=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN068
_____________________________________________________________________

DATE                      : 09/02/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 98, Windows Me, Windows 2000, Windows XP,
                               Windows Server 2003.

======================================================================

MS05-008
Title:  Vulnerability in Windows Shell Could Allow Remote Code
Execution (890047)

Affected Software:
  - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
  - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
  - Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
  - Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
  - Microsoft Windows Server 2003
  - Microsoft Windows Server 2003 for Itanium-based Systems
  - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Important

Restart required: Yes

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-008.mspx

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================