LiewCF Tech Blog

Microsoft’s first security patch roundup of 2005 brings with it three security updates, two of which are critical. Most importantly, the software giant (at least partly) fixed a flaw with a HTML Help Control function in Windows, which recently became the target of a readily available exploit.

The security bug creates way for attackers to take complete control of vulnerable systems. Win 2000, Win 2003, NT 4 and XP users – even those who’ve applied SP2 – need to apply Microsoft’s fix (MS05-001). Early reaction has been lukewarm, with security alerting firm Secunia describing it as a partial fix only.

Also on Microsoft’s critical list is an Icon and Cursor handling flaw which can be exploited providing vulnerable users are tricked into visiting maliciously constructed websites (MS05-002). A flaw in Windows indexing component rates lower on Microsoft’s peril index chiefly because the service is turned off by default. The company says this patch (MS05-003) is “important”.

[ Read TheRegister ]

Like this post? Please share:

Follow @liewcf on Twitter; Join Facebook page; Subscribe to free newsletter for updates like this article..