Summary
Included in this advisory are updates for newly discovered vulnerabilities. These vulnerabilities, broken down by severity are:
Critical (3)
Bulletin Identifier Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727)
Executive Summary
Vulnerabilities exist in Internet Explorer, the most severe of these could allow an attacker to take complete control of an affected system.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Bulletin Identifier Microsoft Security Bulletin MS05-039
Bulletin Title
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
Executive Summary
A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution and Local Elevation of Privilege
Bulletin Identifier Microsoft Security Bulletin MS05-043
Bulletin Title
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)
Executive Summary
A vulnerability exists in the Print Spooler service that could allow remote code execution.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Important (1)
Bulletin Identifier Microsoft Security Bulletin MS05-040
Bulletin Title
Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)
Executive Summary
A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution.
Maximum Severity Rating
Important
Impact of Vulnerability
Remote Code Execution
Moderate (2)
Bulletin Identifier Microsoft Security Bulletin MS05-041
Bulletin Title
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)
Executive Summary
A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding.
Maximum Severity Rating
Moderate
Impact of Vulnerability
Denial of Service
Bulletin Identifier Microsoft Security Bulletin MS05-042
Bulletin Title
Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)
Executive Summary
This update resolves two newly-discovered vulnerabilities. The most severe of these vulnerabilities could allow denial of service.
Maximum Severity Rating
Moderate
Impact of Vulnerability
Denial of Service, Information Disclosure, and Spoofing.
Reply With Quote
