In the update released on Monday, the vulnerable software packages identified by SANS as being highly targeted and highly vulnerable -- if unpatched -- include the following:

1. Microsoft Internet Explorer.

2. Microsoft Windows Media Player, Microsoft Windows Messenger and MSN Messenger.

3. Microsoft Windows XP Service Pack 1 and 2, Microsoft Windows 2000 Service Pack 3 and 4, and Microsoft Windows Server 2003.

4. Microsoft Windows Server 2003, Windows 2000 Server Service Pack 3 and 4. Windows NT Server 4.0 Service Pack 6a, and NT Terminal Server Edition Service Pack 6.

5. Windows NT and Windows 2000 (SP2 or earlier) Domain Name Service servers; Symantec Gateway Security, Enterprise Firewall and VelociRaptor Products.

6. Antivirus Products from Symantec, F-Secure, TrendMicro and McAfee.

7. Oracle (Nasdaq: ORCL - news) Database Server, Oracle Application Server, Oracle E-business Suite and Oracle Collaboration Suite.

8. Computer Associates (NYSE: CA - news) products running License Manager.

9. RealPlayer, iTunes and WinAmp media players.

SANS lists instructions for correcting the vulnerabilities on its site.