Microsoft Security Bulletin Summary for November, 2005

Discussion in 'other security issues & news' started by NICK ADSL UK, Nov 8, 2005.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin MS05-053
    Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
    Published: November 8, 2005

    Version: 1.0

    Summary
    Who should read this document: Customers who use Microsoft Windows

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately.

    Security Update Replacement: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

    Caveats: None


    Microsoft will host a webcast tomorrow to address customer questions on this bulletin:
    Start Time: Wednesday, November 9, 2005 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
    End Time: Wednesday, November 9, 2005 12:00 PM (GMT-08:00) Pacific Time (US & Canada)

    Note: Find out if you are missing important Microsoft product updates by using MBSA
    Share this information to your friends to help them protect theirs and other's PC by keeping an up-to-date system.
    http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Windows Malicious Software Removal Tool - November 2005 (KB890830)
    Date last published: 11/8/2005
    Download size: 1.2 MB
    After the download, this tool runs once to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove any infection found. If an infection is found, the tool will display a status report the next time you start your computer. A new version of the tool will be offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product.

    New Additions
    We have added detection and cleaning capabilities for the following malicious software:

    • Bugbear

    • Codbot

    • Mabutu

    • Opaserv

    • Swen

    See the complete list of malicious software cleaned by this tool.
    http://www.microsoft.com/security/malwareremove/families.mspx
     

    Attached Files:

  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    MS05-050 have undergone a minor revision increment.

    - Reason for Revision: Bulletin updated the following: Microsoft has also been made aware that when installing the "Security Update for DirectX 8.1 for Windows XP Service Pack 1" or "Security Update for DirectX 8.1 for Windows 2003" package on a computer that has DirectX 9; the install completes successfully without giving any indication that the computer was not updated. Users running DirectX 9 will still be vulnerable to the issue discussed within MS05-050 until they apply the appropriate package for their DirectX version. In "Frequently asked questions (FAQ) related to this security update" section, updated the "How can I determine whether I am running an updated version of DirectX on my system?" for Windows 2000 SP4 Multi-User Interface (MUI) users.
    - Originally posted: October 11, 2005
    - Updated: November 9, 2005
    - Bulletin Severity Rating: Critical
    - Version: 1.4

    http://www.microsoft.com/technet/security/bulletin/ms05-050.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    MS05-053: TROJ_EMFSPLOIT.A in the wild
    please apply the MS Nov updates ASAP

    Trend is reporting a trojan horse that might be the first example of a new exploit developed from the November security updates issued by Microsoft. Please update your PC with the latest security updates offered by Microsoft, as more developments could follow.


    Trend Micro is reporting a trojan in the wild (TROJ_EMFSPLOIT.A) that is exploiting the recent MS05-053 vulnerability announced on Tuesday. The trojan causes EXPLORER.EXE to crash, which isn't so much fun for Windows users.

    Upon execution, this Trojan causes the EXPLORER.EXE of affected machines to crash. It may also cause applications that attempt to load it to crash. An example of an application that can load EMF files is Internet Explorer. This Trojan runs on Windows 2000 Service Pack 4 and XP with no Service Pack.

    This news courtesy of Harry Waldren MVP Windows Security
     
Loading...
Thread Status:
Not open for further replies.