34 KBMicrosoft Security Bulletins
April 2005
Prior Updates:
2007
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2006
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2005
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2004
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
April 2005
Microsoft Security Bulletin MS05-016
Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)
Severity: ImportantVulnerabilities:
- Windows Shell Vulnerability - CAN-2005-0063
A remote code execution vulnerability exists in the Windows Shell because of the way that it handles application association. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. However, user interaction is required to exploit this vulnerability.
Microsoft Security Bulletin MS05-017
Vulnerability in MSMQ Could Allow Code Execution (892944)
Severity: ImportantVulnerabilities:
- Message Queuing Vulnerability - CAN-2005-0059
A remote code execution vulnerability exists in Message Queuing that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.
Microsoft Security Bulletin MS05-018
Vulnerability in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)
Severity: ImportantVulnerabilities:
- Font Vulnerability - CAN-2005-0060
A privilege elevation vulnerability exists in the way that the Windows processes certain fonts. This vulnerability could allow a logged on user to take complete control of the system. - Windows Kernel Vulnerability - CAN-2005-0061
A privilege elevation vulnerability exists in the way that the affected operating system versions processes certain access requests. This vulnerability could allow a logged on user to take complete control of the system. - Object Management Vulnerability - CAN-2004-0550
A denial of service vulnerability exists that could allow an attacker to send a specially crafted request locally to an affected operating system version. An attacker who exploited this vulnerability could cause the affected system to stop responding and automatically restart - CSRSS Vulnerability - CAN-2005-0551
A privilege elevation vulnerability exists in the way that the affected operating system versions processes certain access requests. This vulnerability could allow a logged on user to take complete control of the system.
Microsoft Security Bulletin MS05-019
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
Severity: ModerateVulnerabilities:
- IP Validation Vulnerability - CAN-2005-0048
A remote code execution vulnerability exists that could allow an attacker to send a specially crafted TCP/IP message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to remotely execute code. However, attempts to exploit this vulnerability would most likely result in a denial of service. - ICMP Connection Reset Vulnerability - CAN-2004-0790
A denial of service vulnerability exists that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connections. - ICMP Path MTU Vulnerability - CAN-2004-1060
A denial of service vulnerability exists that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system that could cause network performance to degrade and potentially stop the affected system from responding to requests. - TCP Connection Reset Vulnerability - CAN-2004-1060
A denial of service vulnerability exists that could allow an attacker to send a specially crafted TCP message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connections. - Spoofed Connection Request Vulnerability - CAN-2005-0688
A denial of service vulnerability exists that could allow an attacker to send a specially crafted TCP/IP message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding.
Microsoft Security Bulletin MS05-020
Cumulative Security Update for Internet Explorer (890923)
Severity: CriticalVulnerabilities:
- DHTML Object Memory Corruption Vulnerability - CAN-2005-0553
A remote code execution vulnerability exists in Internet Explorer because of the way that it handles certain DHTML objects. An attacker could exploit the vulnerability by constructing a malicious Web page. This malicious Web page could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability. - URL Parsing Memory Corruption Vulnerability - CAN-2005-0554
A remote code execution vulnerability exists in Internet Explorer because of the way that it handles certain URLs. An attacker could exploit the vulnerability by constructing a malicious Web page. This malicious Web page could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability. - Content Advisor Memory Corruption Vulnerability
A remote code execution vulnerability exists in Internet Explorer because of the way that it handles Content Advisor files. An attacker could exploit the vulnerability by constructing a specially crafted Content Advisor file. This malicious Content Advisor file could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message and accepted the installation of the file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.
Microsoft Security Bulletin MS05-021
Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (894549)
Severity: CriticalVulnerabilities:
- xchange Server Vulnerability - CAN-2005-0560
A remote code execution vulnerability exists in Microsoft Exchange Server that that could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb that could allow the attacker to run malicious programs of their choice in the security context of the SMTP service.
Microsoft Security Bulletin MS05-022
Vulnerability in MSN Messenger Could Lead to Remote Code Execution
Severity: ModerateVulnerabilities:
- MSN Messenger Vulnerability - CAN-2005-0562
A remote code execution vulnerability exists in MSN Messenger that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.
Microsoft Security Bulletin MS05-023
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)
Severity: CriticalVulnerabilities:
- Buffer Overrun in Word - CAN-2004-0963
A vulnerability exists in Microsoft Word that could allow an attacker to run arbitrary code on a users system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. - Buffer Overrun in Word - CAN-2005-0558
A vulnerability exists in Microsoft Word that could allow an attacker to run arbitrary code on a users system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.