[BigFix-Announcements] BES Auto Notification: New Fixlets Published
in Fixlet Site: EnterpriseSecurity
autonotify at bigfix.com
autonotify at bigfix.com
Wed Aug 10 02:03:04 PDT 2005
Fixlet Site - EnterpriseSecurity
Current Version: 609 Published: Wed, 10 Aug 2005 02:17:23 GMT
***************************************************************
Title: MS04-018: Vulnerability in Outlook Express - Windows Server 2003
Severity: Moderate
Fixlet ID: 401809
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms04-018.mspx
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Outlook Express. A denial of service vulnerability exists in Outlook Express because of a lack of robust verification for malformed e-mail headers. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS04-018: CORRUPT PATCH - Windows 2003 Server
Severity: Moderate
Fixlet ID: 401810
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms04-018.mspx
***************************************************************
Title: MS05-023: Vulnerabilities in Microsoft Word May Lead to Remote Code Execution - Word 2003 Viewer
Severity: Important
Fixlet ID: 502311
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-023.mspx
Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word 2003 Viewer. A buffer overrun vulnerability exists in Microsoft Word 2003 Viewer that could allow an attacker to run arbitrary code on a users system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS05-038: Cumulative Security Update for Internet Explorer - IE 5.01 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503801
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that eliminates newly discovered security vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-038: CORRUPT PATCH - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503802
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
***************************************************************
Title: MS05-038: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 2000/XP
Severity: Critical
Fixlet ID: 503803
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that eliminates newly discovered security vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-038: CORRUPT PATCH - Windows 2000/XP
Severity: Critical
Fixlet ID: 503804
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
***************************************************************
Title: MS05-038: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 503805
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that eliminates newly discovered security vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-038: CORRUPT PATCH - Windows XP SP2
Severity: Critical
Fixlet ID: 503806
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
***************************************************************
Title: MS05-038: Cumulative Security Update for Internet Explorer - Windows Server 2003
Severity: Critical
Fixlet ID: 503807
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that eliminates newly discovered security vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-038: CORRUPT PATCH - Windows Server 2003
Severity: Critical
Fixlet ID: 503808
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
***************************************************************
Title: MS05-038: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 98/ME
Severity: Critical
Fixlet ID: 503809
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx
Fixlet Description: Microsoft has released a cumulative patch for Internet Explorer that eliminates newly discovered security vulnerabilities, as well as eliminating all vulnerabilities covered by earlier patches. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-038: CORRUPT PATCH - Windows 98/ME
Severity: Critical
Fixlet ID: 503810
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx
***************************************************************
Title: MS05-038: Cumulative Security Update for Internet Explorer - IE 5.5 SP2 - Windows ME
Severity: Critical
Fixlet ID: 503811
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx
Fixlet Description:
***************************************************************
Title: MS05-038: CURRUPT PATCH - Windows ME
Severity: Critical
Fixlet ID: 503812
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx
Fixlet Description: The listed computers have faulty installations of a patch for the vulnerability described in MS05-038. Some files being used by these computers have versions earlier than those of the corresponding files installed by the patch. Services or applications installed after the patch was distributed may have overwritten the files, or the initial installation may have been faulty. We recommend reinstalling this patch to ensure the safety of affected computers.
***************************************************************
Title: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege - Windows 2003
Severity: Important
Fixlet ID: 503901
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx
Fixlet Description: This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-039: CORRUPT PATCH - Windows 2003
Severity: Important
Fixlet ID: 503902
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx
***************************************************************
Title: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege - Windows XP SP1/SP2
Severity: Important
Fixlet ID: 503903
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx
Fixlet Description: This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-039: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Important
Fixlet ID: 503904
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx
***************************************************************
Title: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503905
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx
Fixlet Description: This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-039: CORRUPT PATCH - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503906
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx
***************************************************************
Title: MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution- Windows 2003
Severity: Important
Fixlet ID: 504001
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx
Fixlet Description: Microsoft has released a patch to resolve a newly-discovered, privately-reported vulnerability. A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-040: CORRUPT PATCH - Windows 2003
Severity: Important
Fixlet ID: 504002
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx
***************************************************************
Title: MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution - Windows XP SP1/SP2
Severity: Important
Fixlet ID: 504003
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx
Fixlet Description: Microsoft has released a patch to resolve a newly-discovered, privately-reported vulnerability. A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-040: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Important
Fixlet ID: 504004
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx
***************************************************************
Title: MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution - Windows 2000 SP4
Severity: Important
Fixlet ID: 504005
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx
Fixlet Description: Microsoft has released a patch to resolve a newly-discovered, privately-reported vulnerability. A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-040: CORRUPT PATCH - Windows 2000 SP4
Severity: Important
Fixlet ID: 504006
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx
***************************************************************
Title: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service - Windows 2003
Severity: Moderate
Fixlet ID: 504101
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
Fixlet Description: Microsoft has released an update that resolves a newly-discovered, privately-reported vulnerability. A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS05-041: CORRUPT PATCH - Windows 2003
Severity: Moderate
Fixlet ID: 504102
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
***************************************************************
Title: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service - Windows XP SP1/SP2
Severity: Moderate
Fixlet ID: 504103
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
Fixlet Description: Microsoft has released an update that resolves a newly-discovered, privately-reported vulnerability. A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS05-041: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Moderate
Fixlet ID: 504104
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
***************************************************************
Title: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service - Windows 2000 Server SP4
Severity: Moderate
Fixlet ID: 504105
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
Fixlet Description: Microsoft has released an update that resolves a newly-discovered, privately-reported vulnerability. A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS05-041: CORRUPT PATCH - Windows 2000 Server SP4
Severity: Moderate
Fixlet ID: 504106
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx
***************************************************************
Title: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing - Windows Server 2003
Severity: Moderate
Fixlet ID: 504201
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
Fixlet Description: Microsoft has released a patch eliminating two security vulnerabilities in Kerberos. An attacker who successfully exploited the denial of service vulnerability could cause a server to stop responding to authentication requests. The information disclosure and spoofing vulnerability could allow an attacker to access sensitive client network information. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-042: CORRUPT PATCH - Windows Server 2003
Severity: Moderate
Fixlet ID: 504202
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
***************************************************************
Title: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing - Windows XP
Severity: Low
Fixlet ID: 504203
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
Fixlet Description: Microsoft has released a patch eliminating two security vulnerabilities in Kerberos. An attacker who successfully exploited the denial of service vulnerability could cause a server to stop responding to authentication requests. The information disclosure and spoofing vulnerability could allow an attacker to access sensitive client network information. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-042: CORRUPT PATCH - Windows XP
Severity: Low
Fixlet ID: 504204
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
***************************************************************
Title: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing - Windows 2000
Severity: Moderate
Fixlet ID: 504205
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
Fixlet Description: Microsoft has released a patch eliminating two security vulnerabilities in Kerberos. An attacker who successfully exploited the denial of service vulnerability could cause a server to stop responding to authentication requests. The information disclosure and spoofing vulnerability could allow an attacker to access sensitive client network information. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-042: CORRUPT PATCH - Windows 2000
Severity: Moderate
Fixlet ID: 504206
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
***************************************************************
Title: MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution - Windows 2000
Severity: Critical
Fixlet ID: 504301
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx
Fixlet Description: Microsoft has released a patch for a newly-discovered, privately-reported vulnerability. A vulnerability exists in the Print Spooler service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-043: CORRUPT PATCH - Windows 2000
Severity: Critical
Fixlet ID: 504302
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx
***************************************************************
Title: MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution - Windows XP
Severity: Critical
Fixlet ID: 504303
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx
Fixlet Description: Microsoft has released a patch for a newly-discovered, privately-reported vulnerability. A vulnerability exists in the Print Spooler service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-043: CORRUPT PATCH - Windows XP
Severity: Critical
Fixlet ID: 504304
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx
***************************************************************
Title: MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution - Windows 2003
Severity: Moderate
Fixlet ID: 504305
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx
Fixlet Description: Microsoft has released a patch for a newly-discovered, privately-reported vulnerability. A vulnerability exists in the Print Spooler service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS05-043: CORRUPT PATCH - Windows 2003
Severity: Moderate
Fixlet ID: 504306
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx
More information about the BigFix-Announcements
mailing list