Microsoft has released security patches as of August 9th, 2005.
Bulletin: http://go.microsoft.com/fwlink/?LinkId=51160
Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification. Should there be active exploits, the time will be adjusted and users will be informed appropriately. Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.
Critical Security Bulletins
===========================
Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-039
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-043
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Important Security Bulletins
============================
Microsoft Security Bulletin MS05-040
Vulnerability in Telephony Service Could Allow Remote Code Execution (893756) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Moderate Security Bulletins
===========================
Microsoft Security Bulletin MS05-041
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-042
Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition