Microsoft has released security patches as of July 12th, 2005.
http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx
Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification.
Should there be active exploits, the time will be adjusted and users will be informed appropriately.
Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.
Microsoft Security Bulletin MS05-035
Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)
– Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Microsoft Office 2000 Software Service Pack 3 Word 2000
Microsoft Office XP Software Service Pack 3 Word 2002
Microsoft Works Suites:
Microsoft Works Suite 2000
Microsoft Works Suite 2001
Microsoft Works Suite 2002
Microsoft Works Suite 2003
Microsoft Works Suite 2004
Microsoft Security Bulletin MS05-036
Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
– Impact: Remote Code Execution US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-037
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)
– Impact: Remote Code Execution – US-CERT: A Proof of Concept exploit script has been published.
Affected software:
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003 x64 Edition, and Microsoft Windows XP Professional x64 Edition