=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN074
_____________________________________________________________________

DATE                      : 09/02/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 98, Windows Me, Windows 2000, Windows XP,
                                  Windows Server 2003 running Internet Explorer 5.01,
                                     Internet Explorer 5.5, Internet Explorer 6.

======================================================================

MS05-014
Title:  Cumulative Security Update for Internet Explorer (867282)
Affected Software:
  - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
  - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
  - Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
  - Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
  - Microsoft Windows Server 2003
  - Microsoft Windows Server 2003 for Itanium-based Systems
  - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME) - Review the FAQ
section of this bulletin for details about these operating systems.

Affected Components:
  - Internet Explorer 5.01 Service Pack 3 (SP3) on Windows 2000
Service Pack 3
  - Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack
4
  - Internet Explorer 5.5 Service Pack 2 on Microsoft Windows
Millennium Edition: - Review the FAQ section of this bulletin for
details about this version.
  - Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000
Service Pack 3, on Microsoft Windows 2000 Service Pack 4, on
Microsoft Windows XP, or on Microsoft Windows XP Service Pack 1
  - Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on
Microsoft Windows 98 SE, or on Microsoft Windows Millennium Edition:
- - Review the FAQ section of this bulletin for details about this
version.
  - Internet Explorer 6 for Windows XP Service Pack 1 (64-Bit Edition)
  - Internet Explorer 6 for Windows Server 2003
  - Internet Explorer 6 for Windows Server 2003 64-Bit Edition and
Windows XP 64-Bit Edition Version 2003
  - Internet Explorer 6 for Windows XP Service Pack 2

Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Critical

Restart required: You must restart your system after you apply this
security update. You do not have to use an administrator logon after
the computer restarts for any version of this update.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-014.mspx

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================