News

Patch Tuesday: Three Security Bulletins, Two Critical

Microsoft released three security bulletins for Windows on Tuesday, its monthly date for patching security problems. Two of the security bulletins involve critical vulnerabilities that could allow an attacker to take complete control of a user's system over the Internet. The patches are especially important because both critical vulnerabilities had already been publicly disclosed.

The bulletins are Microsoft's first three for 2005, after posting 45 bulletins in 2004. In all, the bulletins from this week patch four discrete flaws.

Bulletin MS05-001 affects all supported versions of Windows, including Windows XP with Service Pack 2.

The flaw exists in the HTML Help ActiveX control in Windows. It can allow information disclosure or remote code execution. After it is applied, the patch may cause some Web-based applications to stop working properly. Individual Web sites that invoke the control must be enabled on a site-by-site basis.

While the flaw is critical for most platforms, it is rated as only moderate on Windows Server 2003.

Although Windows NT 4.0 is no longer supported by Microsoft as of Dec. 31, 2004 without a custom support contract, Microsoft did test the operating system and determined it was not vulnerable by default. However, users who have installed Internet Explorer 6.0 Service Pack 1 on Windows NT 4.0 are vulnerable. A separate patch is available to harden IE 6 SP1 against the flaw.

Bulletin MS05-002 affects all supported versions of Windows, except for Windows XP SP2. Microsoft also developed and is distributing freely a patch for Windows NT Server 4.0 and Windows NT Server 4.0 Terminal Server Edition, despite the end of extended support for NT 4 last year. (See related story).

The critical remote code execution vulnerability occurs because of a problem in cursor and icon formatting, and is critical for all affected platforms. The bulletin also includes a patch for a separate flaw in the Windows kernel that is rated as an important problem across the affected Windows platforms.

The third bulletin, MS05-003, involves a flaw in the Indexing Service that could allow remote code execution. Because the service is not enabled by default in the affected version of Windows, the vulnerability received an important rather than critical designation.

Versions of Windows that are vulnerable if the Indexing Service is turned on are Windows XP, Windows 2000 and Windows Server 2003. Windows XP SP2, Windows NT Server 4.0, Windows 98/98SE/ME are immune.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.