Patch Tuesday: Three Security Bulletins, Two Critical

Microsoft released three security bulletins for Windows on Tuesday, its monthly date for patching security problems. Two of the security bulletins involve critical vulnerabilities that could allow an attacker to take complete control of a user's system over the Internet. The patches are especially important because both critical vulnerabilities had already been publicly disclosed.

The bulletins are Microsoft's first three for 2005, after posting 45 bulletins in 2004. In all, the bulletins from this week patch four discrete flaws.

Bulletin MS05-001 affects all supported versions of Windows, including Windows XP with Service Pack 2.

The flaw exists in the HTML Help ActiveX control in Windows. It can allow information disclosure or remote code execution. After it is applied, the patch may cause some Web-based applications to stop working properly. Individual Web sites that invoke the control must be enabled on a site-by-site basis.

While the flaw is critical for most platforms, it is rated as only moderate on Windows Server 2003.

Although Windows NT 4.0 is no longer supported by Microsoft as of Dec. 31, 2004 without a custom support contract, Microsoft did test the operating system and determined it was not vulnerable by default. However, users who have installed Internet Explorer 6.0 Service Pack 1 on Windows NT 4.0 are vulnerable. A separate patch is available to harden IE 6 SP1 against the flaw.

Bulletin MS05-002 affects all supported versions of Windows, except for Windows XP SP2. Microsoft also developed and is distributing freely a patch for Windows NT Server 4.0 and Windows NT Server 4.0 Terminal Server Edition, despite the end of extended support for NT 4 last year. (See related story).

The critical remote code execution vulnerability occurs because of a problem in cursor and icon formatting, and is critical for all affected platforms. The bulletin also includes a patch for a separate flaw in the Windows kernel that is rated as an important problem across the affected Windows platforms.

The third bulletin, MS05-003, involves a flaw in the Indexing Service that could allow remote code execution. Because the service is not enabled by default in the affected version of Windows, the vulnerability received an important rather than critical designation.

Versions of Windows that are vulnerable if the Indexing Service is turned on are Windows XP, Windows 2000 and Windows Server 2003. Windows XP SP2, Windows NT Server 4.0, Windows 98/98SE/ME are immune.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Gears

    Top 10 Microsoft Tips and Analyses of 2018

    Here are the year's most popular explainers and how-to columns -- along with some plain, old "Why did Microsoft do that?" musings thrown in.

  • Sign

    2018 Microsoft Predictions Revisited

    From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.

  • Microsoft Recaps Delivery Optimization Bandwidth Controls for Organizations

    Microsoft expects organizations using its Delivery Optimization peer-to-peer update scheme will optimally see 60 percent to 70 percent improvements in terms of network bandwidth use.

  • Getting a Handle on Hyper-V Virtual NICs

    Hyper-V usually makes it easy to configure virtual network adapters within VMs. That is, until you need to create a VM containing multiple virtual NICs.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.