Multiple Vulnerabilities in Microsoft Windows Components
Systems Affected
- Microsoft Windows Systems
For a complete list of affected versions of the Windows operating systems and components, refer to the April 2005 Updates for Windows, MSN Messenger, and Office.
Overview
There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, MSN Messenger, and Word.
Description
There are vulnerabilities in Microsoft Windows, Internet Explorer, MSN Messenger, and Word that may allow an attacker to take control of your computer or cause it to crash. To exploit some of these vulnerabilities, an attacker may attempt to convince you to view a malicious web page, image, or Word document.
For more technical information, see US-CERT Technical Alert TA05-102A.
Resolution
Apply an update
Obtain the appropriate updates from Windows Update or by using Automatic Updates.
Do not follow unsolicited links
Do not click on unsolicited links received in email, instant messages, web forums, or chat rooms. While this is generally a good security practice, following this behavior will not prevent the exploitation of these vulnerabilities in all cases.
Maintain updated anti-virus software
Anti-virus software with updated virus definitions may identify and prevent some exploit attempts. Update your anti-virus software. More information about viruses and anti-virus vendors is available on the US-CERT Computer Virus Resources page.
References
- Microsoft Security Bulletin Summary for April, 2005 - <http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx>
- US-CERT Technical Cyber Security Alert TA05-102A - <http://www.us-cert.gov/cas/techalerts/TA05-102A.html>
- US-CERT Vulnerability Note VU#774338 - <http://www.kb.cert.org/vuls/id/774338>
- US-CERT Vulnerability Note VU#756122 - <http://www.kb.cert.org/vuls/id/756122>
- US-CERT Vulnerability Note VU#222050 - <http://www.kb.cert.org/vuls/id/222050>
- US-CERT Vulnerability Note VU#633446 - <http://www.kb.cert.org/vuls/id/633466>
- US-CERT Vulnerability Note VU#233754 - <http://www.kb.cert.org/vuls/id/233754>
- US-CERT Vulnerability Note VU#442567 - <http://www.kb.cert.org/vuls/id/442567>
- US-CERT Vulnerability Note VU#752591 - <http://www.kb.cert.org/vuls/id/752591>
Authors: Eric J. Hayes and Art Manion. Feedback can be directed to US-CERT -->.
Copyright 2005 Carnegie Mellon University. Terms of use
Revision History
- April 12, 2005: Initial release
April 13, 2005: Updated feedback link
Last updated
This product is provided subject to this Notification and this Privacy & Use policy.