Risk: High
The Redmond giant publishes 3 critical vulnerabilities this month, 4 medium ones, and 2 low. Amongst these, one critical patch is a cumulative update of IE from 5.01 to version 6 on various Windows platforms. The other two critical patches concern DirectShow and MSDTC and COM+, and all three could allow a malicious attacker to take complete control of the affected system.
Critical:
- MS05-050 Vulnerability in DirectShow Could Allow Remote Code Execution (904706)
- MS05-051 Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)
- MS05-052 Cumulative Security Update for Internet Explorer (896688)
Medium:
- MS05-046 Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)
- MS05-047 Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)
- MS05-048 Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)
- MS05-049 Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)
Low:
- Bulletin MS05-044 Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)
- MS05-045 Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)
- For further details on these vulnerabilities and update downloads, visit the referenced site: