STANFORD UNIVERSITY

SECURE COMPUTING

Security Alerts

October 11, 2005

Microsoft Releases Patches for Multiple Critical Vulnerabilities

Summary

Note: One of the vulnerabilities covered by this alert, MS05-051, is being rated by Microsoft Support as extremely critical. They are recommending that all machines running Windows 2000 SP4 and Windows XP Pro SP1 install the MS05-051 patch immediately.

On Oct 11, 2005, Microsoft released nine new security updates, three of them rated as critical. All current versions of Windows are affected by some of them.

Some of these vulnerabilities can result in system-level compromise without direct user interaction. Others can result in compromise if the user opens a maliciously constructed HTML email message or web page.

What to Do

Windows users can manually use "Windows Update" to download and install the current operating system patches.

Additionally, it is recommended that all Windows machines have an automated patch management solution installed and configured on their system. Stanford provides BigFix to automatically patch Windows machines; it is available at http://patching.stanford.edu. Alternatively, Windows Automatic Update should be enabled.

Please remember to reboot your machine after patching manually, or when prompted to do so by Windows Update or by your BigFix administrator. Most patches do not take effect until after a reboot.

Technical Detail

Information regarding all nine security updates is available at http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx. The following are brief summaries of those rated as critical.

MS05-050 - Vulnerability in DirectShow Could Allow Remote Code Execution (KB904706)

  • Affected platforms:
    • Windows 98, 98SE, ME
    • Windows 2000, all versions
    • Windows XP, all versions
    • Windows Server 2003, all versions
  • Activated by opening a maliciously crafted AVI file, either directly or through a browser.

MS05-051 - Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (KB902400)

  • Affected platforms:
    • Windows 2000, all versions
    • Windows XP, all versions
    • Windows Server 2003, all versions
  • No credentials or user interaction required on Windows 2000 and Windows XP Service Pack 1.
  • Microsoft Support rates this vulnerability as extremely critical, and recommends that the patch be applied immediately to all machines running Windows 2000 or Windows XP Service Pack 1.

MS05-052 - Cumulative Security Update for Internet Explorer (KB896688)

  • Affected platforms:
    • Windows 98, 98SE, ME
    • Windows 2000, all versions
    • Windows XP, all 32-bit versions
    • Windows Server 2003, without Service Pack 1
  • Activated by opening a maliciously crafted web page.

References

Additional information regarding these vulnerabilities is available at

The Information Security Office would like to thank the Windows Systems Team in ITS for their assistance in producing this alert.

Last modified Monday, 08-Oct-2007 04:34:18 PM

Stanford University Home Page