♦ Password
♦ Mailsetup
♦ Info
♦ Workstations
  ♣ Linux
  ♣ MacOS
♦ E-Mail
♦ Chat
♦ Files
♦ Backups
♦ Printers
♦ Network
♦ Statistics
♦ Downloads
♦ Links
♦ Newsletter
♦ Submit
♦ Search
♦ Linux

  Microsoft Security Bulletin April 2005
Microsoft Posted by Beat Rubischon on Wednesday April 13, @09:00AM
from the *boerks* dept.
Last night Microsoft has released the April 2005 Updates for Windows, April 2005 Update for MSN Messenger, April 2005 Update for Office and April 2005 Updates for Exchange. There are 5 critical, 2 important and 1 moderate updates.
Run Windows Update (with Internet Explorer) on all the Windows Workstations and Servers to install the Security Updates, apply the Office update in case you are using Word or Works and install MSN messanger 7 or upgrade your MSN Messanger 6.2 in case you had installed MSN Messanger yourself.
Two bulletins from the Microsoft Security Bulletin February 2005 were rereleased. Windows 9x users should also visit Windows Update.

For detailed informations see the following bulletins:
  • MS05-016 - Vulnerability in Windows Shell That Could Allow Remote Code Execution (893086) Important
  • MS05-017 - Vulnerability in Message Queuing Could Allow Code Execution (892944) Moderate
  • MS05-018 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859) Important
  • MS05-019 - Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) Critical
  • MS05-020 - Cumulative Security Update for Internet Explorer (890923) Critical
  • MS05-021 - Vulnerability in Exchange Server Could Allow Remote Code Execution (894549) Critical
  • MS05-022 - Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597) Critical
  • MS05-023 - Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169) Critical
  • MS05-002 - Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711) Critical, rereleased
  • MS05-009 - Vulnerability in PNG Processing Could Allow Remote Code Execution (890261) Critical, rereleased

We consider MS05-019 as a really critical problem with the capability to program a worm like Blaster or Nachi in 2003. We will keep you informed about this issue.

MS05-020 is also a problem for all IE users and will probably be exploited in the next few hours.

<  |  >


  Related Links
  • Articles on Microsoft
  • Also by Beat Rubischon
  • Contact author
  • The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    © 2003 ISG, Departement Physik, ETH Zürich, <>