mardi, février 08, 2005

Windows Security Updates Summary for February 2005

The security updates for February 2005 include several high-priority updates for Microsoft Windows that also affect Microsoft SharePoint, Microsoft Internet Explorer, and Microsoft Media Player technologies. If you have any of the software listed on this page installed on your computer, you should install the updates from Windows Update.

Les mises a jours sont accessibles a partir de :

- http://windowsupdate.microsoft.com/

bonne lecture et bonnes MAJ :-)


Security Bulletin MS05-004

Maximum severity: Important (What is maximum severity?)
Update number: 887219 (What is an update number?)
Supported software affected:
Microsoft .NET Framework 1.1 (all versions)
Microsoft .NET Framework 1.0 Service Pack 3 (SP3) and SP2
Technical bulletin: ASP.NET Path Validation Vulnerability (887219)
Security Bulletin MS05-006

Maximum severity: Moderate
Update number: 887981
Supported software affected:
Windows SharePoint Services for Windows Server 2003
Technical bulletin: Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)
Security Bulletin MS05-007

Maximum severity: Important
Update number: 888302
Supported software affected:
Windows XP SP2 and SP1
Windows XP 64-Bit Edition SP1 (Itanium)
Technical bulletin: Vulnerability in Windows Could Allow Information Disclosure (888302)
Security Bulletin MS05-008

Maximum severity: Important
Update number: 890047
Supported software affected:
Windows XP SP2 and SP1
Windows XP 64-Bit Edition SP1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows 2000 SP4 and SP3
Windows Server 2003
Windows Server 2003 for 64-Bit Itanium-based Systems
Technical bulletin: Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)
Security Bulletin MS05-009

Maximum severity: Critical
Update number: 890261
Supported software affected:
Windows Media Player 9 on Windows XP, Windows 2000, or Windows Server 2003
Windows XP 64-Bit Edition SP1 running Windows Messenger
Windows XP 64-Bit Edition Version 2003 running Windows Messenger
Windows Millennium Edition (Windows Me), Windows 98 Second Edition (SE), and Windows 98
Note Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues.
Windows Messenger 4.7.2009 on Windows XP SP1 and Windows XP
Windows Messenger 4.7.3000 on Windows XP SP2
Windows Messenger 5.0
Technical bulletin: Vulnerability in PNG Processing Could Lead to Buffer Overrun (890261)
Security Bulletin MS05-010

Maximum severity: Critical
Update number: 885834
Supported software affected:
Windows NT Server 4.0 SP6a
Windows NT Server 4.0, Terminal Server Edition SP6
Windows 2000 Server SP4 and SP3
Windows Server 2003
Windows Server 2003 for 64-Bit Itanium-based Systems
Technical bulletin: Vulnerability in the License Logging Service Could Allow Code Execution (885834)
Security Bulletin MS05-011

Maximum severity: Critical
Update number: 885250
Supported software affected:
Windows XP SP2 and SP1
Windows XP 64-Bit Edition SP1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows 2000 SP4 and SP3
Windows Server 2003
Windows Server 2003 for 64-Bit Itanium-based Systems
Technical bulletin: Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)
Security Bulletin MS05-012

Maximum severity: Critical
Update number: 873333
Supported software affected:
Windows XP SP2 and SP1
Windows XP 64-Bit Edition SP1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows 2000 SP4 and SP3
Windows Server 2003
Windows Server 2003 for 64-Bit Itanium-based Systems
Office XP Service Pack 3 (SP3), Office XP SP2, and Office XP
Note Office XP includes Outlook 2002, Word 2002, Excel 2002, PowerPoint 2002, FrontPage 2002, Publisher 2002, and Access 2002
Office 2003 SP1 and Office 2003
Note Office 2003 includes Outlook 2003, Word 2003, Excel 2003, PowerPoint 2003, FrontPage 2003, Publisher 2003, Access 2003, InfoPath 2003, and OneNote 2003
Exchange 2000 Server Service Pack 3 (SP3)
Exchange Server 2003 and Exchange Server 2003 SP1
Exchange Server 5.0 SP2
Exchange Server 5.5 SP4
Technical bulletin: Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)
Security Bulletin MS05-013

Maximum severity: Critical
Update number: 891781
Supported software affected:
Windows XP SP2 and SP1
Windows XP 64-Bit Edition SP1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows 2000 SP4 and SP3
Windows Server 2003
Windows Server 2003 for 64-Bit Itanium-based Systems
Windows Me, Windows 98 SE, and Windows 98
Note Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues.
Technical bulletin: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Code Execution (891781)
Security Bulletin MS05-014

Maximum severity: Critical
Update number: 867282
Supported software affected:
Internet Explorer 6 SP1 on Windows XP SP1, on Windows XP, or on Windows 2000 SP4 or SP3
Internet Explorer 6 SP1 on Windows Me, on Windows 98 SE, or on Windows 98
Note Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues.
Internet Explorer 6 for Windows XP SP1 (64-Bit Edition)
Internet Explorer 6 for Windows Server 2003
Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003
Internet Explorer 6 for Windows XP SP2
Internet Explorer 5.5 SP2 on Windows Me
Note This update is being made available under extended support for critical security issues.
Internet Explorer 5.01 SP4 on Windows 2000 SP4
Internet Explorer 5.01 SP3 on Windows 2000 SP3
Technical bulletin: Cumulative Security Update for Internet Explorer (867282)
Security Bulletin MS05-015

Maximum severity: Critical
Update number: 888113
Supported software affected:
Windows XP SP2 and SP1
Windows 2000 SP4 and SP3
Windows XP 64-Bit Edition SP1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows Server 2003
Windows Server 2003 for 64-Bit Itanium-based Systems
Windows Me, Windows 98 SE, and Windows 98
Note Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues.
Technical bulletin: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)
Check the Version

If you are not sure whether the software you are running is affected, check the version.
Get instructions for how to check
For More Information

Find support information about these security issues in the Microsoft Knowledge Base.
KB887219: "MS05-004: ASP.NET Path Validation Vulnerability Could Allow Unauthorized Access"
KB887981: "MS05-006: Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks"
KB888302: "MS05-007: Vulnerability in Windows Could Allow Information Disclosure"
KB890047: "MS05-008: Vulnerability in Windows Shell Could Allow Remote Code Execution"
KB890261: "MS05-009: Vulnerability in PNG Processing Could Lead to Buffer Overrun"
KB885834: "MS05-010: Vulnerability in the License Logging Service Could Allow Code Execution"
KB885250: "MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution"
KB873333: "MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution"
KB891781: "MS05-013: A Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Code Execution"
KB867282: "MS05-014: Cumulative Security Update for Internet Explorer"
KB888113: "MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution"

 

Google
 
Web eurenet.blogspot.com