Microsoft releases its Security Bulletin for June 2005
Microsoft Security Bulletin Summary for June reports the release of patches against recently discovered vulnerabilities in Microsoft products. Three of these patches are rated "critical" by Microsoft while four are rated "important" and another three "moderate".
Of particular note this month is a vulnerability in Internet Explorer's handling of images in the PNG image format. An attacker could potentially take complete control of vulnerable systems by exploiting this vulnerability with maliciously constructed PNG images planted on websites or sent in e-mail messages. Internet Explorer users visiting such websites or receiving such e-mails would then be vulnerable to remote code execution. This vulnerability is particularly serious because of the potential spreading capability of malicious code exploiting it. The patch against this vulnerability is included in a cumulative Internet Explorer update reported in Microsoft Security Bulletin MS05-025.
In addition to the above, critical updates have been released against remote code execution vulnerabilities in HTML Help and in Server Message Block (SMB) that could both potentially allow an attacker to take complete control of affected systems. These vulnerabilities are reported in Microsoft Security Bulletin MS05-026 and Microsoft Security Bulletin MS05-027 respectively.
Users are advised to patch their systems against these vulnerabilities immediately. Patches can be downloaded via links posted within the appropriate Security Bulletin or by visiting Windows Update.
We recommend that users patch their systems by downloading and installing critical Microsoft updates as soon as possible.
Users are also encouraged to update their antivirus software daily and to install a firewall on their computers, if they have not done so already. For more information on firewalls, please read Microsoft's tutorial on how to protect your PC.
- Microsoft Security Bulletin MS05-025 - [KB883939]
- Microsoft Security Bulletin MS05-026 - [KB896358]
- Microsoft Security Bulletin MS05-027 - [KB896422]
- Technical Security Bulletin MS05-028 - [KB896426]
- Technical Security Bulletin MS05-029 - [KB895179]
- Technical Security Bulletin MS05-030 - [KB897715]
- Technical Security Bulletin MS05-031 - [KB898458]
- Technical Security Bulletin MS05-032 - [KB890046]
- Technical Security Bulletin MS05-033 - [KB896428]
- Technical Security Bulletin MS05-034 - [KB899753]