Last night, Microsoft released its monthly batch of security patches. They include 3 Critical Updates, one Important and two Moderate Security Bulletins. They include:
CRITICAL
* MS05-038 – Cumulative Security Update for Internet Explorer (896727) – Yet another security rollup for Internet Explorer, affecting Win2k and Up (and likely down)
* MS05-039 – Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) – Puts a whole new meaning in “play,” doesn’t it?
* MS05-043 – Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) – Just when you thought it was safe to print…
IMPORTANT
* MS05-040 – Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)
MODERATE
* MS05-041 – Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)
* MS05-042 – Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)
RE-RELEASES
Re-released this month, with updates for additionally affected platforms and updated patches are:
* MS05-023 – Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169) – noting that the Word 2003 Viewer is also in danger
* MS05-032 – Vulnerability in Microsoft Agent Could Allow Spoofing (890046) – Noting that there is a revised update available for x65-based systems.
So, the count is up to 43 Security Bulletins so far this year. It’s the 33rd week of 2005. Trustworthy Computing continues…
Get details on all the latest bulletins and tools from Microsoft at http://www.microsoft.com/technet/security — and get patching!