Microsoft releases its Security Bulletins for October 2005
Microsoft Windows Security Bulletins for October report the release of three security patches rated "critical", four rated "important" and two rated "moderate". Details of the vulnerabilities these patches pertain to are published in Microsoft's technical summary of October Security Bulletins.
Of the three patches rated "critical", all allowing for potential remote code execution, the patch announced in Microsoft Security Bulletin MS05-050 is of the of the most importance to the majority of users. This is a vulnerability in Microsoft's DirectX multimedia component that enables media streaming and is installed by default on Windows 2000 and Windows XP. An attacker could take advantage of this vulnerability by spreading a specially crafted .avi file via e-mail or embedding it within a webpage.
Users who have out-of-date versions of DirectX might want to consider updating to version 9.0c and rebooting before applying the patch. To update DirectX go to Microsoft Update and click on Custom. When Microsoft Update has finished checking for the latest updates, click on Software, Optional in the menu on the left-hand side and then select DirectX 9.0c runtime in the main window.
Finally, make sure you go back to Microsoft Update and click on Express to install all necessary updates.
Users are advised to patch their systems against these vulnerabilities immediately. Patches can be downloaded via links posted within the appropriate Security Bulletins or by visiting Microsoft Update.
We recommend that users patch their systems by downloading and installing critical Microsoft updates as soon as possible.
Users are also encouraged to update their antivirus software daily and to install a firewall on their computers, if they have not done so already. For more information on firewalls, please read Microsoft's tutorial on how to protect your PC.
- Microsoft Security Bulletin MS05-050 - [KB904706]
- Microsoft Security Bulletin MS05-051 - [KB902400]
- Microsoft Security Bulletin MS05-052 - [KB896688]
- Technical Security Bulletin MS05-046 - [KB899589]
- Technical Security Bulletin MS05-047 - [KB905749]
- Technical Security Bulletin MS05-048 - [KB907245]
- Technical Security Bulletin MS05-049 - [KB900725]