Microsoft Advisories 2005 - infectionvectors.com,,,,,,,,,,,,,,, Bulletin,KB#,Tag,Supercedes,Risk,.NET,NT4 6a,NT4 Tse SP6,W2K SP3,W2K SP4,XP Gold,XP SP1,XP SP2,2003,2003 SP1,Tech Bulletin MS05-001,890751,HTML Help ActiveX,N/A,Critical,,*,*,x,x,x,x,x,x,,http://www.microsoft.com/technet/security/bulletin/MS05-001.mspx MS05-002,891711,Cursors and Icon Handling,MS03-045,Critical,,x,x,x,x,x,x,,x,,http://www.microsoft.com/technet/security/bulletin/MS05-002.mspx MS05-003,871250,Indexing Service,N/A,Important,,,,x,x,x,,,x,,http://www.microsoft.com/technet/security/bulletin/MS05-003.mspx MS05-004,887219,ASP.NET Path Validation,N/A,Important,v1.0 & 1.1,,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-004.mspx MS05-005,873352,Office XP Buffer Overrun,MS04-028*,Critical,,,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-005.mspx MS05-006,887981,SharePoint XSS/Spoofing,N/A,Moderate,,,,,,,,,X,,http://www.microsoft.com/technet/security/bulletin/MS05-006.mspx MS05-007,888302,Windows Info Disclosure,N/A,Important,,,,X,X,,,,X,,http://www.microsoft.com/technet/security/bulletin/MS05-007.mspx MS05-008,890047,Windows Shell ,N/A,Important,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-008.mspx MS05-009,890261,WMP/Messenger PNG ,MS04-010 MS03-21,Critical,,,,X,X,,X,,X,,http://www.microsoft.com/technet/security/bulletin/MS05-009.mspx MS05-010,885834,License Logging Overrun,N/A,Critical,,X,,X,X,,,,X,,http://www.microsoft.com/technet/security/bulletin/MS05-010.mspx MS05-011,885250,SMB Vulnerability,N/A,Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-011.mspx MS05-012,873333,OLE/COM Vulnerability,"MS03-010, 03-026, 03-039",Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-012.mspx MS05-013,891781,DHTML Editing/ActiveX,N/A,Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-013.mspx MS05-014,867282,IE Cumulative Update,MS04-038/04-040,Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-014.mspx MS05-015,888113,Hyperlink Object Library,N/A,Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-015.mspx MS05-016,893086,Windows Shell,MS05-008,Important,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-016.mspx MS05-017,892944,Message Queuing,N/A,Important,,,,X,X,,X,,,,http://www.microsoft.com/technet/security/bulletin/MS05-017.mspx MS05-018,890859,Windows Kernel Flaw,see Notes,Important,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-018.mspx MS05-019,893066,TCP/IP Vuln ,N/A,Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx MS05-020,890923,Cumulative IE Patch,MS05-014,Critical,,,,X,X,,X,X,X,,http://www.microsoft.com/technet/security/bulletin/MS05-020.mspx MS05-021,894549,Exchange Vuln,MS04-035 ,Critical,Exchange Server 2000 and 2003 on any platform,,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-021.mspx MS05-022,896597,Messenger Flaw,MS05-009,Critical,MSN Messenger 6.2 on any platform,,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-022.mspx MS05-023,890169,MS Word Vuln,MS03-050,Critical,"MS Word 2000, 2002, 2003 on any platform",,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-023.mspx MS05-024,894320,Explorer Web View,N/A,Important,,,,,x,,x,,,,http://www.microsoft.com/technet/security/bulletin/MS05-024.mspx MS05-025,883939,Cumulative IE Update,MS05-020,Critical,,,,x,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-025.mspx MS05-026,896358,HTML Help,"MS03-044, MS04-023, MS05-001",Critical,,,,x,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx MS05-027,896422,SMB Validation,"MS02-070, MS03-024",Critical,,,,x,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-027.mspx MS05-028,896426,Web Client Service,N/A,Important,,,,,,,x,,x,,http://www.microsoft.com/technet/security/bulletin/MS05-028.mspx MS05-029,895179,XSS in OWA,N/A,Important,Exchange Server 5.5 SP4*,,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-029.mspx MS05-030,897715,Cumulative OE Update,MS04-018,Important,,,,x,x,,x,,x,,http://www.microsoft.com/technet/security/bulletin/MS05-030.mspx MS05-031,898458,Interactive Training,N/A,Important,,,,x,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-031.mspx MS05-032,890046,MS Agent Spoofing,N/A,Moderate,,,,x,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-032.mspx MS05-033,896428,Telnet Info Disclosure,N/A,Moderate,,,,,,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-033.mspx MS05-034,899753,Cumulative ISA 2000 Update,N/A,Moderate,ISA Server 2000 SP2,,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-034.mspx MS05-035,903672,Word Font Parsing,MS05-023,Critical,"MS Word (Office 2000/XP, Worsk 2000-2004)",,,,,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-035.mspx MS05-036,901214,Color Management Module,N/A,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx MS05-037,903235,JVIEW Profiler,N/A,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-037.mspx MS05-038,896727,Cumulative Update for IE,MS05-025 & 037,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-038.mspx MS05-039,899588,Plug and Play Flaw,N/A,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx MS05-040,893756,TAPI Vulnerability,N/A,Important,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-040.mspx MS05-041,899591,Remote Desktop Flaw,N/A,Moderate,,,,,,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx MS05-042,899587,Kerberos Disclosure,N/A,Moderate,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-042.mspx MS05-043,896423,Print Spooler,N/A,Critical,,,,,x,,x,x,x,,http://www.microsoft.com/technet/security/bulletin/MS05-043.mspx MS05-044,905495,FTP Client,N/A,Moderate,,,,,x,,x,,x,,http://www.microsoft.com/technet/security/bulletin/MS05-044.mspx MS05-045,905414,Network Connection Mgr,N/A,Moderate,,,,,x,,x,x,x,,http://www.microsoft.com/technet/security/bulletin/MS05-045.mspx MS05-046,899589,Client Services for Netware,N/A,Moderate,,,,,,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-046.mspx MS05-047,905794,Plug & Play Flaw,MS05-039,Important,,,,,x,,x,x,,,http://www.microsoft.com/technet/security/bulletin/MS05-047.mspx MS05-048,901017,CDO Object,N/A,Important,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-048.mspx MS05-049,900725,Windows Shell,"MS05-016, 024",Important,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-049.mspx MS05-050,904706,Direct Show,MS05-030,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-050.mspx MS05-051,902400,MSDTC & COM+,"MS04-012, MS05-010, 012, 026, 039",Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-051.mspx MS05-052,896688,Cumulative Update for IE,"MS05-037, 038",Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-052.mspx MS05-053,896424,Graphics Rendering Engine,MS05-002,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-053.mspx MS05-054,905915,Cumulative IE Update,MS05-052,Critical,,,,,x,,x,x,x,x,http://www.microsoft.com/technet/security/bulletin/MS05-054.mspx MS05-055,908523,Kernel Vulnerability,N/A,Important,,,,,x,,,,,,http://www.microsoft.com/technet/security/bulletin/MS05-055.mspx Notes:,,,,,,,,,,,,,,, MS05-005 ,"Affects Office XP as well as Project 2002, Visio 2002, and Works 2002-2004",,,,,,,,,,,,,, MS05-018,"Replaces MS03-013, MS03-045, MS04-032, MS05-002 as follows:", ,Win2000,MS03-045 & MS05-002 replaced ,WinXP SP1,MS03-013 & MS05-002 replaced ,Win2003,MS04-032 replaced MS05-019,Applies to:, , IE 5.01 on Win2000 SP3 and SP4, ," IE 6 SP1 on Win2000 SP3, SP4, and WinXP SP1", , IE 6 on WinXP SP2 & Win2003, MS05-021,Supercedes MS05-035 for Exchange Server 2000 only, MS05-022,MSN Messenger 6.2 is the only supported version that is affected, MS05-023,MS Word 2000 & 2002 affected, "MS05-024 - Windows ME is vulnerable to this as well, but no patch is available from Microsoft as it is not a Critical problem. ",, "Microsoft lists IE 5.01, 5.5, 6, 6 (SP1) as vulnerable to the possible exploit described in MS05-025.",, MS04-027 does not replace MS02-70 for Windows 2000 machines,, MS05-029 - IE 5.01SP3 required when installed on Windows 2000 SP3; IE 5.01 SP4 for Windows 2000 SP4; IE 6 SP1 for all other platforms,, MS05-054 involves IE6 for all systems except 5.5 for ME and 5.01 for W2K SP1,, MS05-055 requires local access to the system to exploit.