Microsoft releases its Security Bulletin for January

13 January 2005

Microsoft's Security Bulletins for January report the release of two patches rated "critical" and one rated "important". Details of the vulnerabilities these patches pertain to are published in Microsoft's technical summary of January's Security Bulletins.

Important:
We recommend that users patch their systems by downloading and installing critical Microsoft updates as soon as possible.

Users are also encouraged to update their antivirus software daily and to install a firewall on their computers, if they have not done so already. For more information on firewalls, please read Microsoft's tutorial on how to protect your PC.

Microsoft Security Bulletin MS05-001 - [KB890175] reports the release of a patch against a serious vulnerability in HTML Help that could allow for remote code execution on an affected system. This patch is rated "critical" by Microsoft

The following software is affected by this vulnerability:

  • Windows 2000 Service Pack 3
  • Windows 2000 Service Pack 4
  • Windows XP Service Pack 1
  • Windows XP Service Pack 2
  • Windows XP 64-Bit Edition Service Pack 1
  • Windows XP 64-Bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-Bit Edition

Microsoft Security Bulletin MS05-002 - [KB891711] reports the release of a patch against a serious vulnerability in cursor and icon format handling that could allow for remote code execution on an affected system. This patch is rated "critical" by Microsoft

The following software is affected by this vulnerability:

  • Windows NT Server 4.0 Service Pack 6a
  • Windows NT Server 4.0 Terminal Server Edition Service Pack 6
  • Windows 2000 Service Pack 3
  • Windows 2000 Service Pack 4
  • Windows XP Service Pack 1
  • Windows XP 64-Bit Edition Service Pack 1
  • Windows XP 64-Bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-Bit Edition

Microsoft Security Bulletin MS05-003 - [KB871250] reports the release of a patch against a vulnerability in the indexing service that could allow for remote code execution on an affected system. This patch is rated "important" by Microsoft

The following software is affected by this vulnerability:

  • Windows 2000 Service Pack 3
  • Windows 2000 Service Pack 4
  • Windows XP Service Pack 1
  • Windows XP 64-Bit Edition Service Pack 1
  • Windows XP 64-Bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-Bit Edition

Users are advised to patch their systems against these vulnerabilities immediately. Patches can be downloaded via links posted within the appropriate Security Bulletin or by visiting Windows Update.

Relevant links:

Commtouch® is a leading developer of anti virus software and anti spam filtering services. Commtouch's anti virus computer software, F-PROT Antivirus, is available for a number of operating systems such as Windows, Linux, BSD, Solaris, and AIX as well as the Microsoft Exchange groupware.

1993-2013 © CYREN