Windows Media Player, Microsoft Windows Messenger and MSN Messenger.
3. Microsoft Windows XP Service Pack 1 and 2, Microsoft Windows 2000 Service Pack 3 and 4, and Microsoft Windows Server 2003.
4. Microsoft Windows Server 2003, Windows 2000 Server Service Pack 3 and 4. Windows NT Server 4.0 Service Pack 6a, and NT Terminal Server Edition Service Pack 6.
5. Windows NT and Windows 2000 (SP2 or earlier) Domain Name Service servers; Symantec Gateway Security, Enterprise Firewall and VelociRaptor Products.
6. Antivirus Products from Symantec, F-Secure, TrendMicro and McAfee.
7. Oracle (Nasdaq: ORCL - news) Database Server, Oracle Application Server, Oracle E-business Suite and Oracle Collaboration Suite.
8. Computer Associates (NYSE: CA - news) products running License Manager.
9. RealPlayer, iTunes and WinAmp media players.
SANS lists instructions for correcting the vulnerabilities on its site.