Patch Tuesday: Three Security Bulletins, Two Critical

Microsoft released three security bulletins for Windows on Tuesday, its monthly date for patching security problems. Two of the security bulletins involve critical vulnerabilities that could allow an attacker to take complete control of a user's system over the Internet. The patches are especially important because both critical vulnerabilities had already been publicly disclosed.

The bulletins are Microsoft's first three for 2005, after posting 45 bulletins in 2004. In all, the bulletins from this week patch four discrete flaws.

Bulletin MS05-001 affects all supported versions of Windows, including Windows XP with Service Pack 2.

The flaw exists in the HTML Help ActiveX control in Windows. It can allow information disclosure or remote code execution. After it is applied, the patch may cause some Web-based applications to stop working properly. Individual Web sites that invoke the control must be enabled on a site-by-site basis.

While the flaw is critical for most platforms, it is rated as only moderate on Windows Server 2003.

Although Windows NT 4.0 is no longer supported by Microsoft as of Dec. 31, 2004 without a custom support contract, Microsoft did test the operating system and determined it was not vulnerable by default. However, users who have installed Internet Explorer 6.0 Service Pack 1 on Windows NT 4.0 are vulnerable. A separate patch is available to harden IE 6 SP1 against the flaw.

Bulletin MS05-002 affects all supported versions of Windows, except for Windows XP SP2. Microsoft also developed and is distributing freely a patch for Windows NT Server 4.0 and Windows NT Server 4.0 Terminal Server Edition, despite the end of extended support for NT 4 last year. (See related story).

The critical remote code execution vulnerability occurs because of a problem in cursor and icon formatting, and is critical for all affected platforms. The bulletin also includes a patch for a separate flaw in the Windows kernel that is rated as an important problem across the affected Windows platforms.

The third bulletin, MS05-003, involves a flaw in the Indexing Service that could allow remote code execution. Because the service is not enabled by default in the affected version of Windows, the vulnerability received an important rather than critical designation.

Versions of Windows that are vulnerable if the Indexing Service is turned on are Windows XP, Windows 2000 and Windows Server 2003. Windows XP SP2, Windows NT Server 4.0, Windows 98/98SE/ME are immune.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Office 365 Attack Simulator Now Supports Attachments

    The Attack Simulator in Office 365 tool has been updated and now has the ability to include message attachments in targeted campaigns, according to a Friday Microsoft announcement.

  • How To Disable Touch Input in Windows 10

    When the touchscreen on your Windows 10 laptop goes bad, there's no reason to throw that baby out with the bath water.

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.