Microsoft Posts Critical Windows Bulletin -- Redmond Channel Partner

Microsoft Posts Critical Windows Bulletin

By Scott Bekker
November 08, 2005

A new Microsoft security bulletin includes patches for three Windows flaws, two of them critical problems that can permit attackers to take control of a system over the Internet.

All three flaws that are addressed in bulletin MS05-053 arise from the way Windows renders graphics from Windows Metafile (WMF), Enhanced Metafile (EMF) or both of the image formats. The bulletin posted Tuesday.

The first flaw, involving an unchecked buffer in the rendering of WMF and EMF, is critical for Windows 2000, Windows XP even with Service Pack 2 and Windows Server 2003 even with Service Pack 1.

The second flaw, stemming from an unchecked buffer in WMF rendering, is also critical for Windows 2000, Windows XP SP1 and the gold code version of Windows Server 2003. Windows XP SP2 and Windows Server 2003 SP1 are unaffected by the flaw.

An unchecked buffer in EMF rendering is the source of the third flaw. It is moderate for Windows 2000, Windows XP SP1 and Windows Server 2003. Again, Windows XP SP2 and Windows Server 2003 SP1 are unaffected.

Neither of the critical flaws had been publicly disclosed. The moderate flaw had been disclosed but Microsoft has not received any reports of exploit code being developed for it.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Free Webcast! Learn about Password Management Best Practices

Featured

Microsoft Updates Azure Icon, Plans Default Font Change

Microsoft recently announced a few planned design changes, including a new Azure icon.
The 2021 Microsoft Product Roadmap

From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.
Microsoft Details 'EU Data Boundary' Plan for Its Cloud Services

Microsoft is escalating its effort to ensure that its cloud services can fully meet the European Union's data storage requirements by the end of 2022.
2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

Microsoft Posts Critical Windows Bulletin

Featured

Microsoft Updates Azure Icon, Plans Default Font Change

The 2021 Microsoft Product Roadmap

Microsoft Details 'EU Data Boundary' Plan for Its Cloud Services

2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

The 2021 Microsoft Product Roadmap

Microsoft Updates Azure Icon, Plans Default Font Change

Microsoft Details 'EU Data Boundary' Plan for Its Cloud Services

2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Partner Liquidware Offers an Alternative to Azure Monitor for WVD

The 2021 Microsoft Product Roadmap

Microsoft Updates Azure Icon, Plans Default Font Change

Microsoft Details 'EU Data Boundary' Plan for Its Cloud Services

2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Partner Liquidware Offers an Alternative to Azure Monitor for WVD

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

Partner's Guide to Making the Most of Dynamics 365 IUR

FREE WEBCASTS FROM OUR SPONSORS

Protect Your Customers Against Email Threats with MDR and Microsoft Defender for Office 365

Boost Your Dynamics 365 Business with the Power of the Indirect Model and Tech Data

Webroot’s 2021 Threat Report

Build a Successful Microsoft 365 Business with Tech Data

FREE WHITE PAPERS FROM OUR SPONSORS

Partner Profile - How eSentire MDR Expands Microsoft 365's Security Capabilities

2021 Webroot BrightCloud Threat Report

eBook: Hacker Personas

Carbonite Data Protection & Cyber Resilience