Risk: Medium
Title: Cumulative Security Update for Internet Explorer (896727) MS05-038
Summary: Vulnerabilities exist in Internet Explorer, the most severe of these could allow an attacker to take complete control of an affected system.
Vulnerability: Remote Code Execution
Rating: High
Affected Software: Win XP SP1SP2, XP Pro x64, Server 2K3 and Server 2K3 SP1, Server 2K3 for Itanium Server & 2K3 SP1 for Itanium, Server 2K3 x64, Win98, Win98 SE, Win ME
Affected Components: IE 5.01 SP4 on Win2K SP4, IE6 SP1 on Win2K SP4 or on Win XP SP1, IE6 for Win XP SP2, IE6 for Win Server 2K3 and Win Server 2K3 SP1, IE6 for Win Server 2K3 for Itanium and SP1, IE6 for Win Server 2K3 x64, IE6 for Win XP Pro x64, IE 5.5 SP2 on Win ME, IE6 SP1 on Win98, on Win98 SE, or on Win ME
Title: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) MS05-039
Summary: A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Vulnerability: Remote Code Execution and Local Elevation of Privilege
Rating: High
Affected Software: Win2K SP4, Win XP SP1 and Win XP SP2, Win XP Pro x64, Win Server 2K3 and Win Server 2K3 SP1, Win Server 2K3 for Itanium and Win Server 2K3 SP1 for Itanium, Win Server 2K3 x64
Non-Affected Software: Win98, Win98 SE, and Win ME
Title: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) MS05-043
Summary: Vulnerability exists in the Print Spooler service that could allow remote code execution.
Vulnerability: Remote Code Execution
Rating: High
Affected Software: Win2L SP4, Win XP SP1 and Win XP SP2, Win Server 2K3, Win Server 2K3 for Itanium
Non-Affected Software: Win XP Pro x64, Win Server 2K3 SP1, Win Server 2K3 SP1 for Itanium, Win Server 2K3 x64, Win 98, Win 98 SE, and Win ME
Title: Vulnerability in Telephony Service Could Allow Remote Code Execution (893756) MS05-040
Summary: A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution.
Vulnerability: Remote Code Execution
Rating: Medium
Affected Software: Win 2K SP4, Win XP SP1 and Win XP SP2, Win XP Pro x64, Win Server 2K3 and Windows Server 2K3 SP1, Win Server 2K3 for Itanium and Win Server 2K3 with SP1 for Itanium, Win Server 2K3 x64, Win98, Win98 SE, and Win ME
Title: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591) MS05-041
Summary: A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding.
Vulnerability: Denial of Service
Rating: Medium
Affected Software: Win 2K Server SP4, Win XP SP1 and Win XP SP2, Win XP Pro x64, Win Server 2K3 and Win Server 2K3 SP1, Win Server 2K3 for Itanium and Win Server 2K3 with SP1 for Itanium, Win Server 2K3 x64
Non-Affected Software: Win 2K Pro SP4, Win98, Win98 SE, and Win ME
Title: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587) MS05-042
Summary: This update resolves two newly discovered vulnerabilities. The most severe of these vulnerabilities could allow denial of service.
Vulnerability: Denial of Service, Information Disclosure, and Spoofing.
Rating: Medium
Affected Software: Win2K SP4, Win XP SP1 and Win XP SP2, Win XP Pro x64, Win Server 2K3 and Win Server 2K3 SP1, Win Server 2K3 for Itanium and Win Server 2K3 with SP1 for Itanium, Win Server 2K3 x64
Non-Affected Software: Win98, Win98 SE, and Win ME