Redbeard's Place...MS Security 2005

Win 95/98/ME/NT/2000/XP
Microsoft Security Bulletin Center - 2005

Subscribe to the Microsoft Security Notification Service

Microsoft Security Bulletin MS05-001
Vulnerability in HTML Help Could Allow Code Execution (890175)

Affected Software:
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

Affected Components:
Internet Explorer 6.0 Service Pack 1 when installed on Microsoft Windows NT Server 4.0 Service Pack 6a or Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Security Bulletin MS05-002
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

Affected Software:
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
Microsoft Windows XP Service Pack 2
Microsoft Security Bulletin MS05-003
Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)

Affected Software:
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition

NON Affected Software:
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows XP Service Pack 2
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
Indexing Service
Microsoft Security Bulletin MS05-004
ASP.NET Path Validation Vulnerability (887219)

Affected Software:
Microsoft .NET Framework 1.0
Microsoft .NET Framework 1.1

NON Affected Software:
NONE

Affected Components:
ASP.NET
Microsoft Security Bulletin MS05-005
Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)

Affected Software:
Microsoft Office XP Software Service Pack 3 – (KB873352)
Microsoft Office XP Software Service Pack 2 - (KB873352)
Microsoft Office XP Software:
• Word 2002
• PowerPoint 2002
Microsoft Project 2002 – (KBKB873355)
Microsoft Visio 2002 – (KB873354)
Microsoft Works Suite 2002 - (KB873352) (same as the Microsoft Office XP link)
Microsoft Works Suite 2003 - (KB873352) (same as the Microsoft Office XP link)
Microsoft Works Suite 2004 - (KB873352) (same as the Microsoft Office XP link)

NON Affected Software:
Microsoft Office 2000
Microsoft Office 2003
Microsoft Security Bulletin MS05-006
Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)

Affected Software:
Windows SharePoint Services for Windows Server 2003
SharePoint Team Services from Microsoft

NON Affected Software:
Microsoft Windows Server 2003 for Itanium-based Systems
SharePoint Portal Server 2003 (all versions)
SharePoint Portal Server 2001 (all versions)
Microsoft Security Bulletin MS05-007
Vulnerability in Windows Could Allow Information Disclosure (888302)

Affected Software:
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)

NON Affected Software:
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-008
Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)

Affected Software:
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-009
Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)

Affected Software:
Microsoft Windows Media Player 9 Series (when running on Windows 2000, Windows XP Service Pack 1 and Windows Server 2003)
Microsoft Windows Messenger version 5.0 (standalone version that can be installed on all supported operating systems)
Microsoft MSN Messenger 6.1
Microsoft MSN Messenger 6.2
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

NON Affected Software:
Windows Media Player 6.4
Windows Media Player 7.1
Windows Media Player for Windows XP (8.0)
Windows Media Player 9 Series for Windows XP Service Pack 2
Windows Media Player 10
Windows Messenger 5.1
MSN Messenger for Mac

Affected Components:
Microsoft Windows Messenger version 4.7.0.2009 (when running on Windows XP Service Pack 1)
Microsoft Windows Messenger version 4.7.0.3000 (when running on Windows XP Service Pack 2)
Microsoft Security Bulletin MS05-0010
Vulnerability in the License Logging Service Could Allow Code Execution (885834)

Affected Software:
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Server Service Pack 3
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems

NON Affected Software:
Microsoft Windows 2000 Professional Service Pack 3
Microsoft Windows 2000 Professional Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-011
Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)

Affected Software:
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems

NON Affected Software:
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-012
Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)

Affected Software:
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Exchange 2000 Server Service Pack 3 (uses the Windows OLE component)
Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 (uses the Windows OLE component)
Microsoft Exchange Server 5.0 Service Pack 2 (uses the Windows OLE component)
Microsoft Exchange Server 5.5 Service Pack 4 (uses the Windows OLE component)
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Office XP Service Pack 3 (uses the Windows OLE component)
Microsoft Office XP Service Pack 2 (uses the Windows OLE component)

Microsoft Office XP Software:
• Outlook® 2002
• Word 2002
• Excel 2002
• PowerPoint® 2002
• FrontPage® 2002
• Publisher 2002
• Access 2002

Microsoft Office 2003 Service Pack 1 (Uses the Windows OLE component)
Microsoft Office 2003 (Uses the Windows OLE component)

Microsoft Office 2003 Software:
• Outlook® 2003
• Word 2003
• Excel 2003
• PowerPoint® 2003
• FrontPage® 2003
• Publisher 2003
• Access 2003
•InfoPath™ 2003
•OneNote™ 2003
Microsoft Security Bulletin MS05-013
Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)

Affected Software:
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-014
Cumulative Security Update for Internet Explorer (867282)

Affected Software:
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
Internet Explorer 5.01 Service Pack 3 (SP3) on Windows 2000 Service Pack 3
Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition
Internet Explorer 6 for Windows XP Service Pack 1 (64-Bit Edition)
Internet Explorer 6 for Windows Server 2003
Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003
Internet Explorer 6 for Windows XP Service Pack 2
Microsoft Security Bulletin MS05-015
Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)

Affected Software:
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-016
Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows XP Professional x64 Edition
Microsoft Security Bulletin MS05-017
Vulnerability in Message Queuing Could Allow Code Execution (892944)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows 98 and Microsoft Windows 98 Second Edition (SE) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003 and Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-018
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) - Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows XP Professional x64 Edition
Microsoft Security Bulletin MS05-019
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows XP Professional x64 Edition
Microsoft Security Bulletin MS05-020
Cumulative Security Update for Internet Explorer (890923)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) Tested Microsoft Windows Components:

NON Affected Software:
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows XP Professional x64 Edition

Affected Components:
• Internet Explorer 5.01 Service Pack 3 on Microsoft Windows 2000 Service Pack 3
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition – Review the FAQ section of this bulletin for details about this version.
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition – Review the FAQ section of this bulletin for details about this version.
• Internet Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Internet Explorer 6 for Microsoft Windows Server 2003
• Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Security Bulletin MS05-021
Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)

Affected Software:
• Microsoft Exchange 2000 Server Service Pack 3
• Microsoft Exchange Server 2003
• Microsoft Exchange Server 2003 Service Pack 1

NON Affected Software:
• Microsoft Exchange Server 5.5 Service Pack 4
• Microsoft Exchange Server 5.0 Service Pack 2
Microsoft Security Bulletin MS05-023
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)

Affected Software:
• Microsoft Word 2000 and Microsoft Works Suite 2001
• Microsoft Word 2002, Microsoft Works Suite 2002, Microsoft Works Suite 2003, and Microsoft Works Suite 2004
• Microsoft Office Word 2003
Microsoft Security Bulletin MS05-024
Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-025
Cumulative Security Update for Internet Explorer (883939)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
• Internet Explorer 5.01 Service Pack 3 on Microsoft Windows 2000 Service Pack 3
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
• Internet Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition, and Microsoft Windows XP Professional x64 Edition
• Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition – Review the FAQ section of this bulletin for details about this version.
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition – Review the FAQ section of this bulletin for details about this version.
Microsoft Security Bulletin MS05-026
Vulnerability in HTML Help Could Allow Remote Code Execution (896358)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.
Microsoft Security Bulletin MS05-027
Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-028
Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)

Affected Software:
• Microsoft Windows XP Service Pack 1
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems

NON Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-029
Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)

Affected Software:
• Microsoft Exchange Server 5.5 Service Pack 4

NON Affected Software:
• Microsoft Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004.
• Microsoft Exchange Server 2003
• Microsoft Exchange Server 2003 Service Pack 1
Microsoft Security Bulletin MS05-030
Cumulative Security Update in Outlook Express (897715)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows Server 2003
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.

NON Affected Software:
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Service Pack 2

Affected Components:
• Outlook Express 5.5 Service Pack 2 on Microsoft Windows 2000 Service Pack 3
• Microsoft Windows 2000 Service Pack 4
• Outlook Express 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3
• Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
• Outlook Express 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Outlook Express 6 for Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Outlook Express 6 for Microsoft Windows Server 2003 for Itanium-based Systems
• Outlook Express 6 for Microsoft Windows Server 2003
Microsoft Security Bulletin MS05-031
Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.

Affected Components:
• Step-by-Step Interactive Training
• Step-by-Step Interactive Training when it is running on Itanium-based systems
• Step-by-Step Interactive Training when it is running on x64-based systems
Microsoft Security Bulletin MS05-032
Vulnerability in Microsoft Agent Could Allow Spoofing (890046)

Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.
Microsoft Security Bulletin MS05-033
Vulnerability in Telnet Client Could Allow Information Disclosure (896428)

Affected Software:
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows Services for UNIX 3.5 when running on Windows 2000
• Microsoft Windows Services for UNIX 3.0 when running on Windows 2000
• Microsoft Windows Services for UNIX 2.2 when running on Windows 2000

NON Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-034
Cumulative Security Update for ISA Server 2000 (899753)

Affected Software:
• Microsoft Internet Security and Acceleration (ISA) Server 2000 Service Pack 2

Note The following software programs include ISA Server 2000. Customers who use these software programs should install the provided ISA Server 2000 security update.
• Microsoft Small Business Server 2000
• Microsoft Small Business Server 2003 Premium Edition

NON Affected Software:
• Microsoft Internet Security and Acceleration (ISA) Server 2004 Standard Edition
• Microsoft Internet Security and Acceleration (ISA) Server 2004 Enterprise Edition
Microsoft Security Bulletin MS05-035
Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)

Affected Software:
• Microsoft Office 2000 Software Service Pack 3 - (KB895333)
• Word 2000

• Microsoft Office XP Software Service Pack 3 - (KB895589)
• Word 2002

• Microsoft Works Suites:
• Microsoft Works Suite 2000 - (KB895333)
• Microsoft Works Suite 2001 - (KB895333)
• Microsoft Works Suite 2002 - (KB895589)
• Microsoft Works Suite 2003 - (KB895589)
• Microsoft Works Suite 2004 - (KB895589)

NON Affected Software:
• Microsoft Office 2003 Word
• Microsoft Office Word 2003 Viewer
Microsoft Security Bulletin MS05-036
Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.
Microsoft Security Bulletin MS05-037
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
• JView Profiler
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
• Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
• Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
• Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE or on Microsoft Windows Millennium Edition
Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.

Affected Components:
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
• Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
• Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
• Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition – Review the FAQ section of this bulletin for details about this version.
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition – Review the FAQ section of this bulletin for details about this version.
Microsoft Security Bulletin MS05-039
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-040
Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.
Microsoft Security Bulletin MS05-041
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)

Affected Software:
• Microsoft Windows 2000 Server Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 2000 Professional Service Pack 4
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-042
Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-043
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems

NON Affected Software:
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-044
Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)

Affected Software:
• Microsoft Windows XP Service Pack 1
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems

NON Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4

NON Affected Components:
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Microsoft Security Bulletin MS05-045
Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

NON Affected Software:
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-046
Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1

NON Affected Software:
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-047
Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

NON Affected Software:
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-048
Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
• Microsoft Exchange Server 5.5
• Microsoft Exchange Server 2003
• Microsoft Exchange Server 2003 Service Pack 1
Microsoft Security Bulletin MS05-049
Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-050
Vulnerability in DirectShow Could Allow Remote Code Execution (904706)

Affected Software:
• Microsoft DirectX 7.0 on Microsoft Windows 2000 with Service Pack 4
• Microsoft DirectX 8.1 on Microsoft Windows XP Service Pack 1
• Microsoft DirectX 9.0c on Microsoft Windows XP with Service Pack 2
• Microsoft DirectX 9.0c on Microsoft Windows XP Professional x64 Edition
• Microsoft DirectX 8.1 on Microsoft Windows Server 2003
• Microsoft DirectX 9.0c on Microsoft Windows Server 2003 with Service Pack 1
• Microsoft DirectX 8.1 on Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft DirectX 9.0c on Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
• Microsoft DirectX 9.0c on Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
• Microsoft DirectX 8.0, 8.0a, 8.1, 8.1a, 8.1b, and 8.2 when installed on Windows 2000 Service Pack 4
• Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c when installed on Windows 2000 Service Pack 4
• Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c when installed on Windows XP Service Pack 1
• Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c when installed on Windows Server 2003
Microsoft Security Bulletin MS05-051
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-052
Cumulative Security Update for Internet Explorer (896688)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
• Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
• Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
• Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition
Microsoft Security Bulletin MS05-053
Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
Microsoft Security Bulletin MS05-054
Cumulative Security Update for Internet Explorer (905915)

Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition family
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Affected Components:
• Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
• Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
• Internet Explorer 6 for Microsoft Windows XP Service Pack 2
• Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
• Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
• Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition • Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition
Microsoft Security Bulletin MS05-055
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)

Affected Software:
• Microsoft Windows 2000 Service Pack 4

NON Affected Software:
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

GOTO:   Microsoft Security Bulletin Center - 2000
GOTO:   Microsoft Security Bulletin Center - 2001
GOTO:   Microsoft Security Bulletin Center - 2002
GOTO:   Microsoft Security Bulletin Center - 2003
GOTO:   Microsoft Security Bulletin Center - 2004
GOTO:   Microsoft Security Bulletin Center - 2006
GOTO:   Microsoft Security Bulletin Center - 2007
GOTO:   Microsoft Security Bulletin Center - 2008

Subscribe to the Microsoft Security Notification Service

Microsoft Security Bulletin MS05-001

Microsoft Security Bulletin MS05-002

Microsoft Security Bulletin MS05-003

Microsoft Security Bulletin MS05-004

Microsoft Security Bulletin MS05-005

Microsoft Security Bulletin MS05-006

Microsoft Security Bulletin MS05-007

Microsoft Security Bulletin MS05-008

Microsoft Security Bulletin MS05-009

Microsoft Security Bulletin MS05-0010

Microsoft Security Bulletin MS05-011

Microsoft Security Bulletin MS05-012

Microsoft Security Bulletin MS05-013

Microsoft Security Bulletin MS05-014

Microsoft Security Bulletin MS05-015

Microsoft Security Bulletin MS05-016

Microsoft Security Bulletin MS05-017

Microsoft Security Bulletin MS05-018

Microsoft Security Bulletin MS05-019

Microsoft Security Bulletin MS05-020

Microsoft Security Bulletin MS05-021

Microsoft Security Bulletin MS05-023

Microsoft Security Bulletin MS05-024

Microsoft Security Bulletin MS05-025

Microsoft Security Bulletin MS05-026

Microsoft Security Bulletin MS05-027

Microsoft Security Bulletin MS05-028

Microsoft Security Bulletin MS05-029

Microsoft Security Bulletin MS05-030

Microsoft Security Bulletin MS05-031

Microsoft Security Bulletin MS05-032

Microsoft Security Bulletin MS05-033

Microsoft Security Bulletin MS05-034

Microsoft Security Bulletin MS05-035

Microsoft Security Bulletin MS05-036

Microsoft Security Bulletin MS05-037

Microsoft Security Bulletin MS05-038

Microsoft Security Bulletin MS05-039

Microsoft Security Bulletin MS05-040

Microsoft Security Bulletin MS05-041

Microsoft Security Bulletin MS05-042

Microsoft Security Bulletin MS05-043

Microsoft Security Bulletin MS05-044

Microsoft Security Bulletin MS05-045

Microsoft Security Bulletin MS05-046

Microsoft Security Bulletin MS05-047

Microsoft Security Bulletin MS05-048

Microsoft Security Bulletin MS05-049

Microsoft Security Bulletin MS05-050

Microsoft Security Bulletin MS05-051

Microsoft Security Bulletin MS05-052

Microsoft Security Bulletin MS05-053

Microsoft Security Bulletin MS05-054

Microsoft Security Bulletin MS05-055