Security 10810 Published by

This advisory contains information about all security updates released this month. It is broken down by security bulletin severity.



Critical Security Bulletins
===========================

MS05-001 - Vulnerability in HTML Help Could Allow Remote Code
Execution (890175)

- Affected Software:
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP Service Pack 1
- Windows XP Service Pack 2
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition

- Affected Components:
- Internet Explorer 6.0 Service Pack 1 when
installed on Windows NT Server 4.0
Service Pack 6a or Windows NT Server 4.0
Terminal Server Edition Service Pack 6

- Review the FAQ section of bulletin MS05-O01 for
information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)

- Impact: Remote Code Execution
- Version Number: 1.0

MS05-002 - Vulnerability in Cursor and Icon Format Handling
Could Allow Remote Code Execution (891711)

- Affected Software:
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition
Service Pack 6
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition

- Review the FAQ section of bulletin MS05-O02 for
information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)

- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

MS05-003 - Vulnerability in Indexing Service Could Allow Remote
Code Execution (871250)

- Affected Software:
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition

- Impact: Remote Code Execution
- Version Number: 1.0

Update Availability:
===================
Updates are available to address these issues.
For additional information, including Technical Details,
Workarounds, answers to Frequently Asked Questions,
and Update Deployment Information please read
the Microsoft Security Bulletin Summary for this
month at: http://go.microsoft.com/fwlink/?LinkId=40943