Microsoft Security Bulletin(s) for 1/11/2005

Archived from groups: microsoft.public.security,microsoft.public.security.homeusers,microsoft.public.win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

January 11, 2005
Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are
authoritative in all matters concerning Microsoft Security Bulletins! ANY
e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the
individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft
security notices, it is recommended that you physically type the URLs into
your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://www.microsoft.com/technet/security/Bulletin/ms05-jan.mspx

Critical Bulletins:

Vulnerability in HTML Help Could Allow Code Execution (890175)
http://www.microsoft.com/technet/security/Bulletin/ms05-001.mspx

Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code
Execution (891711)
http://www.microsoft.com/technet/security/Bulletin/ms05-002.mspx

Important Bulletins:

Vulnerability in the Indexing Service Could Allow Remote Code Execution
(871250)
http://www.microsoft.com/technet/security/Bulletin/ms05-003.mspx


This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.

--
Regards,

Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities

Get Secure! www.microsoft.com/security


This posting is provided "AS IS" with no warranties, and confers no rights.
4 answers Last reply
More about microsoft security bulletin 2005
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    regarding the security of the microsoft virus/trojan
    cleaner in the windows update ,that sends out info if a bug
    is found.....

    how secure is it or is it just like a virus itself?

    and why can't you hide this nuisence update when you don't
    need it.


    >-----Original Message-----
    >January 11, 2005
    >Today Microsoft released the following Security Bulletin(s).
    >
    >Note: www.microsoft.com/technet/security and
    www.microsoft.com/security are
    >authoritative in all matters concerning Microsoft Security
    Bulletins! ANY
    >e-mail, web board or newsgroup posting (including this
    one) should be
    >verified by visiting these sites for official information.
    Microsoft never
    >sends security or other updates as attachments. These
    updates must be
    >downloaded from the microsoft.com download center or
    Windows Update. See the
    >individual bulletins for details.
    >
    >Because some malicious messages attempt to masquerade as
    official Microsoft
    >security notices, it is recommended that you physically
    type the URLs into
    >your web browser and not click on the hyperlinks provided.
    >
    >Bulletin Summary:
    >
    >http://www.microsoft.com/technet/security/Bulletin/ms05-jan.mspx
    >
    >Critical Bulletins:
    >
    >Vulnerability in HTML Help Could Allow Code Execution (890175)
    >http://www.microsoft.com/technet/security/Bulletin/ms05-001.mspx
    >
    >Vulnerability in Cursor and Icon Format Handling Could
    Allow Remote Code
    >Execution (891711)
    >http://www.microsoft.com/technet/security/Bulletin/ms05-002.mspx
    >
    >Important Bulletins:
    >
    >Vulnerability in the Indexing Service Could Allow Remote
    Code Execution
    >(871250)
    >http://www.microsoft.com/technet/security/Bulletin/ms05-003.mspx
    >
    >
    >This represents our regularly scheduled monthly bulletin
    release (second
    >Tuesday of each month). Please note that Microsoft may
    release bulletins out
    >side of this schedule if we determine the need to do so.
    >
    >If you have any questions regarding the patch or its
    implementation after
    >reading the above listed bulletin you should contact
    Product Support
    >Services in the United States at 1-866-PCSafety
    (1-866-727-2338).
    >International customers should contact their local subsidiary.
    >
    >--
    >Regards,
    >
    >Jerry Bryant - MCSE, MCDBA
    >Microsoft IT Communities
    >
    >Get Secure! www.microsoft.com/security
    >
    >
    >This posting is provided "AS IS" with no warranties, and
    confers no rights.
    >
    >
    >.
    >
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    ....and what is it? The security bulletin doesn't mention it and does not
    give details.

    Tom
    "dick" <anonymous@discussions.microsoft.com> wrote in message
    news:200101c4f81c$2e580670$a301280a@phx.gbl...
    |
    | regarding the security of the microsoft virus/trojan
    | cleaner in the windows update ,that sends out info if a bug
    | is found.....
    |
    | how secure is it or is it just like a virus itself?
    |
    | and why can't you hide this nuisence update when you don't
    | need it.
    |
    |
    |
    | >-----Original Message-----
    | >January 11, 2005
    | >Today Microsoft released the following Security Bulletin(s).
    | >
    | >Note: www.microsoft.com/technet/security and
    | www.microsoft.com/security are
    | >authoritative in all matters concerning Microsoft Security
    | Bulletins! ANY
    | >e-mail, web board or newsgroup posting (including this
    | one) should be
    | >verified by visiting these sites for official information.
    | Microsoft never
    | >sends security or other updates as attachments. These
    | updates must be
    | >downloaded from the microsoft.com download center or
    | Windows Update. See the
    | >individual bulletins for details.
    | >
    | >Because some malicious messages attempt to masquerade as
    | official Microsoft
    | >security notices, it is recommended that you physically
    | type the URLs into
    | >your web browser and not click on the hyperlinks provided.
    | >
    | >Bulletin Summary:
    | >
    | >http://www.microsoft.com/technet/security/Bulletin/ms05-jan.mspx
    | >
    | >Critical Bulletins:
    | >
    | >Vulnerability in HTML Help Could Allow Code Execution (890175)
    | >http://www.microsoft.com/technet/security/Bulletin/ms05-001.mspx
    | >
    | >Vulnerability in Cursor and Icon Format Handling Could
    | Allow Remote Code
    | >Execution (891711)
    | >http://www.microsoft.com/technet/security/Bulletin/ms05-002.mspx
    | >
    | >Important Bulletins:
    | >
    | >Vulnerability in the Indexing Service Could Allow Remote
    | Code Execution
    | >(871250)
    | >http://www.microsoft.com/technet/security/Bulletin/ms05-003.mspx
    | >
    | >
    | >This represents our regularly scheduled monthly bulletin
    | release (second
    | >Tuesday of each month). Please note that Microsoft may
    | release bulletins out
    | >side of this schedule if we determine the need to do so.
    | >
    | >If you have any questions regarding the patch or its
    | implementation after
    | >reading the above listed bulletin you should contact
    | Product Support
    | >Services in the United States at 1-866-PCSafety
    | (1-866-727-2338).
    | >International customers should contact their local subsidiary.
    | >
    | >--
    | >Regards,
    | >
    | >Jerry Bryant - MCSE, MCDBA
    | >Microsoft IT Communities
    | >
    | >Get Secure! www.microsoft.com/security
    | >
    | >
    | >This posting is provided "AS IS" with no warranties, and
    | confers no rights.
    | >
    | >
    | >.
    | >
  3. Archived from groups: microsoft.public.security,microsoft.public.security.homeusers,microsoft.public.win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

    > Jerry Bryant [MSFT] scribbled:

    Snip the updates announcements; Already installed successfully, and being
    tested.

    Care to clarify how to use the 'malware removal tool?'

    So far the only way I can run it is by double clicking on the downloaded
    install file (Windows-KB890830-ENU.exe) and agreeing to the EULA each
    time....

    Is this the way it's supposed to work?

    On http://support.microsoft.com/?kbid=890830 it says this:
    <quote>
    When the Malicious Software Removal Tool runs, it performs the following
    functions. Except where noted, the tool has the same behavior independent of
    what command-line switches you use or how you download and run the tool.
    Note that the tool is not actually installed on a computer. Therefore, no
    entry is created for it in the Programs folder or in Add/Remove Programs.
    <end quote>

    Which indicates it's not actually installed on the Hard drive as a program
    to run....

    --
    mlvburke@xxxxxxxx.nz
    Replace the obvious with paradise.net to email me
    Found Images
    http://homepages.paradise.net.nz/~mlvburke
  4. Archived from groups: microsoft.public.security,microsoft.public.security.homeusers,microsoft.public.win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

    Max Burke wrote:

    >> Jerry Bryant [MSFT] scribbled:
    >
    >
    > Snip the updates announcements; Already installed successfully, and
    > being tested.
    >
    > Care to clarify how to use the 'malware removal tool?'
    >
    > So far the only way I can run it is by double clicking on the downloaded
    > install file (Windows-KB890830-ENU.exe) and agreeing to the EULA each
    > time....
    >
    > Is this the way it's supposed to work?
    Hi

    To run it unattended, run it like this:
    Windows-KB890830-ENU.exe /Q

    After the scan is complete, the tool creates a file Mrt.log that
    contains the results of the scan. The file is in the %windir%\Debug
    folder.

    If you run
    Windows-KB890830-ENU.exe /?
    you will get this message box:

    ---------------------------
    Microsoft® Windows® Malicious Software Removal Tool
    ---------------------------
    Usage:
    /Q - quiet mode; if set, no UI is shown
    /? - displays usage and engine version information
    ---------------------------
    OK
    ---------------------------

    More here also:

    Deployment of the Microsoft Windows Malicious Software Removal Tool in an
    enterprise environment
    http://support.microsoft.com/default.aspx?scid=kb;en-us;891716


    --
    torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
    Administration scripting examples and an ONLINE version of
    the 1328 page Scripting Guide:
    http://www.microsoft.com/technet/scriptcenter/default.mspx
Ask a new question

Read More

Security Microsoft Windows XP