|
|
|
Microsoft HotFix and Security Bulletins
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Sep 26, 2006 |
Vulnerability in Vector Markup Language Could Allow Remote Code
Execution (925486):
MS06-055 Affected Software: Windows XP Tablet PC Edition, Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003, Web Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Datacenter Edition, Windows Server 2003 for Small Business Server, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows 2000 Server, Windows 2000 Professional, Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Internet Explorer 5.01, Internet Explorer 6.0, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows 2000 Service Pack 4, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Windows Server 2003 x64 Gold | |
| Sep 12, 2006 |
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution
(910729):
MS06-054 Affected Software: Office 2000, Publisher 2000, Office XP, Publisher 2002, Office 2003, Publisher 2003 |
Office 2000 Service Pack 3, Publisher 2000 SP3, Office XP SP3 , Publisher 2002 SP3, Office 2003 SP1, Publisher 2003 SP1, Office 2003 SP2, Publisher 2003 SP2 | |
| Sep 12, 2006 |
Vulnerability in Indexing Service Could Allow Cross-Site Scripting
(920685):
MS06-053 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Sep 12, 2006 |
Vulnerability in Pragmatic General Multicast (PGM) Could Result in
Remote Code Execution (919007):
MS06-052 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Media Center Edition, Windows XP Tablet PC Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2 |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Aug 8, 2006 |
Vulnerability in Windows Kernel Could Result in Remote Code Execution
(917422):
MS06-051 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Aug 8, 2006 |
Vulnerabilities in Microsoft Windows Hyperlink Object Library Could
Allow Remote Code Execution (920670):
MS06-050 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Aug 8, 2006 |
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
(922968):
MS06-048 Affected Software: Office 2000, PowerPoint 2000, Office XP, PowerPoint 2002, Outlook 2003, Office 2003, PowerPoint 2003, PowerPoint 2004 for Mac, Office 2004 for Macintosh, Office v. X for Macintosh, PowerPoint v. X for Macintosh |
Office 2000 Service Pack 3, PowerPoint 2000 SP3, Office XP SP3 , PowerPoint 2002 SP3, Office 2003 SP1, Outlook 2003 SP2, PowerPoint 2003 SP2, PowerPoint 2004 for Mac Gold, Office 2004 for Macintosh Gold, Office v. X for Macintosh Gold, PowerPoint v. X for Macintosh Gold | |
| Aug 8, 2006 |
Vulnerability in Microsoft Visual Basic for Applications Could Allow
Remote Code Execution (921645):
MS06-047 Affected Software: Office 2000, Project 2000, Access 2000 Runtime, Office XP, Project 2002, Visio 2002, Works 2004, Works 2005, Works 2006, VBA 6.0, VBA 6.2, VBA 6.3, VBA 6.4 |
Office 2000 Service Pack 3, Project 2000 SR1, Access 2000 Runtime SP3, Office XP SP3 , Project 2002 SP1, Visio 2002 SP2, Works 2004 Gold, Works 2005 Gold, VBA 6.0 Gold, VBA 6.2 Gold, VBA 6.3 Gold, VBA 6.4 Gold | |
| Aug 8, 2006 |
Vulnerability in HTML Help Could Allow Remote Code Execution (922616):
MS06-046 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Aug 8, 2006 |
Vulnerability in Windows Explorer Could Allow Remote Code Execution
(921398):
MS06-045 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Aug 8, 2006 |
Vulnerability in Microsoft Windows Could Allow Remote Code Execution
(920214):
MS06-043 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Professional, Windows XP Tablet PC Edition, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Outlook Express 6 on Microsoft Windows XP, Outlook Express 6 for Microsoft Windows XP 64-Bit Edition, Outlook Express 6 on Windows Server 2003, Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Outlook Express 6 on Windows Server 2003 (64 bit edition) |
Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Outlook Express 6 on Microsoft Windows XP SP 2, Outlook Express 6 on Microsoft Windows XP Professional x64 Edition Gold, Outlook Express 6 on Windows Server 2003 SP1, Outlook Express 6 for Windows Server 2003 for Itanium based systems SP1, Outlook Express 6 on Windows Server 2003 (64 bit edition) Gold | |
| Aug 8, 2006 |
Cumulative Security Update for Internet Explorer (918899):
MS06-042 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows XP Service Pack 2, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Internet Explorer for Windows XP SP2, Internet Explorer 6.0 for Windows Server 2003 Gold, Internet Explorer 6.0 for Windows 2003 for Itanium-based Systems Gold, Internet Explorer 6.0 for Windows 2003 for Itanium-based Systems SP1, Internet Explorer 6.0 for Windows 2003 x64 Gold, Internet Explorer 6.0 for Windows XP Professional x64 Edition, Internet Explorer 6.0 for Windows Server 2003 SP1 | |
| Aug 8, 2006 |
Vulnerability in DNS Resolution Could Allow Remote Code Execution
(920683):
MS06-041 Affected Software: Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Aug 8, 2006 |
Vulnerability in Server Service Could Allow Remote Code Execution
(921883):
MS06-040 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Media Center Edition, Windows XP Tablet PC Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Jul 11, 2006 |
Vulnerabilities in Microsoft Office Filters Could Allow Remote Code
Execution (915384):
MS06-039 Affected Software: Office 2003, Project 2003, OneNote 2003, Office XP, Office 2000, Project 2002, Project 2000, Works 2004, Works 2005, Works 2006 |
Office 2003 SP1, Office 2003 SP2, Project 2003 SP1, Project 2003 SP2, OneNote 2003 SP1, OneNote 2003 SP2, Office XP SP3 , Office 2000 Service Pack 3, Project 2002 Gold, Project 2002 SP1, Project 2002 SP2, Project 2000 Gold, Project 2000 SR1, Works 2004 Gold, Works 2005 Gold | |
| Jul 11, 2006 |
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
(917284):
MS06-038 Affected Software: Office 2003, Access 2003, Excel 2003, Excel Viewer 2003, FrontPage 2003, InfoPath 2003, OneNote 2003, Outlook 2003, PowerPoint 2003, Project 2003, Publisher 2003, Visio 2003, Word 2003, Word Viewer 2003, Office XP, Access 2002, Excel 2002, FrontPage 2002, Outlook 2002, PowerPoint 2002, Publisher 2002, Word 2002, Office 2000, Access 2000, Excel 2000, FrontPage 2000, Outlook 2000, PowerPoint 2000, Publisher 2000, Word 2000, Project 2002, Visio 2002, Project 2000, Office 2004 for Macintosh, Office v. X for Macintosh |
Office 2003 SP1, Office 2003 SP2, Access 2003 SP1, Access 2003 SP2, Excel 2003 SP1, Excel 2003 SP2, Excel Viewer 2003 Gold, Excel Viewer 2003 SP2, FrontPage 2003 SP1, FrontPage 2003 SP2, InfoPath 2003 SP1, InfoPath 2003 SP2, OneNote 2003 SP1, OneNote 2003 SP2, Outlook 2003 SP1, Outlook 2003 SP2, PowerPoint 2003 SP1, PowerPoint 2003 SP2, Project 2003 SP2, Project 2003 SP1, Publisher 2003 SP1, Publisher 2003 SP2, Visio 2003 SP1, Visio 2003 SP2, Word 2003 SP1, Word 2003 SP 2, Word Viewer 2003 SP1, Word Viewer 2003 SP2, Office XP SP3 , Access 2002 SP3, Excel 2002 SP2, FrontPage 2002 SP3, Outlook 2002 SP3, PowerPoint 2002 SP3, Word 2002 SP3, Office 2000 Service Pack 3, Access 2000 SP3, Excel 2000 SP3, FrontPage 2000 SP3, Outlook 2000 SP3, PowerPoint 2000 SP3, Publisher 2000 SP3, Word 2000 SP3, Project 2002 SP2, Visio 2002 SP2, Project 2000 SR1, Office 2004 for Macintosh Gold, Office v. X for Macintosh Gold | |
| Jul 11, 2006 |
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
(917285):
MS06-037 Affected Software: Office 2003, Excel 2003, Excel Viewer 2003, Office XP, Excel 2002, Office 2000, Excel 2000, Office 2004 for Macintosh, Excel 2004 for Macintosh, Office v. X for Macintosh, Excel v. X for Macintosh |
Office 2003 SP1, Office 2003 SP2, Excel 2003 SP1, Excel 2003 SP2, Excel Viewer 2003 Gold, Excel Viewer 2003 SP2, Office XP SP3 , Excel 2002 SP3, Office 2000 Service Pack 3, Excel 2000 SP3, Office 2004 for Macintosh Gold, Excel 2004 for Macintosh Gold, Office v. X for Macintosh Gold, Office v. X for Macintosh SR 1, Excel v. X for Macintosh Gold | |
| Jul 11, 2006 |
Vulnerability in DHCP Client Service Could Allow Remote Code Execution
(914388):
MS06-036 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Jul 11, 2006 |
Vulnerability in Server Service Could Allow Remote Code Execution
(917159):
MS06-035 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Jul 11, 2006 |
Vulnerability in Microsoft Internet Information Services using Active
Server Pages Could Allow Remote Code Execution (917537):
MS06-034 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Internet Information Services 6.0, Internet Information Services 5.1, Internet Information Services 5.0 |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Internet Information Server 6.0 Gold, Internet Information Server 5.1 Gold, Internet Information Server 5.0 Gold | |
| Jul 11, 2006 |
Vulnerability in ASP.NET Could Allow Information Disclosure (917283):
MS06-033 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows XP Tablet PC Edition, Windows XP Media Center Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, .Net Framework 2.0 |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows XP Tablet PC Edition Gold, Windows XP Media Center Edition Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, .Net Framework 2.0 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Jun 13, 2006 |
Vulnerability in TCP/IP Could Allow Remote Code Execution (917953):
MS06-032 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Jun 13, 2006 |
Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736):
MS06-031 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server |
Windows 2000 Service Pack 4 | |
| Jun 13, 2006 |
Vulnerability in Server Message Block Could Allow Elevation of Privilege
(914389):
MS06-030 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Jun 13, 2006 |
Vulnerability in Microsoft Exchange Server Running Outlook Web Access
Could Allow Script Injection (912442):
MS06-029 Affected Software: Exchange 2000 Enterprise Server, Exchange 2000 Server, Exchange Server 2003 |
Exchange 2000 SP3, Exchange Server 2003 SP1, Exchange Server 2003 SP2 | |
| Jun 13, 2006 |
Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution
(916768):
MS06-028 Affected Software: PowerPoint 2000, PowerPoint 2002, PowerPoint 2004 for Mac |
PowerPoint 2000 SP3, PowerPoint 2002 SP3, PowerPoint 2004 for Mac Gold | |
| Jun 13, 2006 |
Vulnerability in Microsoft Word Could Allow Remote Code Execution
(917336):
MS06-027 Affected Software: Word 2000, Word 2002, Word 2003, Word Viewer 2003, Works 2000, Works 2001, Works 2002, Works 2003, Works 2004, Works 2005, Works 2006 |
Word 2000 SP3, Word 2002 SP3, Word 2003 SP1, Word 2003 SP 2, Word Viewer 2003 SP1, Word Viewer 2003 SP2, Works 2000 Gold, Works 2001 Gold, Works 2002 Gold, Works 2003 Gold, Works 2004 Gold, Works 2005 Gold | |
| Jun 13, 2006 |
Vulnerability in Graphics Rendering Engine Could Allow Remote Code
Execution (918547):
MS06-026 Affected Software: Windows 98, Windows 98 SE, Windows Me |
Windows 95 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold | |
| Jun 13, 2006 |
Vulnerability in Routing and Remote Access Could Allow Remote Code
Execution (911280):
MS06-025 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Jun 13, 2006 |
Vulnerability in Windows Media Player Could Allow Remote Code Execution
(917734):
MS06-024 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows Media Player for Windows XP, Windows Media Player 9.0, Windows Media Player 10, Windows Media Player 7.1 |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Windows 2000 Service Pack 4, Windows Media Player for Windows XP Gold, Windows Media Player for Windows XP SP1, Windows Media Player 9.0 Gold, Windows Media Player 10 Gold, Windows Media Player 7.1 Gold | |
| Jun 13, 2006 |
Vulnerability in Microsoft JScript Could Allow Remote Code Execution
(917344):
MS06-023 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold | |
| Jun 13, 2006 |
Vulnerability in ART Image Rendering Could Allow Remote Code Execution
(918439):
MS06-022 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 5.01, Internet Explorer 6.0 |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1 | |
| Jun 13, 2006 |
Cumulative Security Update for Internet Explorer (916281):
MS06-021 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows XP Service Pack 2, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Internet Explorer for Windows XP SP2, Internet Explorer 6.0 for Windows Server 2003 Gold, Internet Explorer 6 for Windows Server 2003 SP2, Internet Explorer 6.0 for Windows 2003 for Itanium-based Systems Gold, Internet Explorer 6.0 for Windows 2003 for Itanium-based Systems SP1, Internet Explorer 6.0 for Windows XP Professional x64 Edition |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| May 9, 2006 |
Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote
Code Execution (913433):
MS06-020 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows 98, Windows 98 SE, Windows Me |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold | |
| May 9, 2006 |
Vulnerability in Microsoft Exchange Could Allow Remote Code Execution
(916803):
MS06-019 Affected Software: Exchange 2000 Server, Exchange 2000 Enterprise Server, Exchange Server 2003 |
Exchange 2000 SP3, Exchange Server 2003 SP1, Exchange Server 2003 SP2 | |
| May 9, 2006 |
Vulnerability in Microsoft Distributed Transaction Coordinator Could
Allow Denial of Service (913580):
MS06-018 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 for Itanium-based Systems Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Apr 11, 2006 |
Vulnerability in Microsoft FrontPage Server Extensions Could Allow
Cross-Site Scripting (917627):
MS06-017 Affected Software: FrontPage Server Extensions 2002, FrontPage Server Extensions 2002 64-bit, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows XP Professional 64-Bit Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, SharePoint Team Services 2002 |
FrontPage Server Extensions 2002 Gold, FrontPage Server Extensions 2002 64-bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows XP 64-Bit Gold, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, SharePoint Team Services 2002 Gold | |
| Apr 11, 2006 |
Cumulative Security Update for Outlook Express (911567):
MS06-016 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me, Outlook Express 6 on Windows Server 2003, Outlook Express 6 on Windows Server 2003 (64 bit edition), Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Outlook Express 6 for Microsoft Windows XP 64-Bit Edition, Outlook Express 6.0, Outlook Express 5.5 |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Outlook Express 6 on Windows Server 2003 Gold, Outlook Express 6 on Windows Server 2003 SP1, Outlook Express 6 on Windows Server 2003 (64 bit edition) Gold, Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based Systems Gold, Outlook Express 6 for Microsoft Windows XP 64-Bit Edition Version 2003 Gold, Outlook Express 6.0 SP1, Outlook Express 5.5 SP2 | |
| Apr 11, 2006 |
Vulnerability in Windows Explorer Could Allow Remote Code Execution
(908531):
MS06-015 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold | |
| Apr 11, 2006 |
Vulnerability in the Microsoft Data Access Components (MDAC) Function
Could Allow Code Execution (911562):
MS06-014 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows 98, Windows 98 SE, Windows Me, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, MDAC 2.7, MDAC 2.8, MDAC 2.5 |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Windows 2000 Service Pack 4, MDAC 2.7 SP1, MDAC 2.8 SP1, MDAC 2.8 SP2, MDAC 2.8 Gold, MDAC 2.5 SP3 | |
| Apr 11, 2006 |
Cumulative Security Update for Internet Explorer (912812):
MS06-013 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows XP Service Pack 2, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition, Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Internet Explorer 6.0 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Mar 14, 2006 |
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
(905413):
MS06-012 Affected Software: Word 2000, Excel 2000, Outlook 2000, PowerPoint 2000, Office 2000, Word 2002, Excel 2002, Outlook 2002, PowerPoint 2002, Office XP, Excel 2003, Works 2000, Works 2001, Works 2002, Works 2003, Works 2004, Works 2005, Works 2006, Excel v. X for Macintosh, Excel 2004 for Macintosh |
Word 2000 SP3, Office 2000 Service Pack 3, PowerPoint 2000 SP3, Word 2002 SP3, Excel 2002 SP3, Outlook 2002 SP3, PowerPoint 2002 SP3, Office XP SP3 , Excel 2003 SP1, Excel 2003 SP2, Works 2000 Gold, Works 2001 Gold, Works 2002 Gold, Works 2003 Gold, Works 2004 Gold, Works 2005 Gold, Works 2006 Gold, Excel v. X for Macintosh Gold, Excel 2004 for Macintosh Gold | |
| Mar 14, 2006 |
Permissive Windows Services DACLs Could Allow Elevation of Privilege
(914798):
MS06-011 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems |
Windows XP Service Pack 1, Windows Server 2003 Gold, Windows Server 2003 for Itanium-based Systems Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Feb 14, 2006 |
Vulnerability in PowerPoint 2000 Could Allow Information Disclosure
(889167):
MS06-010 Affected Software: Office 2000, PowerPoint 2000 |
Office 2000 Service Pack 3, PowerPoint 2000 SP3 | |
| Feb 14, 2006 |
Vulnerability in the Korean Input Method Editor Could Allow Elevation of
Privilege (901190):
MS06-009 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Office 2003, Visio 2003, OneNote 2003, Project 2003 |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Office 2003 SP1, Office 2003 SP2, Visio 2003 Gold, Visio 2003 SP1, OneNote 2003 Gold, OneNote 2003 SP1, Project 2003 Gold, Project 2003 SP1 | |
| Feb 14, 2006 |
Vulnerability in Web Client Service Could Allow Remote Code Execution
(911927):
MS06-008 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Feb 14, 2006 |
Vulnerability in TCP/IP Could Allow Denial of Service (913446):
MS06-007 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP 64-Bit SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold | |
| Feb 14, 2006 |
Vulnerability in Windows Media Player Plug-in with Non-Microsoft
Internet Browsers Could Allow Remote Code Execution (911564):
MS06-006 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows XP Professional 64-Bit Edition, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP 64-Bit SP1, Windows XP 64-Bit Gold, Windows Server 2003 x64 Gold | |
| Feb 14, 2006 |
Vulnerability in Windows Media Player Could Allow Remote Code Execution
(911565):
MS06-005 Affected Software: Windows XP Professional, Windows Media Player for Windows XP, Windows Media Player 9 for Windows XP, Windows Media Player 9 for Windows Server 2003, Windows 98, Windows 98 SE, Windows Me, Windows Media Player 7.1, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows Media Player 9.0, Windows Media Player 10, Windows Server 2003 for Small Business Server, Windows XP Home Edition |
Windows XP Service Pack 1, Windows Media Player for Windows XP Gold, Windows XP Service Pack 2, Windows Media Player 9.0 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Windows Media Player 7.1 Gold, Windows 2000 Service Pack 4, Windows Media Player 10 Gold, Windows Server 2003 Gold | |
| Feb 14, 2006 |
Cumulative Security Update for Internet Explorer (910620):
MS06-004 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Internet Explorer 5.01 |
Windows 2000 Service Pack 4, Internet Explorer 5.01 SP4 |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Jan 10, 2006 |
Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft
Exchange Could Allow Remote Code Execution:
MS06-003 Affected Software: Office 2000, Outlook 2000, Office XP, Outlook 2002, Office 2003, Outlook 2003, Exchange Server 5.0, Exchange Server 5.5, Exchange 2000 Server, Exchange 2000 Enterprise Server |
Office 2000 Service Pack 3, Office XP SP3 , Office 2003 SP1, Office 2003 SP2, Outlook 2003 SP1, Outlook 2003 SP2, Exchange Server 5.0 SP2, Exchange Server 5.5 SP4, Exchange 2000 SP3 | |
| Jan 10, 2006 |
Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution:
MS06-002 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Windows Me, Windows 98, Windows 98 SE |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows XP 64-Bit SP1, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Windows Me Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1 | |
| Jan 5, 2006 |
Vulnerability in Graphics Rendering Engine Could Allow Remote Code
Execution (912919):
MS06-001 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows XP Professional 64-Bit Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP 64-Bit Gold, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Dec 13, 2005 |
Vulnerability in Windows Kernel Could Allow Elevation of Privilege
(908523):
MS05-055 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server |
Windows 2000 Service Pack 4 | |
| Dec 13, 2005 |
Cumulative Security Update for Internet Explorer (905915):
MS05-054 Affected Software: Internet Explorer 5.5, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Internet Explorer 5.5 SP2, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP Service Pack 2, Windows 2000 Service Pack 4, Windows XP Service Pack 1 |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Nov 8, 2005 |
Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution
(896424):
MS05-053 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Oct 11, 2005 |
Cumulative Security Update for Internet Explorer (896688):
MS05-052 Affected Software: Internet Explorer 5.5, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Internet Explorer 5.5 SP2, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP Service Pack 2, Windows 2000 Service Pack 4, Windows XP Service Pack 1 | |
| Oct 11, 2005 |
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution
(902400):
MS05-051 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Oct 11, 2005 |
Vulnerability in DirectShow Could Allow Remote Code Execution (904706):
MS05-050 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Oct 11, 2005 |
Vulnerabilities in Windows Shell Could Allow Remote Code Execution
(900725):
MS05-049 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Oct 11, 2005 |
Vulnerability in the Microsoft Collaboration Data Objects Could Allow
Remote Code Execution (907245):
MS05-048 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Exchange 2000 Server, Exchange 2000 Enterprise Server |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Exchange 2000 SP3 | |
| Oct 11, 2005 |
Vulnerability in Plug and Play Could Allow Remote Code Execution and
Local Elevation of Privilege (905749):
MS05-047 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2 | |
| Oct 11, 2005 |
Vulnerability in the Client Service for NetWare Could Allow Remote Code
Execution (899589):
MS05-046 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Oct 11, 2005 |
Vulnerability in Network Connection Manager Could Allow Denial of
Service (905414):
MS05-045 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Oct 11, 2005 |
Vulnerability in the Windows FTP Client Could Allow File Transfer
Location Tampering (905495):
MS05-044 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Internet Explorer 6.0 |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold, Internet Explorer 6.0 SP1 |
No security bulletins were released this month.
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Aug 9, 2005 |
Vulnerability in Print Spooler Service Could Allow Remote Code Execution
(896423):
MS05-043 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold | |
| Aug 9, 2005 |
Vulnerabilities in Kerberos Could Allow Denial of Service, Information
Disclosure, and Spoofing (899587):
MS05-042 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Aug 9, 2005 |
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service
(899591):
MS05-041 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Aug 9, 2005 |
Vulnerability in Telephony Service Could Allow Remote Code Execution
(893756):
MS05-040 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Aug 9, 2005 |
Vulnerability in Plug and Play Could Allow Remote Code Execution and
Elevation of Privilege (899588):
MS05-039 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Aug 9, 2005 |
Cumulative Security Update for Internet Explorer (896727):
MS05-038 Affected Software: Internet Explorer 5.5, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Internet Explorer 5.5 SP2, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP Service Pack 2, Windows 2000 Service Pack 4, Windows XP Service Pack 1 |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Jul 12, 2005 |
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235):
MS05-037 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 5.5, Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2 |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Internet Explorer 5.5 SP2, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1 | |
| Jul 12, 2005 |
Vulnerability in Microsoft Color Management Module Could Allow Remote Code
Execution (901214):
MS05-036 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Jul 12, 2005 |
Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672):
MS05-035 Affected Software: Word 2000, Office 2000, Works 2001, Office XP, Word 2002, Works 2002, Works 2003, Works 2004 |
Word 2000 SP3, Office 2000 Service Pack 3, Works 2001 Gold, Office XP SP3 , Word 2002 SP3, Works 2002 Gold, Works 2003 Gold, Works 2004 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Jun 14, 2005 |
Cumulative Security Update for ISA Server 2000 (899753):
MS05-034 Affected Software: ISA Server 2000, Small Business Server 2000, Small Business Server 2003 |
ISA Server 2000 SP2, Small Business Server 2000 SP3, Small Business Server 2000 SP4, Small Business Server 2003 Gold, Small Business Server 2003 SP1 | |
| Jun 14, 2005 |
Vulnerability in Telnet Client Could Allow Information Disclosure (896428):
MS05-033 Affected Software: Services For Unix 2.2, Services For Unix 3.0, Services For Unix 3.5, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Services For Unix 2.2 Gold, Services For Unix 3.0 Gold, Services For Unix 3.5 Gold, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Jun 14, 2005 |
Vulnerability in Microsoft Agent Could Allow Spoofing (890046):
MS05-032 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Jun 14, 2005 |
Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code
Execution (898458):
MS05-031 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Microsoft Interactive Training (Step-by-Step) |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Microsoft Interactive Training | |
| Jun 14, 2005 |
Vulnerability in Outlook Express Could Allow Remote Code Execution (897715):
MS05-030 Affected Software: Outlook Express 5.5, Outlook Express 6.0, Outlook Express 6 on Windows Server 2003, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 5.5, Internet Explorer 6.0 |
Internet Explorer 5.5 SP2, Internet Explorer 6.0 SP1, Windows Server 2003 Gold, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Jun 14, 2005 |
Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow
Cross-Site Scripting Attacks (895179):
MS05-029 Affected Software: Exchange Server 5.5 |
Exchange Server 5.5 SP4 | |
| Jun 14, 2005 |
Vulnerability in Web Client Service Could Allow Elevation of Privilege
(896426):
MS05-028 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows XP Service Pack 1, Windows Server 2003 Gold | |
| Jun 14, 2005 |
Vulnerability in Server Message Block Could Allow Remote Code Execution
(896422):
MS05-027 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1 | |
| Jun 14, 2005 |
Vulnerability in HTML Help Could Allow Remote Code Execution (896358):
MS05-026 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Jun 14, 2005 |
Cumulative Security Update for Internet Explorer (883939):
MS05-025 Affected Software: Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Internet Explorer 5.01 SP3, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| May 10, 2005 |
Vulnerability in Web View Could Allow Remote Code Execution (894320):
MS05-024 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold |
Apr 12, 2005 - Windows XP SP2 is no longer an optional download from Microsoft Windows Update.
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Apr 12, 2005 |
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169):
MS05-023 Affected Software: Word 2000, Office 2000, Works 2001, Office XP, Word 2002, Works 2002, Works 2003, Works 2004, Office 2003, Word 2003 |
Word 2000 SP3, Office 2000 Service Pack 3, Works 2001 Gold, Office XP SP3 , Word 2002 SP3, Works 2002 Gold, Works 2003 Gold, Works 2004 Gold, Office 2003 SP1, Word 2003 SP1 | |
| Apr 12, 2005 |
Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597):
MS05-022 Affected Software: MSN Messenger 6 |
MSN Messenger Gold | |
| Apr 12, 2005 |
Vulnerability in Exchange Server Could Allow Remote Code Execution (894549):
MS05-021 Affected Software: Exchange 2000 Server, Exchange 2000 Enterprise Server, Exchange Server 2003 |
Exchange 2000 SP3, Exchange Server 2003 Gold, Exchange Server 2003 SP1 | |
| Apr 12, 2005 |
Cumulative Security Update for Internet Explorer (890923):
MS05-020 Affected Software: Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Internet Explorer 5.01 SP3, Internet Explorer 5.01 SP4, Internet Explorer 6.0 SP1, Windows Server 2003 Gold, Windows XP Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Apr 12, 2005 |
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of
Service (893066):
MS05-019 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Apr 12, 2005 |
Vulnerability in Windows Kernel Could Allow Elevation of Privilege and
Denial of Service (890859):
MS05-018 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Apr 12, 2005 |
Vulnerability in Message Queuing Could Allow Code Execution (892944):
MS05-017 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows 98, Windows 98 SE |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1 | |
| Apr 12, 2005 |
Vulnerability in Windows Shell that Could Allow Remote Code Execution
(893086):
MS05-016 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold |
No security bulletins were released this month.
Windows Server 2003 SP1 released 30 March.
|
Windows Server
2003 Service Pack 1*
Download size:
329.3 MB, 7 hours 29 minutesWindows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools such as Security Configuration Wizard, which helps secure your server for role-based operations. SP1 improves defense-in-depth with Data Execution Protection, and provides a safe and secure first-boot scenario with Post-setup Security Update Wizard. Read more... Download * Must be installed separately from other updates |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Feb 8, 2005 |
Vulnerability in Hyperlink Object Library Could Allow Remote Code
Execution (888113):
MS05-015 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Feb 8, 2005 |
Cumulative Security Update for Internet Explorer (867282):
MS05-014 Affected Software: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Internet Explorer 5.01 SP3, Internet Explorer 5.01 SP4, Internet Explorer 6 SP1, Windows Server 2003 Gold, Windows XP Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Feb 8, 2005 |
Vulnerability in the DHTML Editing ActiveX Control could allow code
execution (891781):
MS05-013 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Feb 8, 2005 |
Vulnerability in OLE and COM Could Allow Remote Code Execution (873333):
MS05-012 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Exchange 2000 Server, Exchange 2000 Enterprise Server, Exchange Server 2003, Exchange Server 5.5, Exchange Server 5.0, Office XP, Outlook 2002, Word 2002, Excel 2002, PowerPoint 2002, FrontPage 2002, Publisher 2002, Access 2002, Office 2003, Outlook 2003, Word 2003, Excel 2003, PowerPoint 2003, FrontPage 2003, Publisher 2003, Access 2003, InfoPath 2003, OneNote 2003 |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Exchange 2000 SP3, Exchange Server 2003 Gold, Exchange Server 2003 SP1, Exchange Server 5.5 SP4, Exchange Server 5.0 SP2, Office XP SP2, Office XP SP3 , Outlook 2002 SP2, Outlook 2002 SP3, Word 2002 SP2, Word 2000 SP3, Excel 2002 SP2, Excel 2002 SP3, PowerPoint 2002 SP2, PowerPoint 2002 SP3, FrontPage 2002 SP2, FrontPage 2002 SP3, Publisher 2002 SP2, Publisher 2002 SP3, Access 2002 SP2, Access 2002 SP3, Office 2003 Gold, Office 2003 SP1, Outlook 2003 Gold, Word 2003 Gold, Word 2003 SP1, Excel 2003 Gold, Excel 2003 SP1, PowerPoint 2003 Gold, PowerPoint 2003 SP1, FrontPage 2003 Gold, FrontPage 2003 SP1, Publisher 2003 Gold, Publisher 2003 SP1, Access 2003 Gold, Access 2003 SP1, InfoPath 2003 Gold, InfoPath 2003 SP1, OneNote 2003 Gold, OneNote 2003 SP1 | |
| Feb 8, 2005 |
Vulnerability in Server Message Block Could Allow Remote Code Execution
(885250):
MS05-011 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold | |
| Feb 8, 2005 |
Vulnerability in the License Logging Service Could Allow Code Execution
(885834):
MS05-010 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Server, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows Server 2003 Gold | |
| Feb 8, 2005 |
Vulnerability in PNG Processing Could Lead to Buffer Overrun (890261):
MS05-009 Affected Software: Windows Media Player 9.0, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Windows Messenger 4.7, Windows Messenger 5.x, MSN Messenger |
Windows Media Player 9.0 Gold, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Windows Messenger 4.7 Gold, Windows Messenger 5.x Gold, MSN Messenger Gold | |
| Feb 8, 2005 |
Vulnerabilty in Windows Shell Could Allow Remote Code Execution (890047):
MS05-008 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold | |
| Feb 8, 2005 |
Vulnerability in Windows Could Allow Information Disclosure (888302):
MS05-007 Affected Software: Windows XP Home Edition, Windows XP Professional |
Windows XP Service Pack 1 | |
| Feb 8, 2005 |
Vulnerability in Windows SharePoint Services and SharePoint Team Services
Could Allow Cross-Site Scripting and Spoofing Attacks (887891):
MS05-006 Affected Software: Windows SharePoint Services, SharePoint Team Services 2002 |
Windows SharePoint Services SP1, SharePoint Team Services 2002 Gold | |
| Feb 8, 2005 |
Vulnerability in Microsoft Office XP could lead to Buffer Overrun (873352):
MS05-005 Affected Software: Office XP, Word 2002, PowerPoint 2002, Project 2002, Visio 2002, Works 2002, Works 2003, Works 2004 |
Office XP SP2, Office XP SP3 , Word 2002 SP2, Word 2002 SP3, PowerPoint 2002 SP2, PowerPoint 2002 SP3, Project 2002 SP2, Project 2002 SP3, Visio 2002 SP2, Visio 2002 SP3, Works 2002 Gold, Works 2003 Gold, Works 2004 Gold | |
| Feb 8, 2005 |
ASP.NET Path Validation Vulnerability (887219):
MS05-004 Affected Software: .Net Framework 1.0, .Net Framework 1.1, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
.Net Framework 1.0 SP2, .Net Framework 1.0 SP3, .Net Framework 1.1 Gold, .Net Framework 1.1 SP1, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Jan 11, 2005 |
Vulnerability in HTML Help Could Allow Code Execution (890175):
MS05-001 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 6 |
Windows NT4 Service Pack 6a, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Internet Explorer 6 SP1 | |
| Jan 11, 2005 |
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code
Execution (891711):
MS05-002 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Jan 11, 2005 |
Vulnerability in the Indexing Service Could Allow Remote Code Execution
(871250):
MS05-003 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold |
| Date | Bulletin Description | Affected Software Service Packs | Bulletin Rating |
| Dec 14, 2004 |
Vulnerability in WordPad Could Allow Code Execution (885836):
MS04-041 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | |
| Dec 14, 2004 |
Vulnerability in DHCP Could Allow Remote Code Execution and Denial Of
Service (885249):
MS04-042 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6 | |
| Dec 14, 2004 |
Vulnerability in HyperTerminal Could Allow Code Execution (873339):
MS04-043 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold | |
| Dec 14, 2004 |
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of
Privilege (885835):
MS04-044 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold | |
| Dec 14, 2004 |
Vulnerability in WINS Could Allow Remote Code Execution (870763):
MS04-045 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Server, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows Server 2003 Gold |
| Dec 1, 2004 |
Cumulative Security Update for Internet Explorer (889293): MS04-040 Affected Software: Internet Explorer 6, Windows 98, Windows 98 SE, Windows Me, Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional |
Internet Explorer 6 SP1, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1 | Critical |
Date |
Bulletin Description | Affected Software Service Packs |
Max Bulletin Severity |
| Nov 9, 2004 |
Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet
Content Spoofing (888258): MS04-039 Affected Software: Proxy Server 2.0, ISA Server 2000, Small Business Server 2000 |
Proxy Server 2.0 SP1, ISA Server 2000 SP1, ISA Server 2000 SP2, Small Business Server 2000 Gold, Small Business Server 2000 SP1 | Important |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Oct 12,
2004 |
Cumulative Security Update for Internet Explorer (834707): MS04-038 Affected Software: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 5.5 |
Internet Explorer 5.01 SP3, Internet Explorer 5.01 SP4, Internet Explorer 6 Gold, Internet Explorer 6 SP1, Windows Server 2003 Gold, Windows XP Service Pack 2, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Internet Explorer 5.5 SP2 | Critical |
| Oct 12,
2004 |
Vulnerability in Windows Shell Could Allow Remote Code Execution (841356):
MS04-037 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Server, Windows 2000 Professional, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003, Datacenter Edition, Windows 98, Windows 98 SE, Windows Me |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SP1, Windows Me Gold | Critical |
| Oct 12,
2004 |
Vulnerability in NNTP Could Allow Code Execution (883935): MS04-036 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Exchange 2000 Server, Exchange Server 2003 |
Windows NT4 Service Pack 6a, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows Server 2003 Gold, Exchange 2000 SP3, Exchange Server 2003 Gold | Critical |
| Oct 12,
2004 |
Vulnerability in SMTP Could Allow Remote Code Execution (885881):
MS04-035 Affected Software: Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Exchange Server 2003 |
Windows Server 2003 Gold, Exchange Server 2003 Gold, Exchange Server 2003 SP1 | Critical |
| Oct 12,
2004 |
Vulnerability in Compressed (zipped) Folders Could Allow Code Execution
(873376): MS04-034 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold | Critical |
| Oct 12,
2004 |
Vulnerability in Microsoft Excel Could Allow Code Execution (886836):
MS04-033 Affected Software: Office 2000, Excel 2000, Office XP, Excel 2002, Office 2001 for Macintosh, Office v. X for Macintosh |
Office 2000 Service Pack 3, Excel 2000 SP3, Office XP SP2, Excel 2002 SP2, Office 2001 for Macintosh Gold, Office v. X for Macintosh Gold | Critical |
| Oct 12,
2004 |
Security Update for Microsoft Windows (840987): MS04-032 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | Critical |
| Oct 12,
2004 |
Vulnerability in NetDDE Could Allow Remote Code Execution (841533):
MS04-031 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold | Important |
| Oct 12,
2004 |
Vulnerability in WebDav XML Message Handler Could Lead to a Denial of
Service (824151): MS04-030 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Internet Information Services 5.0, Internet Information Services 5.1, Internet Information Services 6.0 |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold | Critical |
| Oct 12,
2004 |
Vulnerability in RPC Runtime Library Could Allow Information Disclosure
and Denial of Service (873350): MS04-029 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6 | Important |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Sep 14,
2004 |
Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution
(833987): MS04-028 Affected Software: Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Server, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Publisher 2003 Gold, Windows Server 2003 Gold, Windows Server 2003 Service Pack 1 | Critical |
| Sep 14,
2004 |
Vulnerability in WordPerfect Converter Could Allow Code Execution (884933):
MS04-027 Affected Software: FrontPage 2000, Office 2000, Publisher 2000, Works 2001, FrontPage 2002, Office XP, Publisher 2002, Works 2002, Works 2003, Office System 2003, Publisher 2003, FrontPage 2003, Word 2003 |
Office 2000 SR-1a, Office 2000 SR-1, Office 2000 Service Pack 3, Office 2000 Service Pack 2, Office 2000 Service Pack 1, Office 2000 Gold, Works 2001 Gold, Office XP Gold, Office XP SP1, Office XP SP2, Office XP SP3 , Works 2002 Gold, Works 2003 Gold, Office 2003 Gold, Office 2003 SP1 | Important |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Aug 10,
2004 |
Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow
Cross-Site Scripting and Spoofing Attacks (842463): MS04-026 Affected Software: Exchange Server 5.5 |
Exchange Server 5.5 SP4 | Moderate |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Jul 30,
2004 |
Cumulative Security Update for Internet Explorer (867801): MS04-025 Affected Software: Internet Explorer 6, Internet Explorer 5.5, Internet Explorer 5.01, Internet Explorer 6.0 for Windows Server 2003 |
Internet Explorer 6 Gold, Internet Explorer 6 SP1, Internet Explorer 5.5 SP2, Internet Explorer 5.01 SP2, Internet Explorer 5.01 SP3, Internet Explorer 5.01 SP4, Windows Server 2003 Gold | Critical |
| Jul 13,
2004 |
Vulnerability in Windows Shell Could Allow Remote Code Execution (839645):
MS04-024 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Workstation 4.0, Windows NT Server 4.0, Terminal Server Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003, Datacenter Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows 98, Windows 98 SE, Windows Me |
Windows XP Gold, Windows XP Service Pack 1, Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows Server 2003 Gold, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold | Important |
| Jul 13,
2004 |
Vulnerability in HTML Help Could Allow Code Execution (840315):
MS04-023 Affected Software: Windows Server 2003 for Small Business Server, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003, Datacenter Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 6 |
Windows Server 2003 Gold, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Internet Explorer 6 SP1 | Critical |
| Jul 13,
2004 |
Vulnerability in Task Scheduler Could Allow Code Execution (841873):
MS04-022 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Internet Explorer 6 |
Windows XP Gold, Windows XP Service Pack 1, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Internet Explorer 6 SP1 | Critical |
| Jul 13,
2004 |
Security Update for IIS 4.0 (841373): MS04-021 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Internet Information Server 4.0, Windows NT Workstation 4.0 |
Windows NT4 Service Pack 6a | Important |
| Jul 13,
2004 |
Vulnerability in POSIX Could Allow Code Execution (841872):
MS04-020 Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Workstation 4.0, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4 | Important |
| Jul 13,
2004 |
Vulnerability in Utility Manager Could Allow Code Execution (842526):
MS04-019 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server |
Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4 | Important |
| Jul 13,
2004 |
Cumulative Security Update for Outlook Express (823353): MS04-018 Affected Software: Outlook Express 5.5, Outlook Express 6.0, Outlook Express 6 on Windows Server 2003 |
Internet Explorer 5.5 SP2, Internet Explorer 6 Gold, Internet Explorer 6 SP1, Windows Server 2003 Gold | Moderate |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Jun 8, 2004 |
Vulnerability in Crystal Reports Web Viewer Could Allow Information
Disclosure and Denial of Service (842689): MS04-017 Affected Software: Visual Studio .NET 2003, Microsoft Business Solutions CRM |
Visual Studio .NET 2003 Gold, Microsoft Business Solutions CRM Gold | Moderate |
| Jun 8, 2004 |
Vulnerability in DirectPlay Could Allow Denial of Service (839643):
MS04-016 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows XP Home Edition, Windows XP Professional |
Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows Server 2003 Gold, Windows XP Gold, Windows XP Service Pack 1 | Moderate |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| May 11,
2004 |
Vulnerability in Help and Support Center Could Allow Remote Code Execution
(840374): MS04-015 Affected Software: Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows XP Home Edition, Windows XP Professional |
Windows Server 2003 Gold, Windows XP Gold, Windows XP Service Pack 1 | Important |
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Apr 13,
2004 |
Vulnerability in the Microsoft Jet Database Engine Could Allow Code
Execution (837001): MS04-014 Affected Software: Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold | Important |
| Apr 13,
2004 |
Cumulative Security Update for Outlook Express (837009): MS04-013 Affected Software: Outlook Express 5.5, Outlook Express 6.0, Outlook Express 6 on Windows Server 2003 |
Internet Explorer 5.5 SP2, Internet Explorer 6 Gold, Internet Explorer 6 SP1, Windows Server 2003 Gold | Critical |
| Apr 13,
2004 |
Cumulative Update for Microsoft RPC/DCOM (828741): MS04-012 Affected Software: Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold | Critical |
| Apr 13,
2004 |
Security Update for Microsoft Windows (835732): MS04-011 Affected Software: Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Gold, Windows XP Service Pack 1, Windows Server 2003 Gold | Critical |
| Date | Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Mar 9, 2004 |
Vulnerability in MSN Messenger Could Allow Information Disclosure (838512):
MS04-010 Affected Software: MSN Messenger |
MSN Messenger Gold | Moderate |
|
|||
| Mar 9, 2004 |
Vulnerability in Microsoft Outlook Could Allow Code Execution (828040):
MS04-009 Affected Software: Outlook 2002, Office XP |
Office XP SP2 | Critical |
|
Workstations: The affected versions of the software are Microsoft Office
XP Service Pack 2 and Microsoft Outlook 2002 Service Pack 2. Microsoft Office 2000 Service Pack 3 and Microsoft
Outlook 2000 Service Pack 3 are unaffected. It is unclear whether
Microsoft Outlook 2000 Service Pack 2 is affected -- we are seeking
clarification.
|
|||
| Mar 9, 2004 |
Vulnerability in Windows Media Services Could Allow a Denial of Service
(832359): MS04-008 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Server |
Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4 | Moderate |
|
|
|
||||||||||||||||||||||||||||||||
|
Date |
Bulletin Description | Affected Software Service Packs | Max Bulletin Severity |
| Jan 13,
2004 |
Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation
(832759): MS04-002 Affected Software: Exchange Server 2003 |
Exchange Server 2003 Gold | Moderate |
| Jan 13,
2004 |
Vulnerability in H.323 Filter can Allow Remote Code Execution (816458):
MS04-001 Affected Software: ISA Server 2000, Small Business Server 2000, Small Business Server 2003 |
ISA Server 2000 SP1, Small Business Server 2000 Gold, Small Business Server 2000 SP1, Small Business Server 2003 Gold | Critical |
| Jan 10,
2004 |
Buffer Overrun in MDAC Function Could Allow code execution (832483):
MS04-003 Affected Software: MDAC 2.5, MDAC 2.6, MDAC 2.7, MDAC 2.8 |
MDAC 2.5 SP2, MDAC 2.5 SP3, MDAC 2.6 SP2, MDAC 2.7 Gold, MDAC 2.7 SP1, MDAC 2.8 Gold | Important |
No bulletins issued for this month.
|
||||||||||||||||||||||||||||||||
MS03-046 : Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (822363)
10/29/03 - Revised - The revisions are
not related to the security vulnerabilities addressed by the patches
(the revised patches all fix a debug problem). Thus, if patches have not been
pushed as of yet the new patches should be substituted. If they have been
pushed, the new patch should be pushed when it is convenient to do so.
MS03-044
: Buffer Overrun in Windows Help and Support Center Could Lead to System
Compromise (825119)
MS03-043
: Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
10/29/03 - Revised - The revisions are not related to the security vulnerabilities addressed by the patches (the revised patches all fix a debug problem). Thus, if patches have not been pushed as of yet the new patches should be substituted. If they have been pushed, the new patch should be pushed when it is convenient to do so.
Command line scanner: http://www.iss.net/support/product_utilities/ms03-043/
MS03-042
: Buffer Overflow in Windows Troubleshooter ActiveX Control Could (826232)
10/29/03 - Revised - The revisions are
not related to the security vulnerabilities addressed by the patches
(the revised patches all fix a debug problem). Thus, if patches have not been
pushed as of yet the new patches should be substituted. If they have been
pushed, the new patch should be pushed when it is convenient to do so.
MS03-041
: Vulnerability in Authenticode Verification Could Allow Remote Code Execution
(823182)
MS03-040
: Cumulative Patch for Internet Explorer (828750)
MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)
Supersedes MS03-026
MS03-038
: Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code
Execution (827104)
MS03-037
: Flaw in Visual Basic for Applications Could Allow Arbitrary Code execution
(822715)
MS03-036
: Buffer Overrun in WordPerfect Converter Could Allow Code Execution
(827103)
MS03-035
: Flaw in Microsoft Word Could Enable Macros to Run Automatically (827653)
MS03-034
: Flaw in NetBIOS Could Lead to Information Disclosure (824105)
MS03-033 : Unchecked Buffer in MDAC Function Could Enable System Compromise (823718)
Contains a re-release of the MS02-040
MS03-032
: Cumulative Patch for Internet Explorer (822925)
Supersedes MS03-015 and MS03-020
090903 - Patch is not complete - will be redistributed by Microsoft
August 18, 2003 - Windows 2000 Service Pack 3
released
July 2003
MS03-031
: Cumulative Patch for Microsoft SQL Server (815495)
MS03-030
: Unchecked Buffer in DirectX Could Enable System Compromise (819696)
| Note: DirectX 9.0b has been released at the same time as this security bulletin and contains the security fix discussed in the security bulletin. DirectX 9.0b can be installed on all versions of Windows except Windows NT 4.0 and can be downloaded from the following location: |
| •All Windows versions except Windows NT 4.0 |
MS03-029
: Flaw in Windows Function Could Allow Denial of Service (823803)
MS03-028
: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack
(816456)
MS03-027
: Unchecked Buffer in Windows Shell Could Enable System Compromise (821557)
MS03-026
: Buffer Overrun In RPC Interface Could Allow Code Execution (823980)
Superseded by MS03-039
MS03-025
: Flaw in Windows Message Handling through Utility Manager Could Enable
Privilege Elevation (822679)
MS03-024
: Buffer Overrun in Windows Could Lead to Data Corruption (817606)
MS03-023
: Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
MS03-022 : Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (822343)
Re-released 03/09/04
MS03-021
: Flaw In Windows Media Player May Allow Media Library Access (819639)
MS03-020
: Cumulative Patch for Internet Explorer (818529)
Supersedes MS03-015.
Superseded by MS03-032
After installation of
the Microsoft Patch Q832894 MS04-004 the false postive that shows up on the
Retina Scan for the Microsoft Patch 818529 MS03-020 no longer appears.
MS03-019
: Flaw in ISAPI extension for Windows Media Services could cause denial of
service (817772)
MS03-018
: Cumulative Patch for Internet Information Service (811114)
Supersedes MS02-062, MS02-028, MS02-018
MS03-017
: Flaw in Windows Media Player Skins Downloading Could Allow Code Execution
(817787)
MS03-016
: Cumulative Patch for BizTalk Server (815206)
MS03-015
: Cumulative Patch for Internet Explorer (813489)
Superceded by MS03-020 and MS03-032
MS03-014
: Cumulative Patch for Outlook Express (330994)
MS03-013
: Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated
Privileges (811493)
Supercedes MS03-007
August 25, 2003: Microsoft corrected duplicate version numbers - This is probably the cause of the "invalid checksum" error. For Windows 2000, the invalid checksum is for c:\WINNT\system32\basesrv.dll. For Windows NT, the invalid checksum is for c:\WINNT\system32\ntoskrnl.exe.
MS03-013 for W2K - file in question is basesrv.dll
Microsoft Patch - 8/15/02 7:34 am 5.00.2195.5265
Servers I checked - 8/26/02 8:45 am " file is newer.
MS03-013 for NT - file in question is ntoskrnl.exe
Microsoft Patch - 12/12/02 2:16 pm 4.0.1381.7203
Servers I checked - 12/12/02 2:16 pm " file is the same.
MS03-012
: Flaw In Winsock Proxy Service And ISA Firewall Service Can Cause Denial Of
Service (331066)
MS03-011
: Flaw in Microsoft VM Could Enable System Compromise (816093)
MS03-010
: Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)
MS03-009
: Flaw in ISA Server DNS intrusion detection filter can cause Denial of
Service (331065)
MS03-008
: Flaw in Windows Script Engine could allow code execution (814078)
MS03-007
: Unchecked Buffer In Windows Component Could Cause Server Compromise
(815021)
Superceded by MS03-013
There was a problem with MS03-007
- it was caused by a dependent file not being present in the patch.
MS03-006
: Flaw in Windows Me Help and Support Center Could Enable Code Execution
(812709)
MS03-005
: Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation
(810577)
MS03-004
: Cumulative Patch for Internet Explorer (810847)
MS03-003
: Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates
could lead to Information Disclosure (812262)
MS03-002
: Cumulative Patch for Microsoft Content Management Server (810487)
MS03-001
: Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)
MS02-072
: Unchecked Buffer in Windows Shell Could Enable System Compromise (Q329390)
MS02-071
: Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation
(328310)
Patch originally released December 11, 2002 - re-released February 07, 2003. This is probably the cause of the "invalid checksum" error. 2Q03 patch script probably used first release patch.
MS02-071 for W2K - file in question is kernel32.dll
Microsoft Patch - 11/1/02 4:33 pm 5.00.2195.6079
Servers I checked - 11/1/02 5:33 pm " file is newer.
MS02-071 for NT - file in question is gdi32.dll
Microsoft Patch - 12/30/02 4:12 pm 4.0.1381.7177
Servers I checked - 12/30/02 4:12 pm " file is the same.
MS02-070
: Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
MS02-069
: Flaw in Microsoft VM Could Enable System Compromise (810030)
MS02-068
: Cumulative Patch for Internet Explorer (324929)
MS02-067
: E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)
MS02-066
: Cumulative Patch for Internet Explorer (Q328970)
MS02-065
: Buffer Overrun in Microsoft Data Access Components Could Lead to Code
Execution (Q329414)
MS02-064
: Windows 2000 Default Permissions Could Allow Trojan Horse Program
(Q327522)
MS02-063
: Unchecked Buffer in PPTP Implementation Could Enable Denial of Service
Attacks (Q329834)
MS02-062
: Cumulative Patch for Internet Information Service (Q327696)
MS02-061
: Elevation of Privilege in SQL Server Web Tasks (Q316333)
MS02-060
: Flaw in Windows XP Help and Support Center Could Enable File Deletion
(Q328940)
MS02-059
: Flaw in Word Fields and Excel External Updates Could Lead to Information
Disclosure (Q330008)
MS02-058
: Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System
Compromise (Q328676)
MS02-057
: Flaw in Services for Unix 3.0 Interix SDK Could Allow Code Execution
(Q329209)
MS02-056
: Cumulative Patch for SQL Server (Q316333)
MS02-055
: Unchecked Buffer in Windows Help Facility Could Enable Code Execution
(Q323255)
MS02-054
: Unchecked Buffer in File Decompression Functions Could Lead to Code
Execution (Q329048)
MS02-053
: Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution
(Q324096)
MS02-052
: Flaw in Java VM JDBC Classes Could Allow Code Execution (Q329077)
MS02-051
: Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure
(Q324380)
MS02-050
: Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)
MS02-049
: Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without
Warning (Q326568)
MS02-048
: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital
Certificates (Q323172)
MS02-047
: Cumulative Patch for Internet Explorer (Q323759)
MS02-046
: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution
(Q327521)
MS02-045
: Unchecked Buffer in Network Share Provider can lead to Denial of Service
(Q326830)
MS02-044
: Unsafe Functions in Office Web Components (Q328130)
MS02-043
: Cumulative Patch for SQL Server (Q316333)
MS02-042
: Flaw in Network Connection Manager Could Enable Privilege Elevation
(Q326886)
MS02-041
: Unchecked Buffer in Content Management Server Could Enable Server
Compromise (Q326075)
MS02-040 : Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)
Rereleased in MS03-033
MS02-039
: Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code
Execution (Q323875)
MS02-038
: Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution
(Q316333)
MS02-037
: Server Response To SMTP Client EHLO Command Results In Buffer Overrun
(Q326322)
MS02-036
: Authentication Flaw in Microsoft Metadirectory Services Could Allow
Privilege Elevation (Q317138)
MS02-035
: SQL Server Installation Process May Leave Passwords on System (Q263968)
MS02-034
: Cumulative Patch for SQL Server (Q316333)
MS02-033
: Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce
Server (Q322273)
MS02-032
: Cumulative Patch for Windows Media Player (Q320920)
MS02-031
: Cumulative Patches for Excel and Word for Windows (Q324458)
MS02-030
: Unchecked Buffer in SQLXML Could Lead to Code Execution (Q321911)
MS02-029
: Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code
Execution (Q318138)
MS02-028
: Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise
(Q321599)
MS02-027
: Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's
Choice (Q323889)
MS02-026
: Unchecked Buffer in ASP.NET Worker Process (Q322289)
MS02-025
: Malformed Mail Attribute Can Cause Exchange 2000 to Exhaust CPU Resources
(Q320436)
MS02-024
: Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges
(Q320206)
MS02-023
: 15 May 2002 Cumulative Patch for Internet Explorer (Q321232)
MS02-022
: Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)
MS02-021
: E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward
(Q321804)
MS02-020
: SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)
MS02-019
: Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to
Execute (Q321309)
MS02-018
: Cumulative Patch for Internet Information Service (Q319733)
MS02-017
: Unchecked Buffer in the Multiple UNC Provider Could Enable Code Execution
(Q311967)
MS02-016
: Opening Group Policy Files for Exclusive Read Blocks Policy Application
(Q318593)
MS02-015
: 28 March 2002 Cumulative Patch for Internet Explorer
MS02-014
: Unchecked Buffer in Windows Shell Could Lead to Code Execution
MS02-013
: 04 March 2002 Cumulative VM Update
MS02-012
: Malformed Data Transfer Request Can Cause Windows SMTP Service to Fail
MS02-011
: Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP
Service
MS02-010
: Unchecked Buffer in ISAPI Filter Could Allow Commerce Server Compromise
MS02-009
: Incorrect VBScript Handling in IE Can Allow Web Pages to Read Local Files
MS02-008
: XMLHTTP Control Can Allow Access to Local Files
MS02-007
: SQL Server Remote Data Source Function Contain Unchecked Buffers
MS02-006
: Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
MS02-005
: 11 February 2002 Cumulative Patch for Internet Explorer
MS02-004
: Unchecked Buffer in Telnet Server Could Lead to Arbitrary Code Execution
MS02-003
: Exchange 2000 System Attendant Incorrectly Sets Remote Registry
Permissions
MS02-002
: Malformed Network Request Can Cause Office v. X for Mac to Fail
MS02-001
: Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization
Data
MS01-060
: SQL Server Text Formatting Functions Contain Unchecked Buffers
MS01-059
: Unchecked Buffer in Universal Plug and Play Can Lead to System Compromise
MS01-058
: 13 December 2001 Cumulative Patch for IE
MS01-057
: Specially Formed Script in HTML Mail Can Execute in Exchange 5.5 OWA
MS01-056
: Windows Media Player .ASF Processor Contains Unchecked Buffer
MS01-055
: 13 November 2001 Cumulative Patch for IE
MS01-054
: Invalid Universal Plug and Play Request Can Disrupt System Operation
MS01-053
: Downloaded Applications Can Execute on Mac IE 5.1 for OS X
MS01-052
: Invalid RDP Data Can Cause Terminal Service Failure
MS01-051
: Malformed Dotless IP Address Can Cause Web Page to be Handled in Intranet
Zone
MS01-050
: Malformed Excel or PowerPoint Document Can Bypass Macro Security
MS01-049
: Deeply-nested OWA Request Can Consume Server CPU Availability
MS01-048
: Malformed Request to RPC Endpoint Mapper Can Cause RPC Service to Fail
MS01-047
: OWA Function Allows Unauthenticated User to Enumerate Global Address List
MS01-046
: Access Violation in Windows 2000 IRDA Driver Can Cause System to Restart
MS01-045
: ISA Server H.323 Gatekeeper Service Contains Memory Leak
MS01-044
: 15 August 2001 Cumulative Patch for IIS
MS01-043
: NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leak
MS01-042
: Windows Media Player .NSC Processor Contains Unchecked Buffer
MS01-041
: Malformed RPC Request Can Cause Service Failure
MS01-040
: Invalid RDP Data Can Cause Memory Leak in Terminal Services
MS01-039
: Services for Unix 2.0 Telnet and NFS Services Contain Memory Leaks
MS01-038
: Outlook View Control Exposes Unsafe Functionality
MS01-037
: Authentication Error in SMTP Service Could Allow Mail Relaying
MS01-036
: Function Exposed via LDAP over SSL Could Enable Passwords to be Changed
MS01-035
: FrontPage Server Extension Sub-Component Contains Unchecked Buffer
MS01-034
: Malformed Word Document Could Enable Macro to Run Automatically
MS01-033
: Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server
Compromise
MS01-032
: SQL Query Method Enables Cached Administrator Connection to be Reused
MS01-031
: Predictable Named Pipes Could Enable Privilege Elevation via Telnet
MS01-030
: Incorrect Attachment Handling in Exchange OWA Can Execute Script
MS01-029
: Windows Media Player .ASX Processor Contains Unchecked Buffer
MS01-028
: RTF Document Linked to Template Can Run Macros Without Warning
MS01-027
: Flaws in Web Server Certificate Validation Could Enable Spoofing
MS01-026
: 14 May 2001 Cumulative Patch for IIS
MS01-025
: Index Server Search Function Contains Unchecked Buffer
MS01-024
: Malformed Request to Domain Controller Can Cause Memory Exhaustion
MS01-023
: Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0
Server
MS01-022 : WebDAV Service Provider Can Allow Scripts to Levy Requests as User
To be included in W2K SP4
hfnetcheck was run against one of the boxes and it said that MS01-022 was missing. Went to Microsoft and downloaded rbupdate.exe, which is the patch for this, and installed it on the machine. Ran hfnetcheck again and it still says it is not installed. MBSA says it can't determine if it is installed.
MS01-021
: Web Request Can Cause Access Violation in ISA Server Web Proxy Service
MS01-020
: Incorrect MIME Header Can Cause IE to Execute E-mail Attachment
MS01-019
: Passwords for Compressed Folders are Recoverable
MS01-018
: Visual Studio VB-TSQL Object Contains Unchecked Buffer
MS01-017
: Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard
MS01-016
: Malformed WebDAV Request Can Cause IIS to Exhaust CPU Resources
MS01-015
: IE Can Divulge Location of Cached Content
MS01-014
: Malformed URL Can Cause Service Failure in IIS 5.0 and Exchange 2000
MS01-013
: Windows 2000 Event Viewer Contains Unchecked Buffer
MS01-012
: Outlook - Outlook Express VCard Handler Contains Unchecked Buffer
MS01-011
: Malformed Request to Domain Controller Can Cause CPU Exhaustion
MS01-010
: Windows Media Player Skins Files Can Enable Java Code to Execute
MS01-009
: Malformed PPTP Packet Stream Can Cause Kernel Exhaustion
MS01-008
: Malformed NTLMSSP Request Can Enable Code to Run with System Privileges
MS01-007
: Network DDE Agent Requests Can Enable Code to Run in System Context
MS01-006
: Invalid RDP Data Can Cause Terminal Server Failure
MS01-005
: Packaging Anomaly Could Cause Hotfixes to be Removed
MS01-004
: Malformed .HTR Request Allows Reading of File Fragments
MS01-003
: Weak Permissions on Winsock Mutex Can Allow Service Failure
MS01-002
: PowerPoint 2000 File Parser Contains Unchecked Buffer
MS01-001
: Web Client Will Perform NTLM Authentication Regardless of Security
Settings
MS00-100
: Malformed Web Form Submission Vulnerability
MS00-099
: Directory Service Restore Mode Password Vulnerability
MS00-098
: Indexing Service File Enumeration Vulnerability
MS00-097
: Severed Windows Media Server Connection Vulnerability
MS00-096
: SNMP Parameters Vulnerability
MS00-095
: Registry Permissions Vulnerability
MS00-094
: Phone Book Service Buffer Overflow Vulnerability
MS00-093
: Browser Print Template and File Upload via Form Vulnerabilities
MS00-092
: Extended Stored Procedure Parameter Parsing Vulnerability
MS00-091
: Incomplete TCP/IP Packet Vulnerability
MS00-090
: .ASX Buffer Overrun and .WMS Script Execution Vulnerabilities
MS00-089
: Domain Account Lockout Vulnerability
MS00-088
: Exchange User Account Vulnerability
MS00-087
: Terminal Server Login Buffer Overflow Vulnerability
MS00-086
: Web Server File Request Parsing Vulnerability
MS00-085
: ActiveX Parameter Validation Vulnerability
MS00-084
: Indexing Services Cross Site Scripting Vulnerability
MS00-083
: Netmon Protocol Parsing Vulnerability
MS00-082
: Malformed MIME Header Vulnerability
MS00-081
: New Variant of VM File Reading Vulnerability
MS00-080
: Session ID Cookie Marking Vulnerability
MS00-079
: HyperTerminal Buffer Overflow Vulnerability
MS00-078
: Web Server Folder Traversal Vulnerability
MS00-077
: NetMeeting Desktop Sharing Vulnerability
MS00-076
: Cached Web Credentials Vulnerability
MS00-075
: Microsoft VM ActiveX Component Vulnerability
MS00-074
: WebTV for Windows Denial of Service Vulnerability
MS00-073
: Malformed IPX NMPI Packet Vulnerability
MS00-072
: Share Level Password Vulnerability
MS00-071
: Word Mail Merge Vulnerability
MS00-070
: Multiple LPC and LPC Ports Vulnerabilities
MS00-069
: Simplified Chinese IME State Recognition Vulnerability
MS00-068
: OCX Attachment Vulnerability
MS00-067
: Windows 2000 Telnet Client NTLM Authentication Vulnerability
MS00-066
: Malformed RPC Packet Vulnerability
MS00-065
: Still Image Service Privilege Escalation Vulnerability
MS00-064
: Unicast Service Race Condition Vulnerability
MS00-063
: Invalid URL Vulnerability
MS00-062
: Local Security Policy Corruption Vulnerability
MS00-061
: Money Password Vulnerability
MS00-060
: IIS Cross-Site Scripting Vulnerabilities
MS00-059
: Java VM Applet Vulnerability
MS00-058
: Specialized Header Vulnerability
MS00-057
: File Permission Canonicalization Vulnerability
MS00-056
: Microsoft Office HTML Object Tag Vulnerability
MS00-055
: Scriptlet Rendering Vulnerability
MS00-054
: Malformed IPX Ping Packet Vulnerability
MS00-053
: Service Control Manager Named Pipe Impersonation Vulnerability
MS00-052
: Relative Shell Path Vulnerability
MS00-047
: NetBIOS Name Server Protocol Spoofing Vulnerability
MS00-051
: Excel REGISTER.ID Function Vulnerability
MS00-050
: Telnet Server Flooding Vulnerability
MS00-046
: Cache Bypass Vulnerability
MS00-045
: Persistent Mail-Browser Link Vulnerability
MS00-043
: Malformed E-mail Header Vulnerability
MS00-044
: Absent Directory Browser Argument Vulnerability
MS00-049
: Office HTML Script and IE Script Vulnerabilities
MS00-048
: Stored Procedure Permissions Vulnerability
MS00-042
: Active Setup Download Vulnerability
MS00-020
: Desktop Separation Vulnerability
MS00-041
: DTS Password Vulnerability
MS00-040
: Remote Registry Access Authentication Vulnerability
MS00-039
: SSL Certificate Validation Vulnerabilities
MS00-037
: HTML Help File Code Execution Vulnerability
MS00-032
: Protected Store Key Length Vulnerability
MS00-038
: Malformed Windows Media Encoder Request Vulnerability
MS00-035
: SQL Server 7.0 Service Pack Password Vulnerability
MS00-036
: ResetBrowser Frame and Host Announcement Frame Vulnerabilities
MS00-029
: IP Fragment Reassembly Vulnerability
MS00-033
: Frame Domain Verification and Unauthorized Cookie Access and Malformed
Component Attribute Vulnerabilities
MS00-034
: Office 2000 UA Control Vulnerability
MS00-030
: Malformed Extension Data in URL Vulnerability
MS00-031
: Undelimited .HTR Request and File Fragment Reading via .HTR
Vulnerabilities
MS00-028
: Server-Side Image Map Components Vulnerability
MS00-027
: Malformed Environment Variable Vulnerability
MS00-026
: Mixed Object Access Vulnerability
MS00-025
: Link View Server-Side Component Vulnerability
MS00-024
: OffloadModExpo Registry Permissions Vulnerability
MS00-023
: Myriad Escaped Characters Vulnerability
MS00-022
: XLM Text Macro Vulnerability
MS00-021
: Malformed TCP/IP Print Request Vulnerability
MS00-019
: Virtualized UNC Share Vulnerability
MS00-018
: Chunked Encoding Post Vulnerability
MS00-016
: Malformed Media License Request Vulnerability
MS00-017
: DOS Device in Path Name Vulnerability
MS00-008
: Registry Permissions Vulnerability
MS00-014
: SQL Query Abuse Vulnerability
MS00-015
: Clip Art Buffer Overrun Vulnerability
MS00-013
: Misordered Windows Media Services Handshake Vulnerability
MS00-012
: Remote Agent Permissions Vulnerability
MS00-011
: VM File Reading Vulnerability
MS00-010
: Site Wizard Input Validation Vulnerability
MS00-009
: Image Source Redirect Vulnerability
MS00-007
: Recycle Bin Creation Vulnerability
MS00-006
: Malformed Hit-Highlighting Argument Vulnerability
MS00-004
: RDISK Registry Enumeration File Vulnerability
MS00-002
: Malformed Conversion Data Vulnerability
MS00-005
: Malformed RTF Control Word Vulnerability
MS00-003
: Spoofed LPC Port Request Vulnerability
MS00-001
: Malformed IMAP Request Vulnerability
MS99-060
: HTML Mail Attachment Vulnerability
MS99-061
: Escape Character Parsing Vulnerability
MS99-058
: Virtual Directory Naming Vulnerability
MS99-059
: Malformed TDS Packet Header Vulnerability
MS99-057
: Malformed Security Identifier Request Vulnerability
MS99-056
: Syskey Keystream Reuse Vulnerability
MS99-055
: Malformed Resource Enumeration Argument Vulnerability
MS99-050
: Server-side Page Reference Redirect Vulnerability
MS99-053
: Windows Multithreaded SSL ISAPI Filter Vulnerability
MS99-054
: WPAD Spoofing Vulnerability
MS99-052
: Legacy Credential Caching Vulnerability
MS99-051
: IE Task Scheduler Vulnerability
MS99-049
: File Access URL Vulnerability
MS99-048
: Active Setup Control Vulnerability
MS99-047
: Malformed Spooler Request Vulnerability
MS99-046
: Improve TCP Initial Sequence Number Randomness
MS99-045
: Virtual Machine Verifier Vulnerability
MS99-044
: Excel SYLK Vulnerability
MS99-043
: Javascript Redirect Vulnerability
MS99-042
: IFRAME ExecCommand Vulnerability
MS99-041 : RASMAN Security Descriptor Vulnerability
Superseded by NT 4.0 SP6a and NT 4.0 Terminal Server SP6 - Downloads
associated with this bulletin are no longer available.
MS99-040
: Download Behavior Vulnerability
MS99-039
: Domain Resolution and FTP Download Vulnerabilities
MS99-038
: Spoofed Route Pointer Vulnerability
MS99-037
: ImportExportFavorites Vulnerability
MS99-036
: Windows NT 4.0 Does Not Delete Unattended Installation File
MS99-035
: Set Cookie Header Caching Vulnerability
MS99-033
: Malformed Telnet Argument Vulnerability
MS99-034
: Fragmented IGMP Packet Vulnerability
MS99-032
: scriptlet.typelib/Eyedog Vulnerability
MS99-031
: Virtual Machine Sandbox Vulnerability
MS99-030
: Office ODBC Vulnerabilities
MS99-029
: Malformed HTTP Request Header Vulnerability
MS99-028
: Terminal Server Connection Request Flooding Vulnerability
MS99-027
: Encapsulated SMTP Address Vulnerability
MS99-026
: Malformed Dialer Entry Vulnerability
MS99-025
: Unauthorized Access to IIS Servers through ODBC Data Access with RDS
MS99-024
: Unprotected IOCTLs Vulnerability
MS99-023
: Malformed Image Header Vulnerability
MS99-022
: Double Byte Code Page Vulnerability
MS99-021
: CSRSS Worker Thread Exhaustion Vulnerability
MS99-020
: Malformed LSA Request Vulnerability
MS99-019
: Malformed HTR Request Vulnerability
MS99-018
: Malformed Favorites Icon Vulnerability
MS99-017
: RAS and RRAS Password Vulnerability
MS99-016
: Malformed Phonebook Entry Vulnerability
MS99-015
: Malformed Help File Vulnerability
MS99-014
: Excel 97 Virus Warning Vulnerabilities
MS99-013
: File Viewers Vulnerability
MS99-012
: MSHTML Update Available for Internet Explorer
MS99-011
: DHTML Edit Vulnerability
MS99-010
: File Access Vulnerability in Personal Web Server
MS99-009
: Malformed Bind Request Vulnerability
MS99-008
: Windows NT Screen Saver Vulnerability
MS99-007
: Taskpads Scripting Vulnerability
MS99-006
: Windows NT Known DLLs List Vulnerability
MS99-005
: BackOffice Server 4.0 Does Not Delete Installation Setup File
MS99-004
: Authentication Processing Error in Windows NT 4.0 Service Pack 4
MS99-003
: IIS Malformed FTP List Request Vulnerability
MS99-002
: Word 97 Template Vulnerability
MS99-001
: Exposure in Forms 2.0 TextBox Control that allows data to be read from
user's Clipboard
MS98-020
: Frame Spoof Vulnerability
MS98-019
: IIS GET Vulnerability
MS98-018
: Excel CALL Vulnerability
MS98-017
: Named Pipes Over RPC Vulnerability
MS98-016
: Dotless IP Address Issue in Microsoft Internet Explorer 4
MS98-015
: Untrusted Scripted Paste Issue in Microsoft Internet Explorer 4.01
MS98-014
: RPC Spoofing Denial of Service on Windows NT
MS98-013
: Internet Explorer Cross Frame Navigate Vulnerability
MS98-012
: Updates available for Security Vulnerabilities in Microsoft PPTP
MS98-011
: Window.External JScript Vulnerability in Microsoft Internet Explorer 4.0
MS98-010
: Information on the Back Orifice Program
MS98-009
: Windows NT Privilege Elevation Attack
MS98-008
: Long file name Security Issue affecting Microsoft Outlook 98 and Microsoft
Outlook Express 4.x
MS98-007
: Potential SMTP and NNTP Denial-of-Service Vulnerabilities
MS98-006
: Potential Denial-of-Service in IIS FTP Server due to Passive Connections
MS98-005
: Unwanted Data Issue with Office 98 for the Macintosh
MS98-004
: Unauthorized ODBC Data Access with RDS and IIS
MS98-003
: File Access Issue with Windows NT Internet Information Server
MS98-002 : Error Message Vulnerability Against Secured Internet Servers
Outdated - Installs version 4.0 of SChannel.dll
- current version is 5.00.1878.10, 7/16/01
MS98-001
: Disabling Creation of Local Groups on a Domain by Non-Administrative Users
 |
 |
 |
 |