Microsoft Windows Security Bulletin Summary for January, 2005

Summary

The Microsoft Windows security update for January 2005 addresses three newly discovered issues in Windows.

Severity Rating: Critical

Affected Software	Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition Microsoft Windows 98, Windows 98 Second Edition Microsoft Windows Millennium Edition
Affected Components	Internet Explorer 6.0 Service Pack 1 when installed on Microsoft Windows NT Server 4.0 Service Pack 6a or Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6.
Executive Summary	A vulnerability exists in Windows that could allow remote code execution on an affected system.
Impact	Remote Code Execution
Patches	Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition Microsoft Windows 98, Windows 98 Second Edition and Windows Me: Update available on the WindowsUpdate Web site.

Non-Affected Software:

Affected Software	Microsoft Windows NT Server 4.0 Service Pack 6a Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition Microsoft Windows 98, Windows 98 Second Edition, Microsoft Windows Millennium Edition
Executive Summary	A vulnerability exists in Windows that could allow remote code execution on an affected system.
Impact	Remote Code Execution
Patches	Microsoft Windows NT Server 4.0 Service Pack 6a Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition Microsoft Windows 98, Windows 98 Second Edition and Windows Me: Update will be made available on the WindowsUpdate Web site.

Non-Affected Software:

Severity Rating: Important

Affected Software	Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition
Executive Summary	A vulnerability exists in the Indexing Service that could allow remote code execution on an affected system. The Indexing Service is not enabled by default on the affected systems.
Impact	Elevation of Privilege
Patches	Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition

Non-Affected Software:

Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows XP Service Pack 2
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

Site menu: