Microsoft Security Bulletin(s) for 4/12/2005

Discussion in 'other security issues & news' started by NICK ADSL UK, Apr 12, 2005.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft® Windows® Malicious Software Removal Tool (KB890830)

    Quick Info

    File Name: Windows-KB890830-V1.3-ENU.exe
    Download Size: 340 KB
    Date Published: 4/12/2005
    Version: 1.3

    This tool scans for and cleans malicious software associated with:
    Bagle
    Berbew
    Blaster
    Bropia
    DoomJuice
    Gaobot
    Goweh
    Korgo
    Mydoom
    Nachi
    Netsky
    Randex
    Sasser
    Sober
    Sobig
    Zafi
    Zindos
    http://www.microsoft.com/downloads/...e0-e72d-4f54-9ab3-75b8eb148356&DisplayLang=en
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin(s) for 4/12/2005

    April 12, 2005
    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    http://www.microsoft.com/technet/security/Bulletin/ms05-apr.mspx

    Critical Bulletins:

    Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
    http://www.microsoft.com/technet/security/Bulletin/ms05-019.mspx

    Cumulative Security Update for Internet Explorer (890923)
    http://www.microsoft.com/technet/security/Bulletin/ms05-020.mspx

    Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)
    http://www.microsoft.com/technet/security/Bulletin/ms05-021.mspx

    Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)
    http://www.microsoft.com/technet/security/Bulletin/ms05-022.mspx

    Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)
    http://www.microsoft.com/technet/security/Bulletin/ms05-023.mspx

    Important Bulletins:

    Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)
    http://www.microsoft.com/technet/security/Bulletin/ms05-016.mspx

    Vulnerability in Message Queuing Could Allow Code Execution (892944)
    http://www.microsoft.com/technet/security/Bulletin/ms05-017.mspx

    Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)
    http://www.microsoft.com/technet/security/Bulletin/ms05-018.mspx

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety [1-866-727-2338 ] International customers should contact their local subsidiary.
    --
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Re: Microsoft Security Bulletin(s) for 4/12/2005
     

    Attached Files:

  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin MS05-002
    Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

    Issued: January 11, 2005
    Updated: April 12, 2005
    Version: 2.0

    Summary
    Who should read this document: Customers using Microsoft Windows

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately.

    Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for more information.

    Caveats: None

    - Reason for re-release: After the release of the MS05-002
    security bulletin, Microsoft became aware of an issue affecting
    customers deploying the Windows 98, 98SE and ME security update.
    In most cases, the issue caused machines to unexpectedly
    restart. Microsoft has investigated this issue and has made
    available revised security updates for these platforms. These
    revised security updates are available from Windows Update and
    the Microsoft Download Center. Customers who have not yet
    applied the original version of these updates should visit
    Windows Update to receive the revised updates. Customers who
    have already applied the original Windows 98, 98SE and ME
    security update are advised to install the current revision of
    the update from Windows Update.
    - Originally posted: January 11, 2005
    - Updated: April 12, 2005
    - Bulletin Severity Rating: Critical
    - Version: 2.0


    http://www.microsoft.com/technet/security/bulletin/MS05-002.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin MS05-009
    Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)

    Issued: February 8, 2005
    Updated: April 12, 2005
    Version: 2.0

    Summary
    Who should read this document: Customers who use Microsoft Windows Media Player, Windows Messenger and MSN Messenger

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately

    Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

    Caveats: Starting February 10, 2005, the MSN Messenger service will notify customers running a vulnerable version of MSN Messenger that there is an upgrade available. Customers that have accepted this upgrade and have applied the update will be protected from this vulnerability. Customers that have not accepted this upgrade may not be allowed to connect to the MSN Messenger service with a vulnerable version of the client. Clients may be upgraded immediately by installing the update available at the download location provided in the “Affected Software” section below.

    http://www.microsoft.com/technet/security/bulletin/MS05-009.mspx


    - Reason for re-release: Subsequent to the release of this
    bulletin, it was determined that the update for Windows
    Messenger version 4.7.0.2009 (when running on Windows XP
    Service Pack 1) was failing to install when distributed via SMS
    or AutoUpdate. The updated package corrects this behavior.
    - Originally posted: February 8,2005
    - Updated: April 12, 2005
    - Bulletin Severity Rating: Critical
    - Version: 2.0
     
Loading...
Thread Status:
Not open for further replies.