Windows 95/98/ME/NT/2000/XP
Microsoft Security Bulletin Center - 2000
Subscribe to the Microsoft Security Notification Service
- MS Windows NT 4.0 (MS00-004)
"RDISK Registry Enumeration File" Vulnerability
- MS Index Server (MS00-006)
"Malformed Hit-Highlighting Argument" Vulnerability
- MS Windows NT 4.0 (MS00-007)
"Recycle Bin Creation" Vulnerability
- MS Windows NT 4.0 (MS00-008)
"Registry Permissions" Vulnerability
- MS Internet Explorer (MS00-009)
"Image Source Redirect" Vulnerability
- MS Site Server 3.0, Commerce Edition (MS00-010)
"Site Wizard Input Validation" Vulnerability
- MS virtual machine (MS VM) (MS00-011)
"VM File Reading" Vulnerability
- MS Systems Management Server (SMS) (MS00-012)
"Remote Agent Permissions" Vulnerability
- MS Windows Media Services (MS00-013)
"Misordered Windows Media Services Handshake" Vulnerability
- MS SQL Server 7.0 & MS Data Engine (MSDE) 1.0 (MS00-014)
"SQL Query Abuse" Vulnerability
- MS Clip Art Gallery (MS00-015)
"Clip Art Buffer Overrun" Vulnerability
- MS Windows Media License Manager (MS00-016)
"Malformed Media License Request" Vulnerability
- MS Win 95, Win 98, & Win 98 SE (MS00-017)
"DOS Device in Path Name" Vulnerability
- MS Internet Information Server 4.0 (MS00-018)
"Chunked Encoding Post" Vulnerability
- MS Internet Information Server (MS00-019)
"Virtualized UNC Share" Vulnerability
- MS Win 2000 (MS00-020)
"Desktop Separation" Vulnerability
- MS Win NT 4.0 & MS Win 2000 (MS00-021)
"Malformed TCP/IP Print Request" Vulnerability
- MS Excel 97 - MS Excel 2000(MS00-022)
"XLM Text Macro" Vulnerability
- MS Internet Information Server (MS00-023)
"Myriad Escaped Characters" Vulnerability
- MS Win NT 4.0 (MS00-024)
"OffloadModExpo Registry Permissions" Vulnerability
- MS Win NT 4.0 Option Pack, Personal Web Server 4.0 (ships as part of Windows 95 and 98 & Front Page 98 Server Extensions) (MS00-025)
"Link View Server-Side Component" Vulnerability
- MS Win 2000 (MS00-026)
"Mixed Object Access" Vulnerability
- MS Win NT 4.0 & MS Win 2000 (MS00-027)
"Malformed Environment Variable" Vulnerability
- FrontPage 97 & 98 & MS Win NT 4.0 Option Pack & Personal Web Server 4.0, which ships as part of Win 95 and 98 (MS00-028)
"Server-Side Image Map Components" Vulnerability
- MS Win 95, Win 98, Win NT 4.0 and Win 2000 (MS00-029)
"IP Fragment Reassembly" Vulnerability
- MS Internet Information Server (MS00-030)
"Malformed Extension Data in URL" Vulnerability
- MS Internet Information Server (MS00-031)
"Undelimited .HTR Request" and "File Fragment Reading via .HTR" Vulnerabilities
- MS Win 2000 (MS00-032)
"Protected Store Key Length" Vulnerability
- MS Internet Explorer 4.0, 4.01, 5.0, 5.01 (MS00-033)
"Frame Domain Verification", "Unauthorized Cookie Access", and "Malformed Component Attribute" Vulnerabilities
- MS Office 2000 & family members (MS00-034)
Office 2000 UA Control" Vulnerability
- MS SQL Server 7.0 Service Packs 1 and 2 (MS00-035)
"SQL Server 7.0 Service Pack Password" Vulnerability
- MS Win NT 4.0 & Win 2000 (MS00-036)
"ResetBrowser Frame" and "HostAnnouncement Flooding" Vulnerabilities
- MS Internet Explorer 4.0, 4.01, 5.0, 5.01 (MS00-037)
"HTML Help File Code Execution" Vulnerability
- MS Windows Media Encoder 4.0 or 4.1 (MS00-038)
"Malformed Windows Media Encoder Request" Vulnerability
- MS Internet Explorer 4.0, 4.01, 5.0, 5.01 (MS00-039)
"SSL Certificate Validation" Vulnerabilities
- MS Win NT 4.0 (MS00-040)
"Remote Registry Access Authentication" Vulnerability
- MS SQL Server 7.0 (MS00-041)
"DTS Password" Vulnerability
- MS Internet Explorer 4.0, 4.01, 5.0, 5.01 (MS00-042)
"Active Setup Download" Vulnerability
- MS Internet Explorer 4.0, 4.01, 5.0, 5.01 & MS Outlook 97, 98, 2000 (MS00-043)
"Malformed E-mail Header" Vulnerability
- MS Internet Information Server 4.0 & 5.0 (MS00-044)
"Absent Directory Browser Argument" Vulnerability
- MS Outlook Express 4.0, 4.01, 5.0, 5.01 (MS00-045)
"Persistent Mail-Browser Link" Vulnerability
- MS Outlook Express 4.0, 4.01, 5.0, 5.01 & MS Outlook 97, 98, 2000 (MS00-046)
"Cache Bypass" Vulnerability
- MS Win NT 4.0 & MS Win 2000 (MS00-047)
"NetBIOS Name Server Protocol Spoofing" Vulnerability
- MS SQL Server 7.0 (MS00-048)
"Stored Procedure Permissions" Vulnerability
- MS Excel 2000, MS Powerpoint 97 and 2000, MS IE 5.5, 5.01 SP1, 5.01, 4.01 SP2 (MS00-049)
"The Office HTML Script" Vulnerability and a Workaround for "The IE Script" Vulnerability
- MS Win 2000 (MS00-050)
"Telnet Server Flooding" Vulnerability
- MS Excel 97 or Excel 2000 (MS00-051)
"Excel REGISTER.ID Function" Vulnerability
- MS Win NT 4.0 & MS Win 2000 (MS00-052)
"Relative Shell Path" Vulnerability
- MS Win 2000 (MS00-053)
"Service Control Manager Named Pipe Impersonation" Vulnerability
- MS Win 95, Win 98, & Win 98 SE (MS00-054)
"Malformed IPX Ping Packet" Vulnerability
- MS Internet Explorer 4.x & 5.x (MS00-055)
"Scriptlet Rendering" Vulnerability
- MS Word 2000, Excel 2000, PowerPoint 2000 (MS00-056)
"Microsoft Office HTML Object Tag" Vulnerability
- MS Internet Information Server 4.0 & 5.0 (MS00-057)
"File Permission Canonicalization" Vulnerability
- MS Internet Information Server 5.0 (MS00-058)
"Specialized Header" Vulnerability
- Microsoft VM: builds in the 2000, 3100, 3200, 3300 series. (MS00-059)
"Java VM Applet" Vulnerability
- MS Internet Information Server 4.0 & 5.0 (MS00-060)
"IIS Cross-Site Scripting" Vulnerabilities
- Ms Money 2000 & 2001 (MS00-061)
"Money Password" Vulnerability
- MS Win 2000 (MS00-062)
"Local Security Policy Corruption" Vulnerability
- MS Internet Information Server 4.0 (MS00-063)
"Invalid URL" Vulnerability
- MS Windows Media Services 4.0 & 4.1 (MS00-064)
"Unicast Service Race Condition" Vulnerability
- MS Win 2000 (MS00-065)
"Still Image Service Privilege Escalation" Vulnerability
- MS Win 2000 (MS00-066)
"Malformed RPC Packet" Vulnerability
- MS Win 2000 (MS00-067)
"Windows 2000 Telnet Client NTLM Authentication" Vulnerability
- MS Windows Media Player 7 (MS00-068)
"OCX Attachment" Vulnerability
- MS Win 2000 (MS00-069)
"Simplified Chinese IME State Recognition" Vulnerability
- MS Win 2000 & Win NT 4.0 (MS00-070)
"Multiple LPC and LPC Ports" Vulnerabilities
- MS Word 2000 & MS Word 97 (MS00-071)
"Word Mail Merge" Vulnerability
- MS Win 95, 98, 98 Second Edition, Win ME (MS00-072)
"Share Level Password" Vulnerability
- MS Win 95, 98, 98 SE, Win ME (MS00-073)
"Malformed IPX NMPI Packet" Vulnerability
- Microsoft WebTV for Win 98, 98 SE, Win ME (MS00-074)
"WebTV for Windows Denial of Service" Vulnerability
- MS Java VM: builds 2000, 3100, 3200, 3300 series. (MS00-075)
"Microsoft VM ActiveX Component" Vulnerability
- MS IE 4.x & IE 5.x prior to v5.5 (MS00-076)
"Cached Web Credentials" Vulnerability
- NetMeeting v3.01 (4.4.3385) on Win 2k or Win NT 4.0 (MS00-077)
"NetMeeting Desktop Sharing" Vulnerability
- MS IIS 4.0 & MS IIS 5.0 (MS00-078)
"Web Server Folder Traversal" Vulnerability
- MS Win 98, 98 SE, Win ME, Win2k (MS00-079)
"HyperTerminal Buffer Overflow" Vulnerability
- MS IIS 4.0 & MS IIS 5.0 (MS00-080)
"Session ID Cookie Marking" Vulnerability
- MS Java VM: builds 2000, 3000 series. (MS00-081)
New Variant of "VM File Reading" Vulnerability
- MS Exchange Server 5.5 (MS00-082)
"Malformed MIME Header" Vulnerability
- MS Win NT 4.0 Server, MS Win NT 4.0 Server, Terminal Server Edition, MS Win NT 4.0 Server, Enterprise Edition, MS Win 2000 Server, MS Win 2000 Advanced Server, MS Win 2000 Datacenter Server, MS Systems Management Server 1.2, MS Systems Management Server 2.0 (MS00-083)
"Netmon Protocol Parsing" Vulnerability
- MS Indexing Services for Windows 2000 (MS00-084)
"Indexing Services Cross Site Scripting" Vulnerability
- MS Win 2k Server, MS Win 2k Professional, MS Win 2k Advanced Server, MS Win 2k Datacenter Server (MS00-085)
"ActiveX Parameter Validation" Vulnerability
- MS Internet Information Service 5.0 (MS00-086)
"Web Server File Request Parsing" Vulnerability
- MS Win NT 4.0 Terminal Server (MS00-087)
"Terminal Server Login Buffer Overflow" Vulnerability
- MS Exchange 2000 Server CDs without "Rev. A" stamped on the CD on the line below the Part No. & MS Exchange 2000 Enterprise Server CDs without "Rev. A" stamped on the CD below the Part No. (MS00-088)
"Exchange User Account" Vulnerability
- MS Win 2000 Professional Service Pack 1; MS Win 2000 Server Service Pack 1; MS Win 2000 Advanced Server Service Pack 1; MS Win 2000 Datacenter Service Pack 1
(MS00-089)
"Domain Account Lockout" Vulnerability
- MS Win Media Player 6.4; MS Win Media Player 7 (MS00-090)
".ASX Buffer Overrun" and ".WMS Script Execution" Vulnerabilities
- MS Win NT 4.0, Win 9x and Win Me (MS00-091)
"Incomplete TCP/IP Packet" Vulnerability
- MS SQL Server 6.5 and 2000 (MS00-092)
"Extended Stored Procedure Parameter Parsing" Vulnerability
- MS Internet Explorer 5.x (MS00-093)
"Browser Print Template" and "File Upload via Form" Vulnerabilities
- MS Windows NT 4.0, Windows 2000 (MS00-094)
"Phone Book Service Buffer Overflow" Vulnerability
- MS Windows NT 4.0 (MS00-095)
Tool Available for “Registry Permissions” Vulnerability
- MS Windows 2000 (MS00-096)
Tool Available for “SNMP Parameters” Vulnerability
- MS Win Media Services 4.0 & 4.1 (MS00-097)
Patch Available for “Severed Windows Media Server Connection” Vulnerability
- MS Windows 2000 Indexing Service 3.0 (MS00-098)
Patch Available for “Indexing Service File Enumeration” Vulnerability
- MS Windows 2000 Server & Advanced Server (MS00-099)
Patch Available for “Directory Service Restore Mode Password” Vulnerability
- MS IIS 4.0 & 5.0 (MS00-100)
Patch Available for “Malformed Web Form Submission” Vulnerability
GOTO: Microsoft Security Bulletin Center - 2001
GOTO: Microsoft Security Bulletin Center - 2002
GOTO: Microsoft Security Bulletin Center - 2003
GOTO: Microsoft Security Bulletin Center - 2004
GOTO: Microsoft Security Bulletin Center - 2005
GOTO: Microsoft Security Bulletin Center - 2006
GOTO: Microsoft Security Bulletin Center - 2007
GOTO: Microsoft Security Bulletin Center - 2008
