=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN255
_____________________________________________________________________

DATE                      : 13/04/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running IE 6, IE 5.01.

======================================================================

Microsoft Security Bulletin MS05-020
Title:  Cumulative Security Update for Internet Explorer (890923)

Affected Software:
  - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
  - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
  - Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
  - Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
  - Microsoft Windows Server 2003
  - Microsoft Windows Server 2003 for Itanium-based Systems
  - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE)
  - Microsoft Windows Millennium Edition (ME) Tested Microsoft Windows Components:

Affected Components:
  - Internet Explorer 5.01 Service Pack 3 on Microsoft Windows 2000 Service Pack 3
  - Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
  - Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition
  - Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3,
                                       on Microsoft Windows 2000 Service Pack 4,
                                       on Microsoft Windows XP Service Pack 1,
                                       on Microsoft Windows 98,
                                       on Microsoft Windows 98 SE, or
                                       on Microsoft Windows Millennium Edition
  - Internet Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition
                                            Service Pack 1 (Itanium)
  - Internet Explorer 6 for Microsoft Windows Server 2003
  - Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and
                            Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
  - Internet Explorer 6 for Microsoft Windows XP Service Pack 2

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================