Stasyx, Inc. - News - Custom Programming in ASP, JSP, and Visual Basic

Security vulnerabilities related to the Windows Server 2003 operating system have been discovered by Microsoft, and are presented here as a courtesy to our customers. If any of the links do not function property, then contact our technical support team at

. In the meantime, you can find all of the information listed below by navigating to www.microsoft.com.

MBSA12 : MBSA 1.2.1 will EXPIRE on October 9, 2007 - Upgrade Required: Date Posted - 2007/05/14; Date Revised - 2007/05/14; MBSA 1.2.1 and the MSSecure.XML catalog will EXPIRE on October 9, 2007. Please see the MBSA Home Page (www.microsoft.com/mbsa) for details and to upgrade to the latest version of MBSA.
MS07-058 : Vulnerability in RPC Could Allow Denial of Service (933729): Date Posted - 2007/10/09; Date Revised - 2007/10/09; This update resolves a newly discovered privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
MS07-058 : Vulnerability in RPC Could Allow Denial of Service (933729): Date Posted - 2007/10/09; Date Revised - 2007/10/09; This update resolves a newly discovered privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
MS07-055 : Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810): Date Posted - 2007/10/09; Date Revised - 2007/10/09; This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly know as Wang Image Viewer, handles specifically crafted images files. This vulnerability could allow an attacker remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-055 : Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810): Date Posted - 2007/10/09; Date Revised - 2007/10/09; This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly know as Wang Image Viewer, handles specifically crafted images files. This vulnerability could allow an attacker remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-046 : Vulnerability in GDI Could Allow Remote Code Execution (938829): Date Posted - 2007/08/14; Date Revised - 2007/08/14; This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the Graphics Rendering Engine because of the way that it handles specially crafted images. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
MS07-043 : Vulnerability in OLE Automation Could Allow Remote Code Execution (921503): Date Posted - 2007/08/14; Date Revised - 2007/08/14; This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page. The vulnerability could be exploited through attacks on Object Linking and Embedding (OLE). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.This is a critical security update for all supported editions of Windows 2000, Windows XP, Windows 2003, Office 2004 for Mac, and Visual Basic 6.
MS07-043 : Vulnerability in OLE Automation Could Allow Remote Code Execution (921503): Date Posted - 2007/08/14; Date Revised - 2007/08/14; This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page. The vulnerability could be exploited through attacks on Object Linking and Embedding (OLE). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.This is a critical security update for all supported editions of Windows 2000, Windows XP, Windows 2003, Office 2004 for Mac, and Visual Basic 6.
MS07-042 : Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227): Date Posted - 2007/08/14; Date Revised - 2007/08/14; This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-042 : Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227): Date Posted - 2007/08/14; Date Revised - 2007/08/14; This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-039 : Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122): Date Posted - 2007/07/10; Date Revised - 2007/07/10; This critical security update resolves a privately reported vulnerability in implementations of Active Directory on Windows 2000 Server and Windows 2003 Server that could allow remote code execution or a Denial of Service condition. Attacks attempting to exploit this vulnerability would most likely result in a denial of service condition. However remote code execution could be possible. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
MS07-039 : Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122): Date Posted - 2007/07/10; Date Revised - 2007/07/10; This critical security update resolves a privately reported vulnerability in implementations of Active Directory on Windows 2000 Server and Windows 2003 Server that could allow remote code execution or a Denial of Service condition. Attacks attempting to exploit this vulnerability would most likely result in a denial of service condition. However remote code execution could be possible. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
MS07-035 : Vulnerability in Win 32 API Could Allow Remote Code Execution (935839): Date Posted - 2007/06/12; Date Revised - 2007/06/12; This critical security update resolves a newly discovered, privately reported vulnerability in a Win32 API. This vulnerability could allow remote code execution or elevation of privilege if used locally. Applications that use this component of the Win32 API could be used as a vector for this vulnerability. For example, Internet Explorer uses this Win32 API function when parsing specially crafted Web pages.
MS07-035 : Vulnerability in Win 32 API Could Allow Remote Code Execution (935839): Date Posted - 2007/06/12; Date Revised - 2007/06/12; This critical security update resolves a newly discovered, privately reported vulnerability in a Win32 API. This vulnerability could allow remote code execution or elevation of privilege if used locally. Applications that use this component of the Win32 API could be used as a vector for this vulnerability. For example, Internet Explorer uses this Win32 API function when parsing specially crafted Web pages.
MS07-031 : Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840): Date Posted - 2007/06/12; Date Revised - 2007/06/12; This critical security update resolves a newly discovered, privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. However, attempts to exploit this vulnerability would most likely result in Internet Explorer exiting. The system would not be able to connect to Web sites using SSL or TLS until a restart of the system.
MS07-031 : Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840): Date Posted - 2007/06/12; Date Revised - 2007/06/12; This critical security update resolves a newly discovered, privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. However, attempts to exploit this vulnerability would most likely result in Internet Explorer exiting. The system would not be able to connect to Web sites using SSL or TLS until a restart of the system.
MS07-029 : Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966): Date Posted - 2007/05/08; Date Revised - 2007/05/08; This update resolves a publicly disclosed vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.
MS07-029 : Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966): Date Posted - 2007/05/08; Date Revised - 2007/05/08; This update resolves a publicly disclosed vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.
MS07-022 : Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-022 : Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-022 : Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-021 : Vulnerability in CSRSS Could Allow Remote Code Execution (930178): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves several newly discovered, privately and publicly disclosed vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-021 : Vulnerability in CSRSS Could Allow Remote Code Execution (930178): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves several newly discovered, privately and publicly disclosed vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-021 : Vulnerability in CSRSS Could Allow Remote Code Execution (930178): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves several newly discovered, privately and publicly disclosed vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-020 : Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
MS07-020 : Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
MS07-020 : Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168): Date Posted - 2007/04/10; Date Revised - 2007/04/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
MS07-017 : Vulnerability In GDI Could Allow Remote Code Execution (925902): Date Posted - 2007/04/03; Date Revised - 2007/04/03; This update resolves several newly discovered, publicly disclosed and privately reported vulnerabilities as well as additional issues discovered through internal investigations. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-017 : Vulnerability In GDI Could Allow Remote Code Execution (925902): Date Posted - 2007/04/03; Date Revised - 2007/04/03; This update resolves several newly discovered, publicly disclosed and privately reported vulnerabilities as well as additional issues discovered through internal investigations. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-017 : Vulnerability In GDI Could Allow Remote Code Execution (925902): Date Posted - 2007/04/03; Date Revised - 2007/04/03; This update resolves several newly discovered, publicly disclosed and privately reported vulnerabilities as well as additional issues discovered through internal investigations. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-013 : Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update addresses a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. When using vulnerable versions of Windows and/or Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-013 : Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update addresses a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. When using vulnerable versions of Windows and/or Office, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-012 : Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667): Date Posted - 2007/02/13; Date Revised - 2007/06/12; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Significant user interaction is required to exploit this vulnerability.
MS07-012 : Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667): Date Posted - 2007/02/13; Date Revised - 2007/06/12; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Significant user interaction is required to exploit this vulnerability.
MS07-012 : Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667): Date Posted - 2007/02/13; Date Revised - 2007/06/12; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Significant user interaction is required to exploit this vulnerability.
MS07-011 : Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Significant user interaction is required to exploit this vulnerability.
MS07-011 : Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Significant user interaction is required to exploit this vulnerability.
MS07-009 : Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-008 : Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly discovered, publicly reported vulnerability as well as additional issues discovered through internal investigations. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. On vulnerable versions of Windows, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-008 : Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly discovered, publicly reported vulnerability as well as additional issues discovered through internal investigations. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. On vulnerable versions of Windows, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS07-006 : Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS07-006 : Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255): Date Posted - 2007/02/13; Date Revised - 2007/02/13; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-078 : Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689): Date Posted - 2006/12/12; Date Revised - 2007/07/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
MS06-078 : Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689): Date Posted - 2006/12/12; Date Revised - 2007/07/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
MS06-078 : Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689): Date Posted - 2006/12/12; Date Revised - 2007/07/10; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
MS06-075 : Vulnerability in Windows Could Allow Elevation of Privilege (926255): Date Posted - 2006/12/12; Date Revised - 2006/12/12; This update resolves a public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. We recommend that customers apply the update at the earliest opportunity.
MS06-074 : Vulnerability in SNMP Could Allow Remote Code Execution (926247): Date Posted - 2006/12/12; Date Revised - 2006/12/12; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
MS06-074 : Vulnerability in SNMP Could Allow Remote Code Execution (926247): Date Posted - 2006/12/12; Date Revised - 2006/12/12; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
MS06-068 : Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213): Date Posted - 2006/11/14; Date Revised - 2006/11/14; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
MS06-068 : Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213): Date Posted - 2006/11/14; Date Revised - 2006/11/14; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
MS06-066 : Vulnerability in Netware Client Service Could Allow Remote Code Execution (923980): Date Posted - 2006/11/14; Date Revised - 2006/11/14; This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. The Client Service for Netware is also called the Gateway Service for NetWare on Windows 2000 Server.
MS06-066 : Vulnerability in Netware Client Service Could Allow Remote Code Execution (923980): Date Posted - 2006/11/14; Date Revised - 2006/11/14; This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. The Client Service for Netware is also called the Gateway Service for NetWare on Windows 2000 Server.
MS06-065 : Vulnerability in Winodws Object Packager Could Allow Remote Execution (924496): Date Posted - 2006/10/10; Date Revised - 2006/10/10; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-065 : Vulnerability in Winodws Object Packager Could Allow Remote Execution (924496): Date Posted - 2006/10/10; Date Revised - 2006/10/10; This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-064 : Vulnerabilities in TCP/IP Could Allow Denial of Service (922819): Date Posted - 2006/10/10; Date Revised - 2006/10/10; This update resolves a publicly disclosed vulnerability as well as additional issues discovered through internal investigations. An attacker who successfully exploited the most severe of these vulnerabilities against an affected system could cause the system to stop responding or automatically reboot.
MS06-064 : Vulnerabilities in TCP/IP Could Allow Denial of Service (922819): Date Posted - 2006/10/10; Date Revised - 2006/10/10; This update resolves a publicly disclosed vulnerability as well as additional issues discovered through internal investigations. An attacker who successfully exploited the most severe of these vulnerabilities against an affected system could cause the system to stop responding or automatically reboot.
MS06-063 : Vulnerability in Server Service Could Allow Denial of Service (923414): Date Posted - 2006/10/10; Date Revised - 2006/10/10; A denial of service vulnerability exists in the Server service because of the way it handles certain network messages. An attacker could exploit the vulnerability sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could cause the computer to stop responding.
MS06-063 : Vulnerability in Server Service Could Allow Denial of Service (923414): Date Posted - 2006/10/10; Date Revised - 2006/10/10; A denial of service vulnerability exists in the Server service because of the way it handles certain network messages. An attacker could exploit the vulnerability sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could cause the computer to stop responding.
MS06-061 : Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191): Date Posted - 2006/10/10; Date Revised - 2006/10/19; This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-061 : Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191): Date Posted - 2006/10/10; Date Revised - 2006/10/19; This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-057 : Vulnerability in Windows Explorer Could Allow Remote Execution (923191): Date Posted - 2006/10/10; Date Revised - 2006/10/10; This update resolves a newly discovered, publicly reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-057 : Vulnerability in Windows Explorer Could Allow Remote Execution (923191): Date Posted - 2006/10/10; Date Revised - 2006/10/10; This update resolves a newly discovered, publicly reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-053 : Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685): Date Posted - 2006/09/12; Date Revised - 2006/09/12; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. The vulnerability could allow an attacker to gain unauthorized access to information. Note that this vulnerability would not allow an attacker to execute code to elevate their user rights directly, but it could be used to produce useful information that could be used to further compromise the affected system.
MS06-053 : Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685): Date Posted - 2006/09/12; Date Revised - 2006/09/12; This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. The vulnerability could allow an attacker to gain unauthorized access to information. Note that this vulnerability would not allow an attacker to execute code to elevate their user rights directly, but it could be used to produce useful information that could be used to further compromise the affected system.
MS06-051 : Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves newly discovered, privately reported vulnerabilities and additional issues discovered through internal investigations. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-051 : Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves newly discovered, privately reported vulnerabilities and additional issues discovered through internal investigations. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-050 : Vulnerability in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves a newly discovered, public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-050 : Vulnerability in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves a newly discovered, public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-046 : Vulnerability in HTML Help Could Allow Remote Code Execution (922616): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves a newly discovered, publicly reported vulnerability as well as additional issues discovered through internal investigations. The privately reported vulnerability is documented in the "Vulnerability Details" section of this bulletin. On vulnerable versions of Windows, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-046 : Vulnerability in HTML Help Could Allow Remote Code Execution (922616): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves a newly discovered, publicly reported vulnerability as well as additional issues discovered through internal investigations. The privately reported vulnerability is documented in the "Vulnerability Details" section of this bulletin. On vulnerable versions of Windows, if a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-045 : Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-045 : Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-041 : Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves several newly discovered, privately reported, vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-041 : Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683): Date Posted - 2006/08/08; Date Revised - 2006/08/08; This update resolves several newly discovered, privately reported, vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-040 : Vulnerability in Server Service Could Allow Remote Code Execution (921883): Date Posted - 2006/08/08; Date Revised - 2006/09/12; This update resolves a publicly disclosed vulnerability as well as additional issues discovered through internal investigations. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-040 : Vulnerability in Server Service Could Allow Remote Code Execution (921883): Date Posted - 2006/08/08; Date Revised - 2006/09/12; This update resolves a publicly disclosed vulnerability as well as additional issues discovered through internal investigations. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-036 : Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388): Date Posted - 2006/07/11; Date Revised - 2006/07/11; This update resolves a newly discovered, privately reported vulnerability.There is a remote code execution vulnerability in the DHCP Client Service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
MS06-036 : Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388): Date Posted - 2006/07/11; Date Revised - 2006/07/11; This update resolves a newly discovered, privately reported vulnerability.There is a remote code execution vulnerability in the DHCP Client Service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
MS06-035 : Vulnerability in Server Service Could Allow Remote Code Execution (917159): Date Posted - 2006/07/11; Date Revised - 2006/07/11; This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. We recommend that customers apply the update immediately.
MS06-035 : Vulnerability in Server Service Could Allow Remote Code Execution (917159): Date Posted - 2006/07/11; Date Revised - 2006/07/11; This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. We recommend that customers apply the update immediately.
MS06-032 : Vulnerability in TCP/IP Could Allow Remote Code Execution (917953): Date Posted - 2006/06/13; Date Revised - 2006/05/13; This update resolves a privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
MS06-032 : Vulnerability in TCP/IP Could Allow Remote Code Execution (917953): Date Posted - 2006/06/13; Date Revised - 2006/05/13; This update resolves a privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
MS06-030 : Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389): Date Posted - 2006/06/13; Date Revised - 2006/06/13; This update resolves several newly discovered, privately reported vulnerability. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin.
MS06-030 : Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389): Date Posted - 2006/06/13; Date Revised - 2006/06/13; This update resolves several newly discovered, privately reported vulnerability. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin.
MS06-025 : Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280): Date Posted - 2006/06/13; Date Revised - 2006/06/27; This update resolves several newly discovered, privately reported vulnerability. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin.
MS06-025 : Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280): Date Posted - 2006/06/13; Date Revised - 2006/06/27; This update resolves several newly discovered, privately reported vulnerability. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin.
MS06-022 : Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439): Date Posted - 2006/06/13; Date Revised - 2006/06/13; This update resolves a newly discovered, privately reported vulnerability. A remote code execution vulnerability exists in the way AOL ART images are handled. This vulnerability could allow an attacker to take complete control of an affected system. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-022 : Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439): Date Posted - 2006/06/13; Date Revised - 2006/06/13; This update resolves a newly discovered, privately reported vulnerability. A remote code execution vulnerability exists in the way AOL ART images are handled. This vulnerability could allow an attacker to take complete control of an affected system. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-018 : Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580): Date Posted - 2006/05/09; Date Revised - 2006/05/09; This update resolves several newly-discovered, privately reported vulnerabilities. A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests..
MS06-015 : Vulnerability in Windows Explorer Could Lead to Remote Code Execution (908531): Date Posted - 2006/04/11; Date Revised - 2006/04/25; This update resolves several newly-discovered, [privately reported] [public] vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-015 : Vulnerability in Windows Explorer Could Lead to Remote Code Execution (908531): Date Posted - 2006/04/11; Date Revised - 2006/04/25; This update resolves several newly-discovered, [privately reported] [public] vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-014 : Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562): Date Posted - 2006/04/11; Date Revised - 2006/04/11; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-014 : Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562): Date Posted - 2006/04/11; Date Revised - 2006/04/11; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-011 : Permissive Windows Services DACLs Could Lead to Elevation of Privilege (914798): Date Posted - 2006/03/14; Date Revised - 2006/06/13; This update resolves a newly-discovered, public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-009 : Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. For an attack to be successful an attacker must be able to interactively logon to the affected system.
MS06-009 : Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. For an attack to be successful an attacker must be able to interactively logon to the affected system.
MS06-008 : Vulnerability in Web Client Service Could Allow Remote Code Execution (911927): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-008 : Vulnerability in Web Client Service Could Allow Remote Code Execution (911927): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-007 : Vulnerability in TCP/IP Could Allow Denial of Service (913446): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
MS06-007 : Vulnerability in TCP/IP Could Allow Denial of Service (913446): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
MS06-006 : Vulnerability in Windows Media Player Plugin Could Allow Remote Code Execution (911564): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-006 : Vulnerability in Windows Media Player Plugin Could Allow Remote Code Execution (911564): Date Posted - 2006/02/14; Date Revised - 2006/02/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS06-002 : Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519): Date Posted - 2006/01/10; Date Revised - 2006/01/10; This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this vulnerability could take control of an affected system. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-002 : Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519): Date Posted - 2006/01/10; Date Revised - 2006/01/10; This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this vulnerability could take control of an affected system. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-001 : Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919): Date Posted - 2006/01/05; Date Revised - 2006/01/05; This update resolves a newly-discovered, public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. Note This vulnerability is currently being exploited and was previously discussed by Microsoft in Microsoft Security Advisory 912840. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS06-001 : Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919): Date Posted - 2006/01/05; Date Revised - 2006/01/05; This update resolves a newly-discovered, public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. Note This vulnerability is currently being exploited and was previously discussed by Microsoft in Microsoft Security Advisory 912840. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-053 : Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424): Date Posted - 2005/11/08; Date Revised - 2005/11/08; This update resolves several newly-discovered, privately reported and public vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-053 : Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424): Date Posted - 2005/11/08; Date Revised - 2005/11/08; This update resolves several newly-discovered, privately reported and public vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-051 : Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-051 : Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-050 : Vulnerability in DirectShow Could Allow Remote Code Execution (904706): Date Posted - 2005/10/11; Date Revised - 2005/12/13; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-050 : Vulnerability in DirectShow Could Allow Remote Code Execution (904706): Date Posted - 2005/10/11; Date Revised - 2005/12/13; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-049 : Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. However, user interaction is required to exploit this vulnerability
MS05-049 : Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. However, user interaction is required to exploit this vulnerability
MS05-048 : Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, privately-reported vulnerability that could allow an attacker to run arbitrary code on the system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-048 : Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, privately-reported vulnerability that could allow an attacker to run arbitrary code on the system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-046 : Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in the Client Service for NetWare (CSNW). By default, CSNW is not installed on any affected operating system version. Only customers who manually installed CSNW could be vulnerable to this issue. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. This service is also called Gateway Service for NetWare on Windows 2000 Server. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-046 : Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in the Client Service for NetWare (CSNW). By default, CSNW is not installed on any affected operating system version. Only customers who manually installed CSNW could be vulnerable to this issue. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. This service is also called Gateway Service for NetWare on Windows 2000 Server. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-045 : Vulnerability in Network Connection Manager Could Allow Denial of Service (905414): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, public vulnerability. A vulnerability in Network Connection Manager could allow a denial of service on the affected platforms against the Network Connection Manager. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received.
MS05-045 : Vulnerability in Network Connection Manager Could Allow Denial of Service (905414): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, public vulnerability. A vulnerability in Network Connection Manager could allow a denial of service on the affected platforms against the Network Connection Manager. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited this vulnerability could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received.
MS05-044 : Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495): Date Posted - 2005/10/11; Date Revised - 2005/10/11; This update resolves a newly-discovered, public vulnerability. A vulnerability exists in the Windows FTP client because of the way it handles filename validation. This vulnerability could allow tampering with the file transfer location on the client during an FTP file transfer session. The vulnerability is documented in this bulletin in its own ?Vulnerability Details? section of this bulletin.
MS05-043 : Vulnerability in the Print Spooler Service Could Allow Remote Code Execution (896423): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability exists in the Print Spooler service that could allow remote code execution. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-042 : Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves two newly-discovered vulnerabilities, a privately reported vulnerability and a publicly reported vulnerability. Each vulnerability is documented in this bulletin in its own ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could cause the service responsible for authenticating users in an Active Directory domain to stop responding.
MS05-042 : Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves two newly-discovered vulnerabilities, a privately reported vulnerability and a publicly reported vulnerability. Each vulnerability is documented in this bulletin in its own ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could cause the service responsible for authenticating users in an Active Directory domain to stop responding.
MS05-041 : Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-041 : Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-040 : Vulnerability in Windows Telephony Service Could Allow Remote Code Execution (893756): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-040 : Vulnerability in Windows Telephony Service Could Allow Remote Code Execution (893756): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-039 : Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-039 : Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588): Date Posted - 2005/08/09; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-036 : Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214): Date Posted - 2005/07/12; Date Revised - 2005/07/12; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. A remote code execution vulnerability exists in the Microsoft Color Management Module because of the way that it handles ICC profile format tag validation. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-036 : Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214): Date Posted - 2005/07/12; Date Revised - 2005/07/12; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. A remote code execution vulnerability exists in the Microsoft Color Management Module because of the way that it handles ICC profile format tag validation. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-033 : Vulnerability in Telnet Client Could Allow Information Disclosure (896428): Date Posted - 2005/06/14; Date Revised - 2005/07/12; This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this information disclosure vulnerability could remotely read the session variables for users who have an open connection to a malicious telnet server. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-033 : Vulnerability in Telnet Client Could Allow Information Disclosure (896428): Date Posted - 2005/06/14; Date Revised - 2005/07/12; This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this information disclosure vulnerability could remotely read the session variables for users who have an open connection to a malicious telnet server. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-032 : Vulnerability in Microsoft Agent Could Allow Spoofing (890046): Date Posted - 2005/06/14; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. This vulnerability could enable an attacker to spoof trusted Internet content. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-032 : Vulnerability in Microsoft Agent Could Allow Spoofing (890046): Date Posted - 2005/06/14; Date Revised - 2005/08/09; This update resolves a newly-discovered, privately-reported vulnerability. This vulnerability could enable an attacker to spoof trusted Internet content. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.
MS05-028 : Vulnerability in Web Client Service Could Allow Elevation of Privilege (896426): Date Posted - 2005/06/14; Date Revised - 2005/06/14; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-027 : Vulnerability in Server Message Block Could Allow Remote Code Execution (896422): Date Posted - 2005/06/14; Date Revised - 2005/06/14; This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Server Message Block (SMB) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-027 : Vulnerability in Server Message Block Could Allow Remote Code Execution (896422): Date Posted - 2005/06/14; Date Revised - 2005/06/14; This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Server Message Block (SMB) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-026 : Vulnerability in HTML Help Could Allow Remote Code Execution (896358): Date Posted - 2005/06/14; Date Revised - 2005/06/14; This update resolves a newly-discovered, privately-reported vulnerability. . A vulnerability exists in HTML Help that could allow remote code execution on an affected system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. However, user interaction is required to exploit this vulnerability.
MS05-026 : Vulnerability in HTML Help Could Allow Remote Code Execution (896358): Date Posted - 2005/06/14; Date Revised - 2005/06/14; This update resolves a newly-discovered, privately-reported vulnerability. . A vulnerability exists in HTML Help that could allow remote code execution on an affected system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. However, user interaction is required to exploit this vulnerability.
MS05-019 : Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066): Date Posted - 2005/04/12; Date Revised - 2005/06/14; This update resolves several newly-discovered, privately-reported and public vulnerabilities. Each vulnerability is documented in this bulletin in its own ?Vulnerability Details? section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could install then programs; view, change, or delete data; or create new accounts with full user rights. However, an attacker who successfully exploited the most severe of these vulnerabilities would most likely cause the affected system to stop responding.
MS05-018 : Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859): Date Posted - 2005/04/12; Date Revised - 2005/04/12; This update resolves several newly-discovered, privately-reported vulnerabilities. Each vulnerability is documented in this bulletin in its own ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-016 : Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086): Date Posted - 2005/04/12; Date Revised - 2005/04/12; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-015 : Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113): Date Posted - 2005/02/08; Date Revised - 2005/02/08; This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-013 : Vulnerability in the DHTML Editing ActiveX Control could allow code execution (891781): Date Posted - 2005/02/08; Date Revised - 2005/02/08; This update resolves a newly-discovered, public vulnerability. A vulnerability exists in the DHTML Editing ActiveX control that could allow Information Disclosure or, at worst remote code execution on an affected system. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-012 : Vulnerability in OLE and COM Could Allow Remote Code Execution (873333): Date Posted - 2005/02/08; Date Revised - 2005/02/08; This update resolves several newly-discovered, privately-reported vulnerabilities. Each vulnerability is documented in this bulletin in its own ?Vulnerability Details? section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could install then programs; view, change, or delete data; or create new accounts with full user rights.
MS05-011 : Vulnerability in Server Message Block Could Allow Remote Code Execution (885250): Date Posted - 2005/02/08; Date Revised - 2005/02/08; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-010 : Vulnerability in the License Logging Service Could Allow Code Execution (885834): Date Posted - 2005/02/08; Date Revised - 2005/02/08; This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS05-009 : Vulnerability in PNG Processing Could Lead to Buffer Overrun (890261): Date Posted - 2005/02/08; Date Revised - 2005/04/12; This update resolves a newly-discovered, public vulnerability. A buffer overrun vulnerability exists in the processing of PNG image formats that could allow remote code execution on an affected system. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS05-008 : Vulnerabilty in Windows Shell Could Allow Remote Code Execution (890047): Date Posted - 2005/02/08; Date Revised - 2005/02/08; This update resolves a newly-discovered vulnerability. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS05-003 : Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250): Date Posted - 2005/01/11; Date Revised - 2005/01/11; This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could install programs; view, change, or delete data; or create new accounts with full privileges. While remote code execution is possible, an attack would most likely result in a denial of service condition.
MS05-002 : Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711): Date Posted - 2005/01/11; Date Revised - 2005/04/12; This update resolves a newly-discovered, public vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
MS05-001 : Vulnerability in HTML Help Could Allow Code Execution (890175): Date Posted - 2005/01/11; Date Revised - 2005/01/11; This update resolves a newly-discovered, publicly reported vulnerability. A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system. This vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.
MS04-045 : Vulnerability in WINS Could Allow Remote Code Execution (870763): Date Posted - 2004/12/14; Date Revised - 2004/12/14; This update resolves several newly-discovered, public and privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-044 : Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835): Date Posted - 2004/12/14; Date Revised - 2004/12/14; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-043 : Vulnerability in HyperTerminal Could Allow Code Execution (873339): Date Posted - 2004/12/14; Date Revised - 2004/12/14; This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability.
MS04-041 : Vulnerability in WordPad Could Allow Code Execution (885836): Date Posted - 2004/12/14; Date Revised - 2004/12/14; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. If a user is logged on with administrative privileges, an attacker who successfully exploited these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability.
MS04-037 : Vulnerability in Windows Shell Could Allow Remote Code Execution (841356): Date Posted - 2004/10/12; Date Revised - 2004/10/12; This update resolves several newly-discovered, public vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit these vulnerabilities.
MS04-036 : Vulnerability in NNTP Could Allow Code Execution (883935): Date Posted - 2004/10/12; Date Revised - 2004/10/12; This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists within the Network News Transfer Protocol (NNTP) Component of the affected operating systems. This vulnerability could potentially affect systems that do not use NNTP because certain affected software requires this component to be enabled for installation. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-035 : Vulnerability in SMTP Could Allow Remote Code Execution (885881): Date Posted - 2004/10/12; Date Revised - 2005/02/08; This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Simple Mail Transfer Protocol (SMTP) component that is provided as part of the affected software. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-034 : Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376): Date Posted - 2004/10/12; Date Revised - 2004/10/12; This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the way that Windows processes Compressed (zipped) Folders. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability.
MS04-032 : Security Update for Microsoft Windows (840987): Date Posted - 2004/10/12; Date Revised - 2004/10/12; This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-031 : Vulnerability in NetDDE Could Allow Remote Code Execution (841533): Date Posted - 2004/10/12; Date Revised - 2004/10/12; This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Network Dynamic Data Exchange (NetDDE) services because of an unchecked buffer. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.
MS04-028 : Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987): Date Posted - 2004/09/14; Date Revised - 2004/12/14; This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section. If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
MS04-024 : Vulnerability in Windows Shell Could Allow Remote Code Execution (839645): Date Posted - 2004/07/13; Date Revised - 2004/07/13; This update resolves a newly-discovered, publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows Shell launches applications. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, significant user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
MS04-023 : Vulnerability in HTML Help Could Allow Code Execution (840315): Date Posted - 2004/07/13; Date Revised - 2004/07/13; This update resolves two newly-discovered vulnerabilities. The HTML Help vulnerability was privately reported and the showHelp vulnerability is public. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
MS04-016 : Vulnerability in DirectPlay Could Allow Denial of Service (839643): Date Posted - 2004/06/08; Date Revised - 2004/06/08; This update resolves a newly-discovered, privately reported vulnerability. A denial of service vulnerability exists in the implementation of the IDirectPlay4 application programming interface (API) of Microsoft DirectPlay because of a lack of robust packet validation. The vulnerability is documented in the Vulnerability Details section of this bulletin.
MS04-015 : Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374): Date Posted - 2004/05/11; Date Revised - 2004/05/11; This update resolves a newly-discovered vulnerability. A remote code execution vulnerability exists in the Help and Support Center because of the way that it handles HCP URL validation. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, significant user interaction is required to exploit this vulnerability.
MS04-014 : Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001): Date Posted - 2004/04/13; Date Revised - 2004/05/11; A buffer overrun vulnerability exists in the Microsoft Jet Database Engine (Jet) that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges.
MS04-012 : Cumulative Update for Microsoft RPC/DCOM (828741): Date Posted - 2004/04/13; Date Revised - 2004/04/13; This update resolves several newly-discovered vulnerabilities in RPC/DCOM. Each is documented in this bulletin in its own section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of the affected system. An attacker could then take any action on the affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-011 : Security Update for Microsoft Windows (835732): Date Posted - 2004/04/13; Date Revised - 2004/06/15; This update resolves several newly-discovered vulnerabilities. Each vulnerability is documented in this bulletin in its own section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
MS04-007 : ASN .1 Vulnerability Could Allow Code Execution (828028): Date Posted - 2004/02/10; Date Revised - 2004/02/10; A security vulnerability exists in the Microsoft ASN.1 Library that could allow code execution on an affected system. The vulnerability is caused by an unchecked buffer in the Microsoft ASN.1 Library, which could result in a buffer overflow. An attacker who successfully exploited this buffer overflow vulnerability could execute code with System privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. Abstract Syntax Notation 1 (ASN.1) is a data standard used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. More information about ASN.1 can be found in Microsoft Knowledge Base Article 252648.
MS04-006 : Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352): Date Posted - 2004/02/10; Date Revised - 2004/02/10; A security vulnerability exists in the Windows Internet Naming Service (WINS). This vulnerability exists because of the method used by WINS to validate the length of specially-crafted packets. On Windows Server 2003 this vulnerability could allow an attacker who sent a series of specially-crafted packets to a WINS server to cause the service to fail. This could most likely cause a denial of service, and the service would have to be manually restarted to restore functionality. The possibility of a denial of service on Windows Server 2003 results from the presence of a security feature used in the development of Windows Server 2003 called the /GS flag. The purpose of this security feature is to detect when an attempt is made to exploit a stack-based buffer overrun and reduce the chance it can be easily exploited. In some cases this security feature will be forced to terminate the service in order to prevent malicious code execution. On Windows Server 2003, when an attempt is made to exploit the buffer overrun, the security feature reacts and terminates the service. This results in a denial of service condition of WINS. It is possible that methods may be found in the future to bypass this security feature which could then enable code execution, so customers should apply the update. For more information on these security features please view the following Web site. On Windows NT and Windows 2000 the nature of the vulnerability is slightly different. WINS will reject the specially-crafted packet and does not result in a denial of service. The vulnerability on these platforms also does not allow code execution. Microsoft is releasing a security update on these platforms that corrects the vulnerable code as a preventive measure to ensure that methods are not found in the future to exploit this vulnerability.
MS03-045 : Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141): Date Posted - 2003/10/15; Date Revised - 2003/10/15; A vulnerability results because the ListBox control and the ComboBox control both call a function, which is located in the User32.dll file, that contains a buffer overrun. The function does not correctly validate the parameters that are sent from a specially-crafted Windows message. Windows messages provide a way for interactive processes to react to user events (for example, keystrokes or mouse movements) and to communicate with other interactive processes. A security vulnerability exists because the function that provides the list of accessibility options to the user does not correctly validate Windows messages that are sent to it. One process in the interactive desktop could use a specific Windows message to cause the ListBox control or the ComboBox control to execute arbitrary code. Any program that implements the ListBox control or the ComboBox control could allow code to be executed at an elevated level of administrative credentials, as long as the program is running at an elevated level of privileges for example, Utility Manager in Windows 2000). This could include third-party applications. An attacker who had the ability to log on to a system interactively could run a program that could send a specially-crafted Windows message to any applications that have implemented the ListBox control or the ComboBox control, causing the application to take any action an attacker specified. This could give an attacker complete control over the system by using Utility Manager in Windows 2000.
MS03-044 : Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119): Date Posted - 2003/10/15; Date Revised - 2003/10/15; A security vulnerability exists in the Help and Support Center function which ships with Windows XP and Windows Server 2003. The affected code is also included in all other supported Windows operating systems, although no known attack vector has been identified at this time because the HCP protocol is not supported on those platforms. The vulnerability results because a file associated with the HCP protocol contains an unchecked buffer. An attacker could exploit the vulnerability by constructing a URL that, when clicked on by the user, could execute code of the attacker?s choice in the Local Computer security context. The URL could be hosted on a web page, or sent directly to the user in email. In the web based scenario, where a user then clicked on the URL hosted on a website, an attacker could have the ability to read or launch files already present on the local machine.
MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035): Date Posted - 2003/10/15; Date Revised - 2003/10/15; A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. The flaw results because the Messenger Service does not properly validate the length of a message before passing it to the allocated buffer. An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail. The attacker could then take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. Additionally, this patch also includes a fix to correct the issue described in Microsoft Knowledge Base article 330904- Messenger Service Window That Contains an Internet Advertisement Appears
MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182): Date Posted - 2003/10/15; Date Revised - 2003/10/15; All versions of Microsoft Windows contain support for Authenticode technology. Authenticode provides code signing capabilities that identify the publisher of a Microsoft ActiveX control. Based on this information a user can make a determination whether or not to download and install the code. By default, Authenticode prompts a user prior to the installation of an ActiveX control. Authenticode prevents ActiveX controls from installing automatically on a user?s system by presenting the user with a dialogue requiring the user to confirm that they trust the publisher of a control and that they want to install the control on their system. Only when the user clicks Yes is the ActiveX control downloaded and installed on the user?s system. There is a flaw in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with the dialogue discussed above. To exploit this vulnerability, an attacker could create a specially formed HTML e-mail and send it to the user. If the user viewed the HTML e-mail an unauthorized AcitiveX control could be installed and executed on the user?s system. Alternatively, an attacker could host a malicious Web Site that contained a Web Page designed to exploit this vulnerability. If an attacker then persuaded a user to visit that site an ActiveX control could be installed and executed on the user?s system. In both scenarios the flaw in Authenticode could allow an unauthorized ActiveX control to be installed and executed on the user?s system, with the same permissions as the user, without prompting the user for approval.
MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146): Date Posted - 2003/09/10; Date Revised - 2003/09/10; The fix provided by this patch supersedes the one included in Microsoft Security Bulletin MS03-026. Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly access services on another computer. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol, but with the addition of some Microsoft specific extensions. There are three identified vulnerabilities in the part of RPCSS Service that deals with RPC messages for DCOM activation- two that could allow arbitrary code execution and one that could result in a denial of service. The flaws result from incorrect handling of malformed messages. These particular vulnerabilities affect the Distributed Component Object Model (DCOM) interface within the RPCSS Service. This interface handles DCOM object activation requests that are sent from one machine to another. An attacker who successfully exploited these vulnerabilities could be able to run code with Local System privileges on an affected system, or could cause the RPCSS Service to fail. The attacker could then be able to take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. To exploit these vulnerabilities, an attacker could create a program to send a malformed RPC message to a vulnerable system targeting the RPCSS Service. Microsoft has released a tool that can be used to scan a network for the presence of systems which have not had the MS03-039 patch installed. More details on this tool are available in Microsoft Knowledge Base article 827363. This tool supersedes the one provided in Microsoft Knowledge Base article 826369. If the tool provided in Microsoft Knowledge Base Article 826369 is used against a system which has installed the security patch provided with this bulletin, the superseded tool will incorrectly report that the system is missing the patch provided in MS03-026. Microsoft encourages customers to run the latest version of the tool available in Microsoft Knowledge Base article 827363 to determine if their systems are patched.
MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105): Date Posted - 2003/09/03; Date Revised - 2003/09/03; Network basic input/output system (NetBIOS) is an application programming interface (API) that can be used by programs on a local area network (LAN). NetBIOS provides programs with a uniform set of commands for requesting the lower-level services required to manage names, conduct sessions, and send datagrams between nodes on a network. This vulnerability involves one of the NetBT (NetBIOS over TCP) services, namely, the NetBIOS Name Service (NBNS). NBNS is analogous to DNS in the TCP/IP world and it provides a way to find a system’s IP address given its NetBIOS name, or vice versa. Under certain conditions, the response to a NetBT Name Service query may, in addition to the typical reply, contain random data from the target system’s memory. This data could, for example, be a piece of HTML if the user on the target system was using an Internet browser, or it could contain other types of data that exist in memory at the time that the target system responds to the NetBT Name Service query. An attacker could seek to exploit this vulnerability by sending a NetBT Name Service query to the target system and then by examining the response to see if it includes any random data from that system’s memory. If best security practices have been followed, and port 137 UDP has been blocked at the firewall, Internet based attacks would not be possible.
MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696): Date Posted - 2003/07/23; Date Revised - 2003/07/23; DirectX consists of a set of low-level Application Programming Interfaces (APIs) that are used by Windows programs for multimedia support. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation, and rendering. There are two buffer overruns with identical effects in the function used by DirectShow to check parameters in a Musical Instrument Digital Interface (MIDI) file. A security vulnerability results because it would be possible for a malicious user to attempt to exploit these flaws and execute code in the security context of the logged-on user. An attacker could seek to exploit this vulnerability by creating a specially crafted MIDI file designed to exploit this vulnerability and then host it on a Web site or on a network share, or send it by using an HTML-based e-mail. In the case where the file was hosted on a Web site or network share, the user would need to open the specially crafted file. If the file was embedded in a page the vulnerability could be exploited when a user visited the Web page. In the HTML-based e-mail case, the vulnerability could be exploited when a user opened or previewed the HTML-based e-mail. A successful attack could cause DirectShow, or an application making use of DirectShow, to fail. A successful attack could also cause an attacker's code to run on the user's computer in the security context of the user.
MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980): Date Posted - 2003/07/16; Date Revised - 2003/08/13; Microsoft originally released this bulletin and patch on July 16, 2003 to correct a security vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. The patch was and still is effective in eliminating the security vulnerability. However, the ?mitigating factors? and ?workarounds? discussions in the original security bulletin did not clearly identify all of the ports by which the vulnerability could potentially be exploited. We have updated this bulletin to more clearly enumerate the ports over which RPC services can be invoked, and to ensure that customers who have chosen to implement a workaround before installing the patch have the information that they need to protect their systems. Customers who have already installed the patch are protected from attempts to exploit this vulnerability, and need take no further action. In addition, the bulletin has also been updated to include information about Windows 2000 Service Pack 2 support for this patch. Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on a remote system. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol, but with the addition of some Microsoft specific extensions. There is a vulnerability in the part of RPC that deals with message exchange over TCP/IP. The failure results because of incorrect handling of malformed messages. This particular vulnerability affects a Distributed Component Object Model (DCOM) interface with RPC, which listens on RPC enabled ports. This interface handles DCOM object activation requests that are sent by client machines to the server. An attacker who successfully exploited this vulnerability would be able to run code with Local System privileges on an affected system. The attacker would be able to take any action on the system, including installing programs, viewing changing or deleting data, or creating new accounts with full privileges. To exploit this vulnerability, an attacker would need to send a specially formed request to the remote computer on specific RPC ports.
MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559): Date Posted - 2003/07/09; Date Revised - 2003/07/09; All versions of Microsoft Windows contain support for file conversion within the operating system. This functionality allows users of Microsoft Windows to convert file formats from one to another. In particular, Microsoft Windows contains support for HTML conversion within the operating system. This functionality allows users to view, import, or save files as HTML. There is a flaw in the way the HTML converter for Microsoft Windows handles a conversion request during a cut and paste operation. This flaw causes a security vulnerability to exist. A specially crafted request to the HTML converter could cause the converter to fail in such a way that it could execute code in the context of the currently logged in user. Since this functionality is used by Internet Explorer, an attacker could craft a specially formed web page or HTML email that would cause the HTML converter to run arbitrary code on a user's system. A user simply visiting an attacker?s website could allow the attacker to exploit the vulnerability without any other user action. In order to exploit this vulnerability, the attacker would have to create a specially-formed HTML email and send it to the user. Alternatively, an attacker would have to host a malicious web site that contained a web page designed to exploit these vulnerabilities. The attacker would then have to persuade a user to visit that site.


	Accounting: *Programming:* *Sales:* Technical Support: *Web Hosting:*