Windows Server

Jerry Bryant [MSFT] · Guest

Follow up set to microsoft.public.security

February 8, 2005
Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are
authoritative in all matters concerning Microsoft Security Bulletins! ANY
e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the
individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft
security notices, it is recommended that you physically type the URLs into
your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://www.microsoft.com/technet/security/Bulletin/ms05-feb.mspx

Critical Bulletins:

Vulnerability in Microsoft Office XP could allow Remote Code Execution
(873352)
http://www.microsoft.com/technet/security/Bulletin/ms05-005.mspx

Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)
http://www.microsoft.com/technet/security/Bulletin/ms05-009.mspx

Vulnerability in the License Logging Service Could Allow Code Execution
(885834)
http://www.microsoft.com/technet/security/Bulletin/ms05-010.mspx

Vulnerability in Server Message Block Could Allow Remote Code Execution
(885250)
http://www.microsoft.com/technet/security/Bulletin/ms05-011.mspx

Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)
http://www.microsoft.com/technet/security/Bulletin/ms05-012.mspx

Vulnerability in the DHTML Editing Component ActiveX Control Could Allow
Remote Code Execution (891781)
http://www.microsoft.com/technet/security/Bulletin/ms05-013.mspx

Cumulative Security Update for Internet Explorer (867282)
http://www.microsoft.com/technet/security/Bulletin/ms05-014.mspx

Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution
(888113)
http://www.microsoft.com/technet/security/Bulletin/ms05-015.mspx

Important Bulletins:

ASP.NET Path Validation Vulnerability (887219)
http://www.microsoft.com/technet/security/Bulletin/ms05-004.mspx

Vulnerability in Windows Could Allow Information Disclosure (888302)
http://www.microsoft.com/technet/security/Bulletin/ms05-007.mspx

Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)
http://www.microsoft.com/technet/security/Bulletin/ms05-008.mspx

Moderate Bulletins:

Vulnerability in Windows SharePoint Services and SharePoint Team Services
Could Allow Cross-Site Scripting and Spoofing Attacks (887981)
http://www.microsoft.com/technet/security/Bulletin/ms05-006.mspx

Re-released Bulletins:

Vulnerability in SMTP Could Allow Remote Code Execution (885881)
http://www.microsoft.com/technet/security/Bulletin/ms04-035.mspx

Security bulletin summary for October 2004
http://www.microsoft.com/technet/security/Bulletin/ms04-oct.mspx

This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.

--
Regards,

Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities

Get Secure! www.microsoft.com/security

This posting is provided "AS IS" with no warranties, and confers no rights.

	Windows Server Forum Index -> Security	All times are GMT
Page 1 of 1