Y
Yves Leclerc
I just received an email which I do not believe that this "patch" is valid.
The links do not "seem" to point to any of Microsoft's true web sites (note: I
removed the the url links in case that these are not true Microsoft's urls
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
---------------------------------------------------------------
Microsoft Security Bulletin MS05-039
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation
of Privilege (899588)
Summary:
Who should receive this document: Customers who use Microsoft Windows
Impact of Vulnerability: Remote Code Execution and Local Elevation of Privilege
Maximum Severity Rating: CRITICAL
Recommendation: Customers should apply the update immediately.
Security Update Replacement: None
Caveats: None
Tested Software and Security Update Download Locations:
Affected Software:
o Microsoft Windows 2000 Service Pack 4 -
o Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 -
o Microsoft Windows XP Professional x64 Edition -
o Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack
1 -
o Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft
Windows Server 2003 with SP1 for Itanium-based Systems -
o Microsoft Windows Server 2003 x64 Edition -
Non-Affected Software:
o Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (ME)
Executive Summary:
This update resolves a newly-discovered, privately-reported vulnerability. A
remote code execution vulnerability exists in Plug and Play (PnP) that could
allow an attacker who successfully exploited this vulnerability to take
complete control of the affected system. An attacker could then install
programs; view, change, or delete data; or create new accounts with full user
rights.
Conclusion: We recommend that customers apply the update immediately.
© 2005 Microsoft Corporation. All rights reserved. Terms of Use
<http://www.microsoft.com/info/cpyright.mspx> | Trademarks
<http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx> | Privacy
Statement <http://www.microsoft.com/info/privacy.mspx>
The links do not "seem" to point to any of Microsoft's true web sites (note: I
removed the the url links in case that these are not true Microsoft's urls
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
---------------------------------------------------------------
Microsoft Security Bulletin MS05-039
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation
of Privilege (899588)
Summary:
Who should receive this document: Customers who use Microsoft Windows
Impact of Vulnerability: Remote Code Execution and Local Elevation of Privilege
Maximum Severity Rating: CRITICAL
Recommendation: Customers should apply the update immediately.
Security Update Replacement: None
Caveats: None
Tested Software and Security Update Download Locations:
Affected Software:
o Microsoft Windows 2000 Service Pack 4 -
o Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 -
o Microsoft Windows XP Professional x64 Edition -
o Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack
1 -
o Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft
Windows Server 2003 with SP1 for Itanium-based Systems -
o Microsoft Windows Server 2003 x64 Edition -
Non-Affected Software:
o Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (ME)
Executive Summary:
This update resolves a newly-discovered, privately-reported vulnerability. A
remote code execution vulnerability exists in Plug and Play (PnP) that could
allow an attacker who successfully exploited this vulnerability to take
complete control of the affected system. An attacker could then install
programs; view, change, or delete data; or create new accounts with full user
rights.
Conclusion: We recommend that customers apply the update immediately.
© 2005 Microsoft Corporation. All rights reserved. Terms of Use
<http://www.microsoft.com/info/cpyright.mspx> | Trademarks
<http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx> | Privacy
Statement <http://www.microsoft.com/info/privacy.mspx>