[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 286/05 - Microsoft - April Security Updates


- - - ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 286/05 dated 12.04.05  Time: 20:48
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- - - ----------------------------------------------------------------------------------
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- - - ----------------------------------------------------------------------------------

Microsoft April Security Updates


Microsoft released several security updates today, affecting Microsoft Windows, Office, 
Exchange, and MSN Messenger software. Five of these updates are classified as "Critical" 
and three as "Important."

"Critical" Vulnerabilities

MS05-019 - Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service 

MS05-020 - Cumulative Security Update for Internet Explorer

MS05-021 - Vulnerability in Exchange Server Could Allow Remote Code Execution

MS05-022 - Vulnerability in MSN Messenger Could Lead to Remote Code Execution

MS05-023 - Vulnerabilities in Microsoft Word May Lead to Remote Code Execution

"Important" Vulnerabilities

MS05-016 - Vulnerability in Windows Shell that Could Allow Remote Code Execution

MS05-017 - Vulnerability in Message Queuing Could Allow Code Execution

MS05-018 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service

Updated Microsoft Security Bulletins and Software

In addition to addressing the vulnerabilities described above, Microsoft updated three previously-published security bulletins:
MS05-002, MS05-009 and MS05-010. Additionally, Microsoft released an updated version of its Malicious Software Removal Tool today;
the program now recognizes Hacker Defender, Mimail, and Rbot malware specimen families.

The update to the MS05-002 advisory (Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution) is relevant
to those who are applying the patch to Windows 98, 98SE, and ME; users of these platforms may need to re-apply the patch.

The update to the MS05-009 advisory (Vulnerability in PNG Processing Could Allow Remote Code Execution) reflects the availability of
an updated version of Microsoft Windows Messenger version for Windows XP Service Pack 1.

The update to the MS05-010 advisory (Vulnerability in the License Logging Service could allow Code Execution) revises the
"Mitigating Factors" section of the write-up to reflect new findings regarding Windows 2000 Server Service Pack 4 and points out the
existence of the Knowledge Base Article 896658, which is relevant to users running Windows 2000 Server Service Pack 4.

Further information can be found at:

- - - ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by telephone or 
Not Protectively Marked information may be sent via EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- - - ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of SANS and Microsoft Corporation for 
the information contained in this Briefing. 
- - - ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some of the 
information may have changed since it was released. If the vulnerability affects you, 
it may be prudent to retrieve the advisory from the canonical site to ensure that you 
receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade name, 
trademark manufacturer, or otherwise, does not constitute or imply its endorsement, 
recommendation, or favouring by UNIRAS or NISCC.  The views and opinions of authors 
expressed within this notice shall not be used for advertising or product endorsement 

Neither UNIRAS or NISCC shall also accept responsibility for any errors or omissions 
contained within this briefing notice. In particular, they shall not be liable for any 
loss or damage whatsoever, arising from or in connection with the usage of information 
contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) and 
has contacts with other international Incident Response Teams (IRTs) in order to foster 
cooperation and coordination in incident prevention, to prompt rapid reaction to 
incidents, and to promote information sharing amongst its members and the community at 
- - - ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

Version: PGP 8.1