• Skip to main content
  • Skip to primary navigation
  • Skip to primary sidebar
  • UC Berkeley
  • Berkeley Engineering
  • EECS
Header Search Widget
IRIS

Instructional & Research Information Systems

  • About Us
  • Get Started
  • Get Help
  • FAQ
    • FAQ: Accounts
    • FAQ: EECS Slack
    • FAQ: File Storage
    • FAQ: Hardware
    • FAQ: MacOS
    • FAQ: Mail
    • FAQ: Mailing Lists
    • FAQ: Network
    • FAQ: Security
    • FAQ: Unix
    • FAQ: Web
    • FAQ: Windows
  • Services
    • Accounts
    • Backups
    • E-mail
    • EECS Login Servers
    • File Storage
    • Infrastructure
    • Mailing Lists
    • Networks
    • Printing
    • Room Reservations
    • Security
    • Software
    • Unix
    • Web
  • Policies
  • Forms
    • System Registration/Update
    • Account Request Form
    • Network Problem Report
    • Project Storage Request
    • SSL Certificate Request
    • All Other Forms
  • Rates

Microsoft Security Bulletin Summary for June

June 16, 2005 by IRIS Staff

Microsoft has released security patches as of Tuesday, June 14th 2005. The security bulletin is available at http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx

Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification. Should there be active exploits, the time will be adjusted and users will be informed appropriately. Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies http://socrates.berkeley.edu:2002/MinStds/.



Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.



Critical Security Bulletins





Microsoft Security Bulletin MS05-025
– Cumulative Security Update for Internet Explorer (883939)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Originally posted: June 14, 2005
Updated: June 15, 2005
Version: 1.1
Affected software:
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition




Microsoft Security Bulletin MS05-026
– Vulnerability in HTML Help Could Allow Remote Code Execution (896358)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition




Microsoft Security Bulletin MS05-027
– Vulnerability in SMB Could Allow Remote Code Execution (896422)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition




Important Security Bulletins





Microsoft Security Bulletin MS05-028
– Vulnerability in Web Client Service May Allow Elevation of Privilege (896426)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected software:
Windows XP Service Pack 1
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows Server 2003
Windows Server 2003 for Itanium-based Systems




Microsoft Security Bulletin MS05-029
– Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected software:
Exchange Server 5.5 Service Pack 4




Microsoft Security Bulletin MS05-030
– Cumulative Security Update in Outlook Express (897715)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected Software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows Server 2003
Windows Server 2003 for Itanium-based Systems




Microsoft Security Bulletin MS05-031
– Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.

Originally posted: June 14, 2005
Updated: June 15, 2005
Version: 1.1
Affected Software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition




Moderate Security Bulletins





Microsoft Security Bulletin MS05-032
– Vulnerability in Microsoft Agent Could Allow Spoofing (890046)
– Impact: Spoofing
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected Software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition




Microsoft Security Bulletin MS05-033
– Vulnerability in Telnet Client Could Allow Information Disclosure (896428)
– Impact: Information Disclosure
– US-CERT is not currently aware of any exploits for this vulnerability.

Originally posted: June 14, 2005
Updated: June 15, 2005
Version: 1.1
Affected Software:
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
When running on Windows 2000:
Microsoft Windows Services for UNIX 3.5
Microsoft Windows Services for UNIX 3.0
Microsoft Windows Services for UNIX 2.2




Microsoft Security Bulletin MS05-034
– Cumulative Security Update for ISA Server 2000 (899753)
– Impact of Vulnerability: Elevation of Privilege
– US-CERT is not currently aware of any exploits for this vulnerability.

Affected Software:
Microsoft Internet Security and Acceleration (ISA) Server 2000 Service Pack 2
Microsoft Small Business Server 2000
Microsoft Small Business Server 2003 Premium Edition

UPDATE

[2005-07-05 15:40:27 | Wendy Hargle, IDSG Staff]

Microsoft Security Bulletin MS05-025
– Documentation originally posted: June 14, 2005 V1.0
– Documentation updated: June 15, 2005 V1.1
– Documentation updated: June 27, 2005 V1.2

Microsoft Security Bulletin MS05-026
– Documentation originally posted: June 14, 2005 V1.0
– Documentation updated: June 29, 2005 V1.1

Microsoft Security Bulletin MS05-027
– Documentation originally posted: June 14, 2005 V1.0
– Documentation updated: June 29, 2005 V1.1

Microsoft Security Bulletin MS05-032
– Documentation originally posted: June 14, 2005 V1.0
– Documentation updated: June 29, 2005 V1.1

Microsoft Security Bulletin MS05-033
– Documentation originally posted: June 14, 2005 V1.0
– Documentation updated: June 15, 2005 V1.1
– Documentation updated: June 29, 2005 V1.2

Filed Under: News

Primary Sidebar

IRIS Service Status

Green
We have 0 Active Incidents, and 0 Scheduled Maintenances noted.

IST Service Status

Outages to campus services are listed at berkeley.statusdashboard.com.
  • About
  • Contact
  • Privacy
  • Accessibility
  • Nondiscrimination

© 2022–2025 UC Regents  |  Log in