Security 10816 Published by

Microsoft has released their Security Bulletin for October 2005. Here the announcement:



Microsoft is releasing the following security bulletins for newly
discovered vulnerabilities:

Moderate MS05-044 Microsoft Windows
Tampering
Moderate MS05-045 Microsoft Windows
Denial of Service
Important MS05-046 Microsoft Windows
Remote Code Execution
Important MS05-047 Microsoft Windows
Remote Code Execution and Local Elevation of Privilege
Important MS05-048 Microsoft Windows, Microsoft Exchange
Remote Code Execution
Important MS05-049 Microsoft Windows
Remote Code Execution
Critical MS05-050 Microsoft Windows
Remote Code Execution
Critical MS05-051 Microsoft Windows
Remote Code Execution
Critical MS05-052 Microsoft Windows
Remote Code Execution

Summaries for these new bulletins may be found at the following pages:
* http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx

Customers are advised to review the information in the bulletins, test
and deploy the updates immediately in their environments, if applicable.

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Server Update Services
(WSUS), Windows Update (WU) and the Download Center. Note that this tool
will NOT be distributed using Software Update Services (SUS).
Information on the Microsoft Windows Malicious Software Removal Tool can
be located here:
http://go.microsoft.com/fwlink/?LinkId=40573

High-Priority Non-Security Updates on Microsoft Update (MU), Windows
Update (WU), Windows Server Update Services (WSUS) and Software Update
Services (SUS)

There are NO High-Priority NON-SECURITY updates being released on WU,
MU, SUS and WSUS.

Microsoft will host a webcast to address customer questions on these
bulletins. For more information on this webcast please see below:

Information about Microsoft's Security Bulletins
Wednesday, October 12, 2005 11:00 AM (GMT-08:00) Pacific Time (US &
Canada)
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=10322
82125&EventCategory=4&culture=en-US&CountryCode=US

The on-demand version of the webcast will be available 24 hours after
the live webcast at:
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=10322
82125&EventCategory=4&culture=en-US&CountryCode=US

**********************************************************************
MS05-044
Title: Vulnerability in the Windows FTP Client Could Allow File
Transfer Location Tampering (905495)

Affected Software:
* Microsoft Windows XP Service Pack 1
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 for Itanium-based Systems

Affected Components:
* Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000
Service Pack 4

Non-Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)

Non-Affected Components:
* Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000
Service Pack 4

Impact of Vulnerability: Tampering
Maximum Severity Rating: Moderate

Restart required: In some cases, this update does not require a restart.
If the required files are being used, this update will require a
restart. If this behavior occurs, a message appears that advises you to
restart. For more information about the reasons why you may be prompted
to restart your computer, see Microsoft Knowledge Base Article 887012

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-044.mspx

**********************************************************************
MS05-045
Title: Vulnerability in Network Connection Manager Could Allow Denial
of Service (905414)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1

Non-Affected Software:
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)

Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate
Restart required: Yes
Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-045.mspx

**********************************************************************
MS05-046
Title: Vulnerability in the Client Service for NetWare Could Allow
Remote Code Execution (899589)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1

Non-Affected Software:
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)
* Windows Services for Netware

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important

Restart required: In some cases, this update does not require a restart.
If the required files are being used, this update will require a
restart. If this behavior occurs, a message appears that advises you to
restart. For more information about the reasons why you may be prompted
to restart your computer, see Microsoft Knowledge Base Article 887012

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-046.mspx

**********************************************************************
MS05-047
Title: Vulnerability in Plug and Play Could Allow Remote Code Execution
and Local Elevation of Privilege (905749)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2

Non-Affected Software:
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)

Impact of Vulnerability: Remote Code Execution and Local Elevation of
Privilege
Maximum Severity Rating: Important
Restart required: Yes
Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-047.mspx

**********************************************************************
MS05-048
Title: Vulnerability in the Microsoft Collaboration Data Objects Could
Allow Remote Code Execution (907245)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Exchange 2000 Server Service Pack 3 with the Exchange
2000 Post-Service Pack 3 Update Rollup of August 2004

Non-Affected Software:
* Microsoft Exchange Server 2003
* Microsoft Exchange Server 2003 Service Pack 1

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important
Restart required: Yes
Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-048.mspx

**********************************************************************
MS05-049
Title: Vulnerabilities in Windows Shell Could Allow Remote Code
Execution (900725)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition

Non-Affected Software:
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME).

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important
Restart required: Yes
Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-049.mspx

**********************************************************************
MS05-050
Title: Vulnerability in DirectShow Could Allow Remote Code Execution
(904706)

Affected Software:
* Microsoft DirectX 7.0 on Microsoft Windows 2000 Service Pack 4
* Microsoft DirectX 8.1 on Microsoft Windows XP Service Pack 1 and
Microsoft Windows XP Service Pack 2
* Microsoft DirectX 8.1 on Microsoft Windows XP Professional x64
Edition
* Microsoft DirectX 8.1 on Microsoft Windows Server 2003 and
Microsoft Windows Server 2003 Service Pack 1
* Microsoft DirectX 8.1 on Microsoft Windows Server 2003 for
Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for
Itanium-based Systems
* Microsoft DirectX 8.1 on Microsoft Windows Server 2003 x64
Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME) - Review the FAQ section
of the bulletin for details about these operating systems.
Affected Components:
* Microsoft DirectX 8.1, 8.1a, 8.1b, 8.2 when installed on Windows
2000
* Microsoft DirectX 9.0, 9.0a, 9.0b, 9.0c when installed on
Windows 2000
* Microsoft DirectX 9.0, 9.0a, 9.0b, 9.0c when installed on
Windows XP
* Microsoft DirectX 9.0, 9.0a, 9.0b, 9.0c when installed on
Windows Server 2003

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical

Restart required: In some cases, this update does not require a restart.
If the required files are being used, this update will require a
restart. If this behavior occurs, a message appears that advises you to
restart. For more information about the reasons why you may be prompted
to restart your computer, see Microsoft Knowledge Base Article 887012

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-050.mspx

**********************************************************************
MS05-051
Title: Vulnerabilities in MSDTC and COM+ Could Allow Remote Code
Execution (902400)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition

Non-Affected Software:
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Restart required: Yes
Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-051.mspx

**********************************************************************
MS05-052
Title: Cumulative Security Update for Internet Explorer (896688)

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and
Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based
Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME) - Review the FAQ section
of this bulletin for details about these operating systems.

Affected Components:
* Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000
Service Pack 4
* Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000
Service Pack 4 or on Microsoft Windows XP Service Pack 1
* Internet Explorer 6 for Microsoft Windows XP Service Pack 2
* Internet Explorer 6 for Microsoft Windows Server 2003 and
Microsoft Windows Server 2003 Service Pack 1
* Internet Explorer 6 for Microsoft Windows Server 2003 for
Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for
Itanium-based Systems
* Internet Explorer 6 for Microsoft Windows Server 2003 x64
Edition
* Internet Explorer 6 for Microsoft Windows XP Professional x64
Edition
* Internet Explorer 5.5 Service Pack 2 on Microsoft Windows
Millennium Edition - Review the FAQ section of the bulletin for details
about this version.
* Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on
Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition -
Review the FAQ section of the bulletin for details about this version.

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Restart required: Yes
Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-052.mspx

PLEASE VISIT http://www.microsoft.com/technet/security FOR THE MOST
CURRENT INFORMATION ON THESE ALERTS.

Thank you,
Microsoft PSS Security Team