NEWZ: MS Security Bulletin Summary 11/OCT/2005

Dïscfärm

Learning Storage Performance
Joined
Nov 22, 2002
Messages
239
Location
Hïntërländs

Hit the web a little while ago...

Microsoft Bulletin Summary for the Updates Released on October 11, 2005

Importance color codes: CRITICAL IMPORTANT MODERATE



Bulletin Identifier Microsoft Security Bulletin MS05-050
Bulletin Title Vulnerability in DirectShow Could Allow Remote Code Execution (904706)

Executive Summary A vulnerability exists in DirectShow that could allow an attacker to take complete control of the affected system.
Maximum Severity Rating CRITICAL
Impact of Vulnerability Remote Code Execution
Affected Software Windows, DirectX. For more information, see the Affected Software and Download Locations section.


Bulletin Identifier Microsoft Security Bulletin MS05-051
Bulletin Title Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)

Executive Summary Vulnerabilities exist in MSDC and COM+ that could allow an attacker to take complete control of the affected system.
Maximum Severity Rating CRITICAL
Impact of Vulnerability Remote Code Execution
Affected Software Windows. For more information, see the Affected Software and Download Locations section.


Bulletin Identifier Microsoft Security Bulletin MS05-052
Bulletin Title Cumulative Security Update for Internet Explorer (896688)

Executive Summary A vulnerability exists in Internet Explorer that could allow an attacker to take complete control of an affected system.
Maximum Severity Rating CRITICAL
Impact of Vulnerability Remote Code Execution
Affected Software Windows, Internet Explorer. For more information, see the Affected Software and Download Locations section.



Bulletin Identifier Microsoft Security Bulletin MS05-046
Bulletin Title Vulnerability in the Client Services for Netware Could Allow Remote Code Execution (899589)

Executive Summary A vulnerability exists in Client Services for NetWare that could allow an attacker to take complete control of the affected system. Client Services for Netware is not installed by default on Microsoft Windows.
Maximum Severity Rating IMPORTANT
Impact of Vulnerability Remote Code Execution
Affected Software Windows. For more information, see the Affected Software and Download Locations section.


Bulletin Identifier Microsoft Security Bulletin MS05-047
Bulletin Title Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)

Executive Summary A vulnerability exists in Plug and Play (PnP) that could allow an attacker to take complete control of the affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Maximum Severity Rating IMPORTANT
Impact of Vulnerability Remote Code Execution
Affected Software Windows. For more information, see the Affected Software and Download Locations section.


Bulletin Identifier Microsoft Security Bulletin MS05-048
Bulletin Title Vulnerability in the Microsoft Collaboration Objects Could Allow Remote Code Execution (907245)

Executive Summary A vulnerability exists in Microsoft Collaboration Data Objects that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. The SMTP service in Windows and Exchange is not vulnerable in the default configuration.
Maximum Severity Rating IMPORTANT
Impact of Vulnerability Remote Code Execution
Affected Software Windows, Exchange. For more information, see the Affected Software and Download Locations section.


Bulletin Identifier Microsoft Security Bulletin MS05-049
Bulletin Title Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

Executive Summary Vulnerabilities exist in Windows that could allow an attacker to take complete control of the affected system. User interaction is required for an attacker to exploit this vulnerability.
Maximum Severity Rating IMPORTANT
Impact of Vulnerability Remote Execution of Code
Affected Software Windows. For more information, see the Affected Software and Download Locations section.



Bulletin Identifier Microsoft Security Bulletin MS05-044
Bulletin Title Vulnerability in the Windows FTP Client Could Allow File Transfer Location and Tampering (905495)

Executive Summary A tampering vulnerability exists in the Windows FTP client that could allow an attacker to modify the intended destination location for a file transfer. User interaction is required for an attacker to exploit this vulnerability.
Maximum Severity Rating MODERATE
Impact of Vulnerability Tampering
Affected Software Windows. For more information, see the Affected Software and Download Locations section.


Bulletin Identifier Microsoft Security Bulletin MS05-045
Bulletin Title Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

Executive Summary A vulnerability exists in Network Connection Manager that could allow an attacker to cause the component responsible for managing network and remote access connections to stop responding. An attacker must have valid logon credentials to exploit this vulnerability.
Maximum Severity Rating MODERATE
Impact of Vulnerability Denial of Service
Affected Software Windows. For more information, see the Affected Software and Download Locations section.




http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx

 
Top