Results 1 to 2 of 2

Thread: Microsoft Security Bulletin MS05-009

  1. #1
    Member
    Join Date
    Aug 2004
    Posts
    213
    Microsoft Security Bulletin MS05-009
    Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)

    Issued: February 8, 2005
    Version: 1.0
    Summary

    Who should read this document: Customers who use Microsoft Windows Media Player, Windows Messenger and MSN Messenger

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should apply the update immediately

    Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

    Caveats: None

    Tested Software and Security Update Download Locations:

    Affected Software:
    ?Microsoft Windows Media Player 9 Series (when running on Windows 2000, Windows XP Service Pack 1 and Windows Server 2003) ? Download the update
    ?Microsoft Windows Messenger version 5.0 (standalone version that can be installed on all supported operating systems) ? Download the update
    ?Microsoft MSN Messenger 6.1 ? Download the update
    ?Microsoft MSN Messenger 6.2 ? Download the update
    ?Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) ? Review the FAQ section of this bulletin for details about these operating systems.

    Non-Affected Software:
    ?Windows Media Player 6.4
    ?Windows Media Player 7.1
    ?Windows Media Player for Windows XP (8.0)
    ?Windows Media Player 9 Series for Windows XP Service Pack 2
    ?Windows Media Player 10
    ?MSN Messenger for Mac

    Tested Microsoft Windows Components:

    Affected Components:
    ?Microsoft Windows Messenger version 4.7.0.2009 (when running on Windows XP Service Pack 1) ? Download the update
    ?Microsoft Windows Messenger version 4.7.0.3000 (when running on Windows XP Service Pack 2) ? Download the update

    Executive Summary:

    This update resolves a newly-discovered, public vulnerability. A remote code execution vulnerability exists in the processing of PNG image formats. The vulnerability is documented in the ?Vulnerability Details? section of this bulletin.

    An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    http://www.microsoft.com/technet/security/...n/ms05-009.mspx

  2. #2
    Newbie
    Join Date
    Apr 2005
    Posts
    2
    [attachment=61]

    The attachment is a result of the MBSA program that I ran. (Ver 1.2.1)
    It shows a security update that could not be confirmed.
    My affected software as explained in the MS05-009 bulletin would be my MSN messenger 6.2.

    So when I click on that download, it shows a whole bunch of exe. files, do they suggest that I download all of those exe's.

    Is there anyway that someone could explain to me how or what I should do with this information to correct the problem.

    Regards.
    Frankie

Similar Threads

  1. Microsoft Security Bulletin MS05-010
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 02-26-2005, 02:24 AM
  2. Microsoft Security Bulletin MS05-005
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 02-26-2005, 02:21 AM
  3. Microsoft Security Bulletin MS05-004
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 02-26-2005, 02:20 AM
  4. Microsoft Security Bulletin MS05-003
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 02-26-2005, 02:17 AM
  5. Microsoft Security Bulletin MS05-001
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 02-26-2005, 02:12 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •