NEWS FROM THE LAB - Tuesday, April 12, 2005

Microsoft April's security updates Posted by Ero @ 22:06 GMT

April has brought us a good set of security updates, among them 5 rated as Critical and 3 as Important.

The following are rated as Critical:

MS05-019 addresses problems in the TCP/IP implementation in different Windows versions which might allow Remote Code Execution.

MS05-020 deals with vulnerabilities in Internet Explorer which allow an attacker to take control of the machine running the affected versions.

MS05-021 also allows Remote Code Execution, this time in Microsoft Exchange Server.

MS05-022, MSN Messenger was also found vulnerable and remotely exploitable, as well as Microsoft Word MS05-023

The following updates are rated as Important:

Two more updates addressing Remote Code Execution are MS05-016 for the Windows Shell, and MS05-017 for Message Queuing.

MS05-018 deals with Elevation Of Privilege issues in the Windows kernel.

For specific details on the vulnerabilities and the affected products and versions, please refer to the information in the links provided.