Microsoft Security Patches: June 2005
Microsoft has just posted their security patch builletin for June. As usual all required patches for your PC can be found on Windows Update. Here’s a brief summary of the “critical” and “important” level vulnerabilities. (Read more for “moderate” level patches)MS05-025: Cumulative Security Update for Internet Explorer (883939) Critical
Vulnerabilities exist in Internet Explorer, the most sever of these could allow an attacker to take complete control of an affected system.
http://go.microsoft.com/fwlink/?LinkId=45181
MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution (896358) Critical
A vulnerability exists in HTML Help that could allow an attacker to take complete control of an affected system.
http://go.microsoft.com/fwlink/?LinkId=45237
MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422) Critical
A vulnerability exists in Windows that could allow an attacker to take complete control of an affected system. An attacker needs to authenticate to be able to exploit this vulnerability.
http://go.microsoft.com/fwlink/?LinkId=47017
MS05-028: Vulnerability in Web Client Service May Allow Remote Code Execution (896426) Important
A vulnerability exists in the Windows Web Client Service that could allow an attacker to take complete control of an affected system.
http://go.microsoft.com/fwlink/?LinkId=46658
MS05-029: Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179) Important
A cross-site scripting vulnerability exists in Outlook Web Access for Microsoft Exchange that could allow an attacker to run a malicious script in Outlook Web Access.
http://go.microsoft.com/fwlink/?LinkId=45969
MS05-030: Cumulative Security Update for Outlook Express (897715) Important
A vulnerability exists in Outlook Express that could allow an attacker to take complete control of an affected system.
http://go.microsoft.com/fwlink/?LinkId=47600
MS05-031: Vulnerability in Microsoft Windows Interactive Training Could Allow Remote Code Execution (898458) Important
A vulnerability exists in Windows that could allow an attacker to take complete control of an affected system. Microsoft Windows Interactive Training is not installed by default.
http://go.microsoft.com/fwlink/?LinkId=47051
Moderate Threat
MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing (890046) Important
A vulnerability exists in Microsoft Agent that could enable an attacker to spoof trusted Internet content. An attacker first have to persuade a user to visit the attacker’s site to attempt to exploit this vulnerability.
http://go.microsoft.com/fwlink/?LinkId=39175
MS05-033: Vulnerability in Telnet Client Could Allow Information Disclosure (896428) Important
A vulnerability exists in the Windows Telnet Client that could enable an attacker to retrieve unpredictable information from a system.
http://go.microsoft.com/fwlink/?LinkId=47016
MS05-034: Cumulative Security Update for ISA Server 2000 (899753) Important
Vulnerabilities exist in Microsoft ISA Server 2000 that could allow circumvention of a packet filter and enable an attacker to retrieve unpredictable information from an ISA Server’s cache or from a system behind the ISA server .
http://go.microsoft.com/fwlink/?LinkId=47738
页:
[1]