Security 10817 Published by

Microsoft has released today the following Security Bulletins

Note: http://www.Microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.



Bulletin Summary:

http://www.microsoft.com/technet/security/Bulletin/ms05-Jun.mspx

Critical Bulletins:

Cumulative Security Update for Internet Explorer (883939)
http://www.microsoft.com/technet/security/Bulletin/ms05-025.mspx

Vulnerability in HTML Help Could Allow Remote Code Execution [896358]
http://www.microsoft.com/technet/security/Bulletin/ms05-026.mspx

Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)
http://www.microsoft.com/technet/security/Bulletin/ms05-027.mspx

Important Bulletins:

Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)
http://www.microsoft.com/technet/security/Bulletin/ms05-028.mspx

Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)
http://www.microsoft.com/technet/security/Bulletin/ms05-029.mspx

Cumulative Security Update in Outlook Express (897715)
http://www.microsoft.com/technet/security/Bulletin/ms05-018.mspx


Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution [898458]
http://www.microsoft.com/technet/security/Bulletin/ms05-031.mspx

Moderate Bulletins:

Vulnerability in Microsoft Agent Could Allow Spoofing (890046)
http://www.microsoft.com/technet/security/Bulletin/ms05-032.mspx

Vulnerability in Telnet Client Could Allow Information Disclosure [896428]
http://www.microsoft.com/technet/security/Bulletin/ms05-033.mspx

Cumulative Security Update for ISA Server 2000 (899753)
http://www.microsoft.com/technet/security/Bulletin/ms05-034.mspx

Re-Released Bulletins:

SQL Server Installation Process May Leave Passwords on System [Q263968]
http://www.microsoft.com/technet/security/Bulletin/ms02-032.mspx

ASP.NET Path Validation Vulnerability [887219]
http://www.microsoft.com/technet/security/Bulletin/ms05-004.mspx

Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)
http://www.microsoft.com/technet/security/Bulletin/ms05-029.mspx

This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety [1-866-727-2338] International customers should contact their local subsidiary.