===================================================================== CERT-Renater Note d'Information No. 2005/VULN073 _____________________________________________________________________ DATE : 09/02/2005 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows 98, Windows Me, Windows 2000, Windows XP, Windows Server 2003. ====================================================================== MS05-013 Title: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Code Execution (891781) Affected Software: - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 - Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium) - Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium) - Microsoft Windows Server 2003 - Microsoft Windows Server 2003 for Itanium-based Systems - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) - Review the FAQ section of this bulletin for details about these operating systems. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Restart required: This update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart. Update can be uninstalled: Yes More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS05-013.mspx ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================