=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN075
_____________________________________________________________________

DATE                      : 09/02/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 98, Windows Me, Windows 2000, Windows XP,
                                  Windows Server 2003.

======================================================================

MS05-015
Title:  Vulnerability in Hyperlink Object Library Could Allow Remote
Code Execution (888113)

Affected Software:
  - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
  - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2
  - Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
  - Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
  - Microsoft Windows Server 2003
  - Microsoft Windows Server 2003 for Itanium-based Systems
  - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)

Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Critical

Restart required:  This update does not require a restart. The
installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be
stopped for any reason, or if required files are being used, this
update will require a restart. If this behavior occurs, a message
appears that advises you to restart.

Update can be uninstalled:  Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-015.mspx

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================