Microsoft Security Bulletin(s) for 2/8/05

Discussion in 'other security issues & news' started by NICK ADSL UK, Feb 8, 2005.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for 2/8/05

    February 8, 2005
    Today Microsoft released the following Security Bulletin(s).

    Note: www.Microsoft.com/technet/security and www.Microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    http://www.microsoft.com/technet/security/Bulletin/ms05-feb.mspx

    Critical Bulletins:

    Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)
    http://www.microsoft.com/technet/security/Bulletin/ms05-005.mspx

    Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)
    http://www.microsoft.com/technet/security/Bulletin/ms05-009.mspx

    Vulnerability in the License Logging Service Could Allow Code Execution (885834)
    http://www.microsoft.com/technet/security/Bulletin/ms05-010.mspx

    Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)
    http://www.microsoft.com/technet/security/Bulletin/ms05-011.mspx

    Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)
    http://www.microsoft.com/technet/security/Bulletin/ms05-012.mspx

    Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)
    http://www.microsoft.com/technet/security/Bulletin/ms05-013.mspx

    Cumulative Security Update for Internet Explorer (867282)
    http://www.microsoft.com/technet/security/Bulletin/ms05-014.mspx

    Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)
    http://www.microsoft.com/technet/security/Bulletin/ms05-015.mspx

    Important Bulletins:

    ASP.NET Path Validation Vulnerability (887219)
    http://www.microsoft.com/technet/security/Bulletin/ms05-004.mspx

    Vulnerability in Windows Could Allow Information Disclosure (888302)
    http://www.microsoft.com/technet/security/Bulletin/ms05-007.mspx

    Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)
    http://www.microsoft.com/technet/security/Bulletin/ms05-008.mspx

    Moderate Bulletins:

    Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)
    http://www.microsoft.com/technet/security/Bulletin/ms05-006.mspx

    Re-released Bulletins:

    Vulnerability in SMTP Could Allow Remote Code Execution (885881)
    http://www.microsoft.com/technet/security/Bulletin/ms04-035.mspx

    Security bulletin summary for October 2004
    http://www.microsoft.com/technet/security/Bulletin/ms04-oct.mspx

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety [1-866-727-2338]International customers should contact their local subsidiary.


    Please note that if you are using any Microsoft office software you should also visit there download site to get these updates. Please also note that you will have to have your office CD to hand prior to downloading these updates

    http://office.microsoft.com/en-gb/officeupdate/default.aspx
     
    Last edited: Feb 9, 2005
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Re: Microsoft Security Bulletin(s) for 2/8/05
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS05-006
    Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)

    Issued: February 8, 2005
    Updated: March 2, 2005

    Version: 1.2

    Summary
    Who should read this document: Customers who use Microsoft Windows SharePoint Services or SharePoint Team Services from Microsoft

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Moderate

    Recommendation: Customers should consider applying the security update.

    Security Update Replacement: None

    For further information regarding this update please see
    http://www.microsoft.com/technet/security/bulletin/MS05-006.mspx
     
Loading...
Thread Status:
Not open for further replies.