Header Search Widget
IRIS

Instructional & Research Information Systems

Microsoft Security Bulletin Summary for December 2005

by


********************************************************************
Title: Microsoft Security Bulletin Summary for December 2005
Issued: December 13, 2005
Version Number: 1.0
Bulletin: http://socrates.berkeley.edu:2002/MinStds/
********************************************************************

Security patches defined by Microsoft as “critical” or “important”
MUST be applied within 10 business days of notification. Should there
be active exploits, the time will be adjusted and users will be
informed appropriately. Hosts unpatched after the defined time are
subject to scanning and removal from the EECS network as per campus
IT security policies http://socrates.berkeley.edu:2002/MinStds/

Patching is sometimes dependent on the service pack level of the
Microsoft OS, and installed applications, please read requirements
carefully.

Critical Security Bulletins
===========================

MS05-054 – Cumulative Security Update for Internet Explorer (905915)

Impact: Remote Code Execution

Affected Software:

  • Windows Server 2003
  • Windows Server 2003 Service Pack 1
  • Windows Server 2003 x64 Edition
  • Windows Server 2003 for Itanium-based Systems
  • Windows Server 2003 with SP1 for Itanium-based Systems
  • Windows XP Service Pack 1
  • Windows XP Service Pack 2
  • Windows XP Professional x64 Edition
  • Windows 2000 Service Pack 4

    • Review the FAQ section of bulletin MS05-054 for information about these operating systems:

  • Windows 98
  • Windows 98 Second Edition (SE)
  • Windows Millennium Edition (ME)

    • Version Number: 1.0

    Important Security Bulletins
    ============================

    MS05-055 – Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)

    Impact: Elevation of Privilege

    Affected Software:

  • Windows 2000 Service Pack 4

    • Version Number: 1.0