Printed from www.pcpro.co.uk
Microsoft patches IE in August security update
Posted on 10 Aug 2005 at 11:23
Microsoft has issued six bulletins as part of its monthly security update. Three are rated as Critical, one as Important and two as Moderate, with the much-patched IE once again receiving attention.
Beginning wit the critical updates, bulletin MS05-038 patches a flaw in IE that could allow a remote attacker to execute code on affected systems. It includes a memory corruption vulnerability that involves JPEG image rendering. Most versions of Windows are affected, but see the bulletin for precise version information.
Bulletin MS05-039 again involves a vulnerability that could allow remote code execution and the local elevation of user privileges. The flaw exists in Plug and Play functionality, potentially enabling an attacker to install programs and view, change, or delete data.
The third Critical bulletin - MS05-043 - involves a vulnerability in the Print Spooler service that could allow remote code execution.
Bulletin MS05-040 has a rating of Important and addresses a vulnerability in the Telephony Application Programming Interface (TAPI) service which, again, could allow remote code execution.
Bulletins MS05-041 and MS05-042 are rated as Moderate and could be used as part of Denial of Service (DoS) attacks. The first involves a vulnerability in the Remote Desktop Protocol (RDP), which could allow an attacker to cause a system to stop responding, and the second involves vulnerabilities in the Kerberos system that could lead to unauthorised information disclosure as well as DoS attacks.
Microsoft is also re-releasing two security bulletins. MS05-023 is rated as Critical and involves Microsoft Word (it has been determined that the vulnerability originally addressed also affects Microsoft Word 2003 Viewer). Bulletin MS05-032 is rated as moderate and involves a Microsoft Agent vulnerability (revised updates are available for 64-bit versions of Windows).
As always, users are recommended to update their software with the latest patches.
Author: Alun Williams
advertisement
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Flash 10.1: Developing for Desktop and Device
- Microsoft Office 2010 screenshots: Recover unsaved items
- Microsoft Word 2010 screenshots: Text Effects
- Avira Premium Security Suite 9
- ZoneAlarm Internet Security Suite
- Webroot Internet Security Essentials
- Trend Micro Internet Security
- PC Tools Internet Security 2009
- Panda Internet Security 2009
- Norton Internet Security 2009
- Kaspersky Internet Security 2009
- F-Secure Internet Security 2009
- Eset Smart Security
- BitDefender Total Security 2009
advertisement
