|
ALARM Group ALERT ¿ click for a description of ALARM, The Computing Alert System
Alert Number: 101105-01
Alert Date: 10/11/05
Alert Title: Microsoft releases security bulletin for October
Update-to: None
OS/Platform/Application:
Windows Server 2003 (including Service Pack 1, x64 Edition, and SP1 for Itanium-based Systems)
Windows XP (Service Packs 1 and 2, also XP Professional x64 Edition)
Windows 2000 Service Pack 4
Windows 98, 98 Second Edition (SE), and Millennium Edition (Me)
Microsoft Internet Explorer 5.01, 5.5., 6 (including Service pack 1)
Microsoft Exchange 2000 SP3 (with exchange 2000 Post-Service Pack 3 Update Rollup of August 2004)
Microsoft DirectX (versions 8.n, 9.n on various Windows OS)
Category: ALERT
Severity: Medium
Attention: Windows System Administrators, Desktop Support Personnel |
Summary: On October 11 Microsoft released the latest in its string of monthly security bulletins. October's bulletin Summary consists of nine items (MS05-044 through MS-05-52), including three deemed 'Critical' by the vendor (MS-05-050 through MS-05-052).
Recommended Actions: Windows system managers and support personnel are encouraged to read the bulletin (including all potential caveats) and (if appropriate) apply the patch(es) immediately as per the instructions provided by the vendor.
ITS Actions: ITS Systems Management and Operations Staff will apply all necessary patches to the appropriate ITS servers as part of the next scheduled system update.
Resources:
Security Bulletin Summary for August 2005:
http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx
Bulletins by individual Listing:
Security Bulletin MS05-044
Vulnerability in the Windows FTP Client Could Allow File Transfer ocation Tampering
http://www.microsoft.com/technet/security/bulletin/MS05-044.mspx
Security Bulletin MS05-045
Vulnerability in Network Connection Manager Could Allow Denial of Service
http://www.microsoft.com/technet/security/bulletin/MS05-045.mspx
Security Bulletin MS05-046
Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/MS05-046.mspx
Security Bulletin MS05-047
Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege
http://www.microsoft.com/technet/security/bulletin/MS05-047.mspx
Security Bulletin MS05-048
Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/MS05-048.mspx
Security Bulletin MS05-049
Vulnerabilities in Windows Shell Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/MS05-049.mspx
Security Bulletin MS05-050 **CRITICAL**
Vulnerability in DirectShow Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/MS05-050.mspx
Security Bulletin MS05-051 **CRITICAL**
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/MS05-051.mspx
Security Bulletin MS05-052 **CRITICAL**
Cumulative Security Update for Internet Explorer
http://www.microsoft.com/technet/security/bulletin/MS05-052.mspx
