Habe noch keine Meldung auf der Liste gesehen .... von daher:
Microsoft is releasing 3 security bulletins for newly discovered vulnerabilities in Microsoft Windows. - 3 Microsoft Security Bulletin affecting Microsoft Windows with a maximum severity of Critical, MS05-001, MS05-002, MS05-003. The summary for this month's bulletins can be found at the following page: - http://www.microsoft.com/technet/security/bulletin/ms05-jan.mspx Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable. Microsoft will host a webcast to address customer questions on these bulletins. For more information on this webcast please see below: - Information about Microsoft’s January Security Bulletins - Wednesday, January 12, 2005 11:00 AM (GMT-08:00) Pacific Time (US & Canada) - http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=103226614 8&Culture=en-US - The on-demand version of the webcast will be available 24 hours after the live webcast at: - http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=103226614 8&Culture=en-US ********************************************************************** TECHNICAL DETAILS MS05-001 Title: Vulnerability in HTML Help Could Allow Code Execution (890175) Affected Software: - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 - Microsoft Windows XP 64-Bit Edition Service Pack 1 - Microsoft Windows XP 64-Bit Edition Version 2003 - Microsoft Windows Server 2003 - Microsoft Windows Server 2003 64-Bit Edition - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) Affected Components: - Internet Explorer 6.0 Service Pack 1 when installed on Microsoft Windows NT Server 4.0 Service Pack 6a or Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart. Update can be uninstalled: Yes More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS05-001.mspx ********************************************************************** MS05-002 Title: Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711) Affected Software: - Microsoft Windows NT Server 4.0 Service Pack 6a - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 - Microsoft Windows XP Service Pack 1 - Microsoft Windows XP 64-Bit Edition Service Pack 1 - Microsoft Windows XP 64-Bit Edition Version 2003 - Microsoft Windows Server 2003 - Microsoft Windows Server 2003 64-Bit Edition - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems. Non-Affected Software: - Microsoft Windows XP Service Pack 2 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart. Update can be uninstalled: Yes More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS05-002.mspx ********************************************************************** MS05-003 Title: Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250) Affected Software: - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 - Microsoft Windows XP Service Pack 1 - Microsoft Windows XP 64-Bit Edition Service Pack 1 - Microsoft Windows XP 64-Bit Edition Version 2003 - Microsoft Windows Server 2003 - Microsoft Windows Server 2003 64-Bit Edition Non-Affected Software: - Microsoft Windows NT Server 4.0 Service Pack 6a - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Microsoft Windows XP Service Pack 2 - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) Affected Components: - Indexing Service Impact of Vulnerability: Remove Code Execution Maximum Severity Rating: Important Restart required: This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart. To help reduce the chance that a reboot will not be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. Update can be uninstalled: Yes More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS05-003.mspx -- Viele Grüße Hubert Daubmeier _______________________________________________ Coffeehouse Mailingliste, Postings senden an: [email protected] An-/Abmeldung und Suchfunktion unter: http://www.glengamoi.com/mailman/listinfo/coffeehouse
