Microsoft Security Bulletins

January 2005

Microsoft is ringing in the new year with three new Security Bulletins for January 2005. Two of them are ranked as critical and one is rated Important by Microsoft.

MS05-001 deals with a flaw in the HTML Help ActiveX control in Windows which could allow an attacker to execute programs on an affected system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of a vulnerable system. The attacker could then install programs; view, change, or delete data; or create new user accounts with full privileges.

Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. You can also visit Windows Update to automatically determine what patches or updates your system needs.

• Microsoft Security Bulletin MS05-001
  Vulnerability in HTML Help Could Allow Code Execution
  Microsoft Criticality: Critical
  
  • http://www.microsoft.com/technet/security/bulletin/ms05-001.mspx

• Microsoft Security Bulletin MS05-002
  Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  
  • http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx

• Microsoft Security Bulletin MS05-003
  Vulnerability in the Indexing Service Could Allow Remote Code Execution
  Microsoft Criticality: Important
  
  • http://www.microsoft.com/technet/security/bulletin/ms05-003.mspx