Published on RioSec (http://riosec.com)

Home > Microsoft December patches

Microsoft December patches

By Christopher
Created 2005-12-13 20:21

Today Microsoft has released two security patches for Microsoft Windows as follows:

 ID  Title  Severity  Impacts
 MS05-054 [1]  Cumulative Security Update for Internet Explorer  Critical  2000, XP, 2003
 MS05-055 [2]  Vulnerability in Windows Kernel Could Allow Elevation of Privilege

 Important

  2000

The cumulative security update for IE contains fixes for the following vulnerabilities:

 CAN-2005-2829  File Download Dialog Box Manipulation Vulnerability
 CAN-2005-2830  HTTPS Proxy Vulnerability
 CAN-2005-2831  COM Object Instantiation Memory Corruption Vulnerability
 CAN-2005-1790  Mismatched Document Object Model Objects Memory Corruption Vulnerability

 The vulnerability CAN-2005-1790 is the infamous IE Javascript 0-day exploit

Except where otherwise noted, site content is licensed under a Creative Commons Attribution 2.5 License
Source URL: http://riosec.com/microsoft-december-patches

Links:
[1] http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
[2] http://www.microsoft.com/technet/security/Bulletin/MS05-055.mspx