Microsoft KB Archive/918043

= Description of Software Update Services and Windows Server Update Services changes in content for 2005 =

Article ID: 918043

Article Last Modified on 8/30/2007

-

APPLIES TO


 * Microsoft Software Update Services 1.0
 * Microsoft Software Update Services 1.0

-





Important It is time to move to Microsoft Windows Server Update Services (WSUS). Software Update Services (SUS) 1.0 support time is running out. Besides the current capabilities in SUS 1.0, WSUS does the following:
 * Updates more than just Windows
 * Provides reporting and targeting capabilities
 * Gives administrators more control over the update process

For more information about WSUS, visit the following Microsoft Web site:

http://technet.microsoft.com/en-us/wsus/default.aspx

Note This article applies only to releases on the Microsoft Windows Update Web site. This article does not apply to security releases for products that are not supported by Windows Update.



SUMMARY
''This article is intended for use by administrators of Microsoft Software Update Services (SUS) and Windows Server Update Services (WSUS) servers. This article contains a cumulative list of content changes that have been made available for SUS and WSUS servers. Administrators can use this list both as a quick reference to content changes that have been made during routine synchronizations and as an explanation of these changes. This information will be updated either during our regular update releases on the second Tuesday of every month or whenever an unscheduled update is released. This article lists changes that were made on or after February 8, 2005. This article does not list changes that were made before that date.''



INTRODUCTION
This article contains a cumulative list of content changes that have been made available to Microsoft Software Update Services (SUS) and Windows Server Update Services (WSUS) servers on or after February 8, 2005.



Tuesday, December 20, 2005
Microsoft has released an updated version of the Approval Analyzer tool. The following Microsoft Knowledge Base article has been updated:

912307 Previously approved software updates may be unapproved if you synchronize a server that is running SUS 1.0 with Service Pack 1 after December 12, 2005

The new version of the Approval Analyzer tool addresses an issue that was discovered after Tuesday, December 13, 2005. Because of this issue, some updates that were not approved by the SUS administrator could be deployed. This issue only affected the original version of the Approval Analyzer tool. Therefore, if you have already followed the steps in article 912307, you do not have to take additional action.

If you have not taken steps to address the issue that is discussed in article 912307, or if you have run the original version of the Approval Analyzer tool, you should download and run the new version of the tool.

Tuesday, December 13, 2005
Microsoft is receiving reports of a Software Update Services (SUS) issue after content that was published on Tuesday, December 13, 2005, is synchronized. SUS administrators have reported that all previously approved updates are no longer approved and that their status appears as &quot;updated.&quot; For more information, click the following article number to view the article in the Microsoft Knowledge Base:

912307 Previously approved software updates may be unapproved if you synchronize a server that is running SUS 1.0 with Service Pack 1 after December 12, 2005

New security content
 MS05-054: Cumulative security update for Internet Explorer (KB905915)

Locale: All

Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Microsoft Update Catalog, Automatic Updates, SUS 1.0, and WSUS

Classification: Security

Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, and Microsoft Windows 98 Second Edition

Security severity rating:  Critical for all operating systems except the original release version of Windows Server 2003 and Windows Server 2003 Service Pack 1 (SP1) Moderate for the original release version of Windows Server 2003 and for Windows Server 2003 SP1

Approximate file sizes:  Windows 2000 update: 3,978 kilobytes (KB) Windows XP update: 4,864 KB</li> Windows Server 2003 update: 7,434 KB</li></ul>

Security issues have been identified that could let an attacker compromise a computer that is running Microsoft Internet Explorer and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905915 MS05-054: Cumulative security update for Internet Explorer

</li> MS05-055: Vulnerability in Windows kernel could allow elevation of privilege (KB908523)

Locale: All

Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Automatic Updates, SUS 1.0, and WSUS

Classification: Security

Target operating systems: Microsoft Windows 2000

Security Severity Rating: Important

Approximate file size: 1,565 KB

A security issue has been identified in Microsoft Windows-based systems that could let an attacker who successfully exploits this vulnerability take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

908523 MS05-055: Vulnerability in Windows kernel could allow elevation of privilege

</li></ul>

Changes to existing security content
 MS05-050: Vulnerability in DirectShow could allow remote code execution (KB904706)  Updated the binaries with specific targeting restrictions to prevent installation failures.</li> Updated detection.</li> Changed binaries.</li></ul>

MS05-050 has several versions, depending on the target operating system and the version of DirectX that is installed. Therefore, even though you may have already installed security update 904706 (MS05-050) from the Download Center, you may have deployed the wrong version of this update. Rescan by using Windows Update or by using WSUS to make sure that the correct version of this update is installed on the system. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

904706 MS05-050: Vulnerability in DirectShow could allow remote code execution

</li></ul>

New nonsecurity content
 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

Locale: All

Deployment: Windows Update, Microsoft Update, Automatic Updates, and WSUS

Classification: High priority, nonsecurity, update rollup

Target operating systems: Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000

After the download, this tool runs one time to examine a computer for infection by specific, prevalent malicious software. This malicious software includes Blaster, Sasser, and Mydoom. This tool helps remove any infection that it finds. If it finds an infection, the tool displays a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool, you can download a copy from the Microsoft Download Center or run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect a computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li> You cannot restore Windows XP with Service Pack 2 after you restore Windows XP with Service Pack 1 (KB835409)

Locale: All

Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Microsoft Update Catalog, Automatic Updates, SUS 1.0, and WSUS

Classification: High priority, nonsecurity

Target operating systems: Microsoft Windows XP

Approximate file size: 550 KB

Install this update on Windows XP Service Pack 1 systems to resolve the following issue: System Restore may not work correctly, or certain services may not function correctly after you use System Restore. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

835409 You cannot restore Windows XP with Service Pack 2 after you restore Windows XP with Service Pack 1

</li> Microsoft Office Outlook 2003 may stop responding on a computer that is running Windows Server 2003 or Windows XP (KB908521)

Locale: All

Deployment: WSUS only

Classification: Optional update, nonsecurity

Target operating systems: Microsoft Windows Server 2003 and Microsoft Windows XP

Approximate file sizes:  Windows XP update: 800 KB</li> Windows Server 2003 update: 832 KB</li></ul>

Install this update to resolve various issues that can occur when you use remote procedure call (RPC) for client/server communication in Microsoft Windows Server 2003 and in Microsoft Windows XP. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

908521 Office Outlook 2003 may stop responding on a computer that is running Windows Server 2003 or Windows XP

</li> <li>When Windows Automatic Updates tries to download updates on a Windows Server 2003-based or Windows XP-based computer, an access violation error may occur (KB910437)

Locale: All

Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Microsoft Update Catalog, Automatic Updates, SUS 1.0, and WSUS

Classification: High priority, nonsecurity, update

Target operating systems: Microsoft Windows Server 2003 and Microsoft Windows XP

Approximate file sizes: <ul> <li>Windows XP update: 1,166 KB</li> <li>Windows Server 2003 update: 1,298 KB</li></ul>

Install this update to prevent or to resolve an issue where an access violation error occurs when you use the Automatic Updates service. When this error occurs, Windows Update and Automatic Updates can no longer download updates. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

910437 When Windows Automatic Updates tries to download updates on a Windows Server 2003-based or Windows XP-based computer, an access violation error may occur

</li></ul>

Changes to existing nonsecurity content
<ul> <li>Microsoft Deploying .NET Applications Lifecycle Guide (KB829019) <ul> <li>Changed targeting to deploy only in English.</li> <li>Deployment: Windows Update, Microsoft Update, Windows Update Catalog, Microsoft Update Catalog, and WSUS</li> <li>Binaries have not changed.</li> <li>This update does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

829019 Benefits of the Microsoft .NET Framework

</li> <li>Description of Windows SharePoint Services Service Pack 2 (KB887624) <ul> <li>Metadata change only. Updated description text and updated detection metadata.</li> <li>Binaries have not changed.</li> <li>This update does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887624 Description of Windows SharePoint Services Service Pack 2

</li> <li>Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325) <ul> <li>Metadata change only. Updated the coinstall metadata.</li> <li>Binaries have not changed.</li> <li>This update does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

900325 Update Rollup 2 for Windows XP Media Center Edition 2005

</li></ul>

Removed content

 * '''Description of the Windows Genuine Advantage Notifications application (Norwegian article version) (KB905474)

Description of the Windows Genuine Advantage Notifications application (Swedish article version) (KB905474)'''

Locale: Norwegian and Swedish

Deployment: Windows Update, Microsoft Update, and Automatic Updates

905474 Description of the Windows Genuine Advantage Notifications application (Norwegian article version)

905474 Description of the Windows Genuine Advantage Notifications application (Swedish article version)

New nonsecurity content
<ul> <li>'''Description of the Windows Genuine Advantage Notifications application (Norwegian article version) (KB905474)

Description of the Windows Genuine Advantage Notifications application (Swedish article version) (KB905474)'''

Operating system locale: Norwegian and Swedish

Deployment: Windows Update, Microsoft Update, and Automatic Updates

Classification: Critical

File size: 940.76 KB

The Windows Genuine Advantage Notification tool indicates whether a copy of Windows is not genuine. If a system is found to be non-genuine, the tool will help the user to obtain a licensed copy of Windows.

905474 Description of the Windows Genuine Advantage Notifications application (Norwegian article version)

905474 Description of the Windows Genuine Advantage Notifications application (Swedish article version)</li> <li>Windows SharePoint Services Service Pack 2 (KB887624)

Operating system locale: Thai

Deployment: Windows Update, Microsoft Update, SUS, and WSUS

Classification: Service Pack

File size: 5,124 KB

Microsoft Windows SharePoint Services Service Pack 2 (SP2) provides the latest updates to Windows SharePoint Services. This service pack contains significant security enhancements and stability and performance improvements. After you install the service pack, you may have to restart the computer. After you have installed these updates, they cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887624 Description of Windows SharePoint Services Service Pack 2

</li> <li>An update is available for SQL Server 2000 Desktop Engine (SHAREPOINT) (KB909544)

Operating system locale: All

Deployment: Windows Update, Microsoft Update, and WSUS

Classification: Optional

File size: 29,028.7 KB

Install this package to update the Microsoft SQL Server 2000 Desktop Engine (Windows) component that is used by Windows Sharepoint Services (WSS). After you install this item, you may have to restart the computer. After you have installed this package, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

909544 An update is available for SQL Server 2000 Desktop Engine (SHAREPOINT)

</li> <li>Description of the software update for Base Smart Card Cryptographic Service Provider (KB909520)

Operating system locale: All

Deployment: Windows Update, Microsoft Update

Classification: Optional

File size: 626.28 KB

Base Smart Card Cryptographic Service Provider (Base CSP) package makes it easy for smart card vendors to enable their smart cards in Windows. Vendors can use a lightweight proprietary card module instead of a full proprietary CSP. After you install this package, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

909520 Description of the software update for Base Smart Card Cryptographic Service Provider

</li> <li>An update is available for Windows Media Connect 2.0 (KB909993)

Operating system locale: All

Deployment: Windows Update, Microsoft Update

Classification: Optional

File size: 6,604.21 KB

Microsoft Windows Media Connect enables you to deliver music, photos, and videos from a computer to devices that support UPnP media streaming. These devices include digital audio receivers, connected DVD players, digital cable set-top boxes, gaming consoles, and more. After you install Windows Media Connect, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

909993 An update is available for Windows Media Connect 2.0

</li> <li>FIX: Protected content may no longer play after you install Update Rollup 2 for Windows XP Media Center Edition 2005 (KB910393)

Operating system locale: All

Deployment: Windows Update, Microsoft Update, Automatic Updates, and WSUS

Classification: High priority, nonsecurity

File Size: 1,408.26 KB

Install this update to prevent Windows Media Player 10 setup from overwriting digital rights management (DRM) files that are installed by Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325). After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

910393 FIX: Protected content may no longer play after you install Update Rollup 2 for Windows XP Media Center Edition 2005

</li></ul>

Changes to existing nonsecurity content
<ul> <li>Windows SharePoint Services Service Pack 2 (KB887624) <ul> <li>There was a problem with the Dutch binary that prevented a successful installation.</li> <li>The Dutch binary has changed.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887624 Description of Windows SharePoint Services Service Pack 2

</li></ul>

New security content
There is no new security content in this release.

Changes to existing security content
There is no change to existing security content

New nonsecurity content
There is no new nonsecurity content in this release.

Changes to existing nonsecurity content
<ul> <li>The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830) <ul> <li>Binaries have been changed.</li> <li>If you have successfully run the Microsoft Windows Malicious Software Removal Tool, you do not have to redeploy it.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li></ul>

New security content
<ul> <li>Microsoft Security Bulletin MS05-053: Vulnerabilities in graphics rendering engine could allow code execution (KB896424)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A remote code execution security issue has been identified in the Graphics Rendering Engine that could let an attacker remotely compromise a Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896424 Microsoft Security Bulletin MS05-053: Vulnerabilities in graphics rendering engine could allow code execution

</li></ul>

Changes to existing security content
<ul> <li>MS03-030: Unchecked buffer in DirectX could enable system compromise (KB819696) <ul> <li>Only metadata has changed.</li> <li>Updated detection to prevent reoffering.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

819696 MS03-030: Unchecked buffer in DirectX could enable system compromise

</li> <li>MS03-022: Vulnerability in ISAPI Extension for Windows Media Services may cause code execution (KB822343) <ul> <li>Only metadata has changed.</li> <li>Updated detection to prevent reoffering.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

822343 MS03-022: Vulnerability in ISAPI extexsion for Windows Media Services may cause code execution

</li> <li>Microsoft has released a security update to Microsoft Windows Media Player 9 (KB885492) <ul> <li>Only metadata has changed.</li> <li>Updated detection to correctly offer to WS03.</li> <li>Binaries have not changed.</li> <li>Changed severity to Critical to match bulletin.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

885492 Microsoft has released a security update to Microsoft Windows Media Player 9

</li> <li>MS05-032: Vulnerability in Microsoft agent could allow spoofing (KB890046) <ul> <li>Only metadata has changed.</li> <li>Updated targeting.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890046 MS05-032: Vulnerability in Microsoft agent could allow spoofing

</li> <li>MS05-030: Vulnerability in Outlook Express could allow remote code execution (KB897715) <ul> <li>Only metadata has changed.</li> <li>Updated detection to prevent reoffering.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

897715 MS05-030: Vulnerability in Outlook Express could allow remote code execution

</li></ul>

Microsoft Software Update Services removals

 * MS02-054: Unchecked buffer in file decompression functions may allow attacker to run code (KB329048)

New nonsecurity content
<ul> <li>The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

After the download, this tool runs one time to check a computer for infection by specific, prevalent, malicious software. This malicious software includes Blaster, Sasser, and Mydoom. This tool also helps remove any infection that is found. If an infection is found, the tool displays a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on a computer, download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool does not replace an antivirus product. To help protect a computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li> <li>Microsoft Deploying .NET Applications Lifecycle Guide (KB829019)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

The Microsoft .NET Framework version 2.0 improves scalability and performance with the following features: <ul> <li>Improved caching</li> <li>Application deployment and updating by using ClickOnce</li> <li>Support for the broadest array of browsers and devices that have ASP.NET 2.0 controls and services</li></ul>

After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

829019 Benefits of the Microsoft .NET Framework

</li> <li>Description of Windows SharePoint Services Service Pack 2 (KB887624)

Microsoft Windows Server 2003

Hindi, Thai, Bulgarian, Croatian, Estonian, Latvian, Lithuanian, Romanian, Serbian (Latin), Slovak, Slovenian, and Ukrainian

Windows SharePoint Services Language Template Pack Service Pack 2 guarantees that Windows SharePoint Services performs with full functionality when a Language Template Pack is installed. After you install this item, you may have to restart the computer. After you install this item, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887624 Description of Windows SharePoint Services Service Pack 2

</li></ul>

Changes to existing nonsecurity content
<ul> <li>How to disable the ADODB.Stream object from Internet Explorer (KB870669) <ul> <li>This item was superseded by security bulletin MS05-052. It is typical to keep superseded content available in SUS for one year. However, this item was unintentionally removed from SUS on October 12, 2005. We are republishing this item as an SUS-only item, where it will remain until October, 2006.</li> <li>Only metadata has changed. No other changes.</li> <li>Binaries have not changed.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

870669 How to disable the ADODB.Stream object from Internet Explorer

</li></ul>

Microsoft Software Update Services removals

 * Media Center recordings may be deleted when you change the recording storage location (KB838358)
 * You cannot log on to a Web site or complete an Internet transaction, or you receive an HTTP 500 (Internal Server Error) Web page (KB831167)

Changes to existing security content
<ul> <li>MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering (KB905495)

Note The changes are only to Microsoft Software Update Services 1.0. <ul> <li>Only metadata has changed.</li> <li>The forward link has been updated to link to the correct bulletin.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905495 MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering

</li> <li>MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution (KB902400)

Note The changes are only to Microsoft Software Update Services 1.0. The bulletin information has changed.

Microsoft Windows 2000 <ul> <li>Metadata has changed for the Windows 2000 version of security bulletin MS05-051. The metadata was changed to remove MS04-012 from the superseded security bulletin list. Security bulletin MS05-051 for Windows 2000 does not supersede the Windows 2000 version of security bulletin MS04-012.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

902400 MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution

</li></ul>

Priority updates – AutoUpdate and WSUS (SUS 2.0)
<ul> <li>Office programs may stop responding when you save a new file to a floppy disk drive on a Windows 2000-based computer that has Update Rollup 1 for Windows 2000 SP4 installed (KB904368)

Microsoft Windows 2000 Service Pack 4

Install this update to resolve an issue in which Microsoft Office programs may stop responding when you try to save new files to a floppy disk drive after you install Update Rollup 1 for Windows 2000 Service Pack 4. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

904368 Office programs may stop responding when you save a new file to a floppy disk drive on a Windows 2000-based computer that has Update Rollup 1 for Windows 2000 SP4 installed

</li></ul>

Optional updates – not Priority, not AutoUpdate, not WSUS or SUS
<ul> <li>Update for Windows Media Digital Rights Management-enabled players (KB891122)

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

Install this update to enable a computer to access premium content that is protected by Windows Media Digital Rights Management. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

891122 Update for Windows Media Digital Rights Management-enabled players

</li> <li>FIX: Some portable devices may take 30 seconds or longer to start playing back a piece of content when you play subscription content that is protected by Windows Media DRM that uses chained licenses (KB902344)

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2

Install this update on a computer if you use a portable device that accesses subscription media content that is protected by Windows Media Digital Rights Management. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

902344 FIX: Some portable devices may take 30 seconds or longer to start playing back a piece of content when you play subscription content that is protected by Windows Media DRM that uses chained licenses

</li></ul>

Priority updates – AutoUpdate and WSUS (SUS 2.0)
<ul> <li>Update Rollup 908250 is available for computers that are running Update Rollup 2 for Microsoft Windows XP Media Center Edition 2005 (KB908250)

Microsoft Windows XP Media Center Edition 2005 <ul> <li>Only metadata has changed. The classification was upgraded from an Optional update to Priority/AutoUpdate. Localized titles and the support URL have been corrected.</li> <li>Binaries have not changed.</li> <li>You do not have to reinstall this update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

908250 Update Rollup 908250 is available for computers that are running Update Rollup 2 for Microsoft Windows XP Media Center Edition 2005

</li></ul>

New security content
There is no new security content in this release.

Changes to existing security content
Note These changes are only to Windows Software Update Services (WSUS). These changes do not affect SUS 1.0.

Updated deployment method
<ul> <li>MS05-052: Cumulative security update for Internet Explorer (KB896688) <ul> <li>Microsoft Windows XP SP2 only.</li> <li>Updated deployment method to improve download performance.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896688 MS05-052: Cumulative security update for Internet Explorer

</li></ul>

Change in severity rating from &quot;Critical&quot; to &quot;Important&quot;
<ul> <li>MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution (KB900725) <ul> <li>Metadata change only.</li> <li>Bulletin and communications correctly listed this update as &quot;Important,&quot; but WSUS incorrectly listed this update as &quot;Critical.&quot; This update has been re-released as &quot;Important.&quot;</li> <li>Binaries did not change.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

900725 MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution

</li></ul>

Update to replacement information
<ul> <li>MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege (KB905749) <ul> <li>Metadata change only.</li> <li>The metadata has been updated to show that this update supersedes the previously released update 899588 (MS05-039).</li> <li>Binaries did not change.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905749 MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege

</li></ul>

Forward link update
<ul> <li>MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering (KB905495) <ul> <li>Metadata change only.</li> <li>The forward link has been updated to link to the correct bulletin.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall this security update.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905495 MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering

</li></ul>

New nonsecurity content
There is no new nonsecurity content in this release.

Changes to existing nonsecurity content
There are no changes to existing nonsecurity content in this release.

New security content
<ul> <li>MS05-052: Cumulative security update for Internet Explorer (KB896688)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

Security issues have been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896688 MS05-052: Cumulative security update for Internet Explorer

</li> <li>MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution (KB902400)

Bulletin Severity: Critical

Microsoft Windows XP SP1, Microsoft Windows 2000

Bulletin Severity: Important

Microsoft Windows XP SP2, Microsoft Windows Server 2003

A remote code execution security issue has been identified that could allow an attacker to remotely compromise a Windows-based system and gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

902400 MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution

</li> <li>MS05-050: Vulnerability in DirectShow could allow remote code execution (KB904706)

Bulletin Severity: Critical

DirectX 8.1, DirectX 9.0, Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system by using DirectShow and to gain control over the system. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

904706 MS05-050: Vulnerability in DirectShow could allow remote code execution

</li> <li>MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution (KB900725)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an authenticated attacker to gain access to and potentially compromise a Microsoft Windows-based system. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

900725 MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution

</li> <li>Vulnerability in the Microsoft Collaboration Data Objects could allow code execution (Windows) (KB901017)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system by using Collaboration Data Objects (CDO) and to gain control over the system. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

901017 Vulnerability in the Microsoft Collaboration Data Objects could allow code execution (Windows)

</li> <li>MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege (KB905749)

Bulletin Severity: Important

Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Plug and Play service that could allow an authenticated attacker to compromise a Microsoft Windows-based system and to gain control over the system. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905749 MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege

</li> <li>MS05-046: Vulnerability in the Client Service for NetWare could allow remote code execution (KB899589)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Client Service for NetWare that could allow an attacker to compromise a Microsoft Windows-based system and to gain control over the system, if you have installed this service. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

899589 MS05-046: Vulnerability in the Client Service for NetWare could allow remote code execution

</li> <li>MS05-045: Vulnerability in Network Connection Manager could allow denial of service (KB905414)

Bulletin Severity: Moderate

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A denial of service security issue has been identified that could cause the Network Manager service to stop responding on a Windows-based system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905414 MS05-045: Vulnerability in Network Connection Manager could allow denial of service

</li> <li>MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering (KB905495)

Bulletin Severity: Moderate

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified that could allow an attacker to tamper with the file transfer location on a computer when you use the Microsoft Windows FTP (File Transfer Protocol) client. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905495 MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering

</li></ul>

Changes to existing security content
There are no changes to existing security content for this release.

New nonsecurity content
<ul> <li>The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

After the download, this tool runs one time to examine the computer for infection by specific, prevalent malicious software. (This software includes Blaster, Sasser, and Mydoom.) This tool helps remove any infection that it finds. If it finds an infection, the tool displays a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on the computer, you can download a copy from the Microsoft Download Center or run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect the computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li> <li>Windows SharePoint Services Service Pack 2 (KB887624)

Windows SharePoint Services Service Pack 2 (SP2) provides the latest updates to Windows SharePoint Services. This service pack contains significant security enhancements, in addition to stability and performance improvements. After you install this item, you may have to restart the computer. After you have installed this item, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887624 Description of Windows SharePoint Services Service Pack 2

</li> <li>Windows SharePoint Services Service Pack 2 (KB887624)

Windows SharePoint Services Language Template Pack Service Pack 2 guarantees that Windows SharePoint Services performs with full functionality when a Language Template Pack is installed. After you install this item, you may have to restart the computer. After you have installed this item, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887624 Description of Windows SharePoint Services Service Pack 2

</li></ul>

Changes to existing nonsecurity content
There are no changes to existing nonsecurity content in this release.

Updated detection to prevent a reoffering that was reported on a limited number of Microsoft Windows Server 2003-based systems that had no service packs installed
<ul> <li>

893756 MS05-040: Vulnerability in Telephony service could allow remote code execution

</li> <li>

896727 MS05-038: Cumulative security update for Internet Explorer

</li> <li>

896428 MS05-033: Vulnerability in Telnet client could allow information disclosure

</li> <li>

896422 MS05-027: Vulnerability in Server Message Block could allow remote code execution

</li> <li>

896358 MS05-026: A vulnerability in HTML Help could allow remote code execution

</li> <li>

899588 MS05-039: Vulnerability in Plug and Play could allow remote code execution and elevation of privilege

</li> <li>

899587 MS05-042: Vulnerabilities in Kerberos could allow denial of service, information disclosure, and spoofing

</li> <li>

890046 MS05-032: Vulnerability in Microsoft agent could allow spoofing

</li> <li>

899591 MS05-041: Vulnerability in Remote Desktop Protocol could allow denial of service

</li> <li>MS05-025: Cumulative security update for Internet Explorer (KB883939) <ul> <li>Detection was updated to prevent a reoffering that was reported on a limited number of Microsoft Windows Server 2003-based systems that had no service packs installed.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall these security updates.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

883939 MS05-025: Cumulative security update for Internet Explorer

</li></ul>

Change severity rating
<ul> <li>MS05-038: Cumulative security update for Internet Explorer (KB896727) <ul> <li>This change is to metadata only. Metadata showed severity incorrectly rated as Important. Re-releasing with severity accurately set to Critical.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall security update 896727.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896727 MS05-038: Cumulative Security Update for Internet Explorer

887998 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Media Center and Tablet PC Editions

886903 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.1 Service Pack 1

</li> <li>ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 (KB886906) <ul> <li>This change is to metadata only. Metadata showed severity incorrectly rated as Critical. Re-releasing with severity accurately set to Important.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall these security updates.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

886906 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3

</li></ul>

Metadata change to the installation command to resolve installation failures
<ul> <li>MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise (KB825119) <ul> <li>This change to metadata corrects switch settings to resolve installation failures.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall security update 825119.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

825119 MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise

</li></ul>

Text change
<ul> <li>MS04-016: Vulnerability in DirectPlay could allow denial of service (KB839643) <ul> <li>This change is a metadata change to Text.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall security update 839643.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

839643 MS04-016: Vulnerability in DirectPlay could allow denial of service

</li></ul>

Metadata change to restart settings
<ul> <li>MS05-037: Vulnerability in JView Profiler could allow remote code execution (KB903235) <ul> <li>This change is a metadata change to restart settings.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall security update 903235.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

903235 MS05-037: Security Update for JView Profiler

</li></ul>

Category change from IA-64 to x64
<ul> <li>

896428 MS05-033: Vulnerability in Telnet client could allow information disclosure

</li> <li>

896422 MS05-027: Vulnerability in Server Message Block could allow remote code execution

</li> <li>

896358 MS05-026: A vulnerability in HTML Help could allow remote code execution

</li> <li>MS05-025: Cumulative security update for Internet Explorer (KB883939) <ul> <li>This change is a metadata change to fix a category listing. There is no change to the way the package is offered.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall these security updates.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

883939 MS05-025: Cumulative security update for Internet Explorer

</li></ul>

New nonsecurity content
<ul> <li> The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

Microsoft Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000
After the download, this tool runs one time to examine the computer for infection by specific, prevalent malicious software. This malicious software includes Blaster, Sasser, and Mydoom. The tool also helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to run the tool on the computer manually, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool does not replace an antivirus product. To help protect the computer, use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li></ul>

Changes to existing nonsecurity content
<ul> <li>Update Rollup 1 for Windows 2000 SP4 and known issues (KB891861)

Microsoft Windows 2000 Service Pack 4 <ul> <li>Binaries were updated.</li> <li>You do not have to reinstall update 891861.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

891861 Update Rollup 1 for Windows 2000 SP4 and known issues

</li> <li>A fix is available for a registry problem on Dell PowerEdge servers that have specific nonnative disk controllers and factory installed versions of Windows Server 2003 (KB898792) <ul> <li>Updated detection to prevent a reoffering that was reported on a limited number of Microsoft Windows Server 2003-based systems that had no service packs installed.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall update 898792.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898792 A fix is available for a registry problem on Dell PowerEdge servers that have specific nonnative disk controllers and factory installed versions of Windows Server 2003

</li> <li>Windows XP Service Pack 2 <ul> <li>Updated the superseded items list and the reference Knowledge Base number.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall this service pack.</li></ul> </li> <li>Windows 2000 Service Pack 4 Network Install for IT Professionals <ul> <li>Chinese (Hong Kong) only.</li> <li>Updated targeting.</li> <li>Binaries did not change.</li> <li>You do not have to reinstall this update.</li></ul> </li></ul>

New security content
<ul> <li>MS05-038: Cumulative security update for Internet Explorer (KB896727)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

Security issues have been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and to gain control over the computer. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896727 MS05-038: Cumulative security update for Internet Explorer

</li> <li>MS05-039: Vulnerability in Plug and Play could allow remote code execution and elevation of privilege (KB899588)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Plug and Play service that could allow an attacker to compromise the Microsoft Windows-based system and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

899588 MS05-039: Vulnerability in Plug and Play could allow remote code execution and elevation of privilege

</li> <li>MS05-040: Vulnerability in Telephony service could allow remote code execution (KB893756)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Telephony API (TAPI) that could allow an attacker to compromise the Microsoft Windows-based system and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893756 MS05-040: Vulnerability in Telephony service could allow remote code execution

</li> <li>MS05-041: Vulnerability in Remote Desktop Protocol could allow denial of service (KB899591)

Bulletin Severity: Moderate

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Remote Desktop Protocol (RDP) that could allow an attacker to remotely cause the Microsoft Windows-based system to stop responding. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

899591 MS05-041: Vulnerability in Remote Desktop Protocol could allow denial of service

</li> <li>MS05-042: Vulnerabilities in Kerberos could allow denial of service, information disclosure, and spoofing (KB899587)

Bulletin Severity: Moderate

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to gain access to sensitive data transmitted through the Microsoft Windows-based system in a domain environment and to perform denial of service attacks against domain controllers. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

899587 MS05-042: Vulnerabilities in Kerberos could allow denial of service, information disclosure, and spoofing

</li> <li>MS05-043: Vulnerability in Print Spooler service could allow remote code execution (KB896423)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Print Spooler service that could allow an attacker to compromise the Microsoft Windows-based system and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896423 MS05-043: Vulnerability in Print Spooler service could allow remote code execution

</li></ul>

Changes to existing security content
<ul> <li>MS05-025: Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB883939) <ul> <li>Updated detection to prevent a reoffering in Microsoft Windows Small Business Server.</li> <li>Binaries did not change.</li> <li>Update 883939 ( MS05-025) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

883939 MS05-025: Cumulative Security Update for Internet Explorer for Windows Server 2003

</li> <li>MS05-026: A vulnerability in HTML Help could allow remote code execution (KB896358) <ul> <li>Updated detection to prevent a reoffering on Windows Small Business Server.</li> <li>Binaries did not change.</li> <li>Update 896358 ( MS05-026) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896358 MS05-026: A vulnerability in HTML Help could allow remote code execution

</li> <li>MS05-027: Vulnerability in Server Message Block could allow remote code execution (KB896422) <ul> <li>Updated detection to prevent a reoffering in Windows Small Business Server.</li> <li>Binaries did not change.</li> <li>MS05-027 does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896422 MS05-027: Vulnerability in Server Message Block could allow remote code execution

</li> <li>MS05-032: Vulnerability in Microsoft agent could allow spoofing (KB890046) <ul> <li>Microsoft updated this bulletin to advise customers that a revised version of the security update is available for the following systems: <ul> <li>Microsoft Windows Server 2003 for Itanium-based systems and Microsoft Windows Server 2003 with SP1 for Itanium-based systems</li> <li>Microsoft Windows Server 2003, x64-based versions</li> <li>Microsoft Windows XP Professional x64 Edition</li></ul> </li> <li>Binaries did change.</li> <li>Update 890046 (MS05-032) does have to be reinstalled on the systems listed above.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890046 MS05-032: Vulnerability in Microsoft agent could allow spoofing

</li> <li>MS05-032: Vulnerability in Microsoft agent could allow spoofing (KB890046) <ul> <li>Updated detection to prevent a reoffering in Windows Small Business Server.</li> <li>Binaries did not change.</li> <li>Update 890046 (MS05-032) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890046 MS05-032: Vulnerability in Microsoft agent could allow spoofing

</li> <li>MS05-033: Vulnerability in Telnet client could allow information disclosure (KB896428) <ul> <li>Updated detection to prevent a reoffering on Windows Small Business Server.</li> <li>Binaries did not change.</li> <li>Update 896428 (MS05-033) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896428 MS05-033: Vulnerability in Telnet client could allow information disclosure

</li> <li>MS05-030: Vulnerability in Outlook Express could allow remote code execution (KB897715) <ul> <li>Title change to remove the word “cumulative.&quot; This update does not supersede any previously released Outlook Express cumulative update.</li> <li>Updated detection so previously released Outlook Express cumulative security updates are offered and installed before this update is offered.</li> <li>Binaries did not change.</li> <li>Update 897715 (MS05-030) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

897715 MS05-030: Vulnerability in Outlook Express could allow remote code execution

</li> <li>MS04-018: Cumulative Security Update for Outlook Express (KB823353) <ul> <li>Update is no longer superseded by security bulletin MS05-030. Therefore, previous changes are reversed.</li> <li>Binaries did not change.</li> <li>Update 823353 (MS04-018) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

823353 MS04-018: Cumulative Security Update for Outlook Express

</li> <li>MS04-004: Cumulative Security Update for Internet Explorer (KB832894) <ul> <li>This item should remain static on the site as it is the last Internet Explorer 5.5 Service Pack 2 cumulative update that is available for Windows 2000.</li> <li>Binaries did not change.</li> <li>Update 832894 (MS04-004) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

832894 MS04-004: Cumulative Security Update for Internet Explorer

</li> <li>MS03-043: Security Update for Windows 2000 – SUS 1.0 (V4 only) (KB828035) <ul> <li>On June 28, 2005, this update was rereleased to comply with the initial release of Update Rollup 1 for Windows 2000 Service Pack 4 (SP4). It was noted after the June 28, 2005, release that the binaries that were used for the SP4-only version of 828035 appeared to be older than those that were originally released on Windows Update in October 2003. The correct binaries were reloaded into the SP4-only version of 828035, and that version was rereleased on August 9, 2005. Binaries did change. Update 828035 (MS03-043) may have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

828035 MS03-043: Buffer overrun in Messenger service could allow code execution

</li> <li>MS03-007: Unchecked buffer in Windows component may cause Web Server compromise (KB815021) <ul> <li>The Windows XP version of 815021 is not superseded by security bulletin MS04-032. Therefore, this item is being returned to all channels.</li> <li>Binaries did not change.</li> <li>Update 815021 (MS03-007) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

815021 MS03-007: Unchecked buffer in Windows component may cause Web Server compromise

</li> <li>MS02-050: Certificate validation flaw might permit identity spoofing (KB329115) <ul> <li>Updated detection to prevent a reoffering if the Windows 2000 SP4 Update Rollup has been installed.</li> <li>Binaries did not change.</li> <li>Update 329115 (MS02-050) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

329115 MS02-050: Certificate validation flaw might permit identity spoofing

</li> <li>MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise (KB825119) <ul> <li>Updated detection to prevent reoffering.</li> <li>Binaries did not change.</li> <li>Update 825119 (MS03-044) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

825119 MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise

</li></ul>

New nonsecurity content
<ul> <li>The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

After the download, this tool runs one time to examine the computer for infection by specific, prevalent malicious software. (This software includes Blaster, Sasser, and Mydoom.) and helps remove any infection that it finds. If an infection is found, the tool will display a status report the next time that you start the computer. A new version of the tool will be offered every month. If you want to manually run the tool on a computer, you can download a copy from the Microsoft Download Center or run an online version from Microsoft.com. This tool does not replace an antivirus product. To help protect a computer, you should use an antivirus product. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li> <li>You receive a &quot;Generic Host Process&quot; error message after you start the computer, or DBCS attachment file names are not displayed in Rich Text e-mail messages (KB894391)

Install this update to address an issue that may cause a &quot;Generic Host Process&quot; error message to appear after you install security update 894391 (MS05-012). The issue may also cause attachment file names not to be displayed in Rich Text e-mail messages. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

894391 You receive a &quot;Generic Host Process&quot; error message after you start the computer, or DBCS attachment file names are not displayed in Rich Text e-mail messages

</li> <li>An update that addresses Outlook Express 6.0 issues is available for Windows XP (KB900930)

Microsoft Windows XP Service Pack 2

Install this update to address multiple Outlook Express issues in Windows XP. This update addresses an issue in which messages are incorrectly handled if the subject line contains the word “begin” and a display issue regarding watched threads in newsgroups. This update also addresses two issues in which Outlook Express stops responding. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

900930 An update that addresses Outlook Express 6.0 issues is available for Windows XP

</li> <li>Memory leak in Windows XP Tablet PC Edition (KB895953)

Microsoft Windows XP Tablet PC Edition 2005

Install this update to address an issue causing a gradual decrease in available system memory in Windows XP Tablet PC Edition 2005. This loss in available memory causes a decrease in system performance. This gradual loss of available computer memory is caused by an issue in the tcserver.exe service. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

895953 Memory leak in Windows XP Tablet PC Edition

</li></ul>

Changes to existing nonsecurity content
<ul> <li>Description of the cumulative update for Outlook Express (KB887797) <ul> <li>Update is no longer superseded by security bulletin MS05-030. Therefore, previous changes were reversed.</li> <li>Updated the WS03 version to include a prerequisite detection change that was implemented for all other operating system versions of this update.</li> <li>Binaries did not change.</li> <li>Update 887797 does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887797 Description of the cumulative update for Outlook Express

</li> <li>Update for Windows Media Player URL script command behavior (KB828026) <ul> <li>Updated detection to prevent a reoffering.</li> <li>Binaries did not change.</li> <li>Update 828026 does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

828026 Update for Windows Media Player URL script command behavior

</li></ul>

Changes to existing security content
<ul> <li>MS05-026: A vulnerability in HTML Help could allow remote code execution (KB896358) <ul> <li>Metadata was updated. Therefore, superseded updates (MS05-011, MS04-023, and MS03-044) are no longer offered.</li> <li>Binaries did not change.</li> <li>Security update 896358 (MS05-026) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896358 MS05-026: A vulnerability in HTML Help could allow remote code execution

</li> <li>MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise (KB825119) <ul> <li>Detection was updated to prevent reoffering.</li> <li>Binaries did not change.</li> <li>Security update 825119 (MS03-044) does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

825119 MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise

</li></ul>

Changes to existing nonsecurity content
<ul> <li>How to disable the ADODB.Stream object from Internet Explorer (KB870669)

Microsoft Windows XP <ul> <li>Updated so that update 870669 will now be offered to Windows Server Update Services.</li> <li>Binaries did not change.</li> <li>Update 870669 does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

870669 How to disable the ADODB.Stream object from Internet Explorer

</li> <li>HTML Help update to limit functionality when it is invoked with the window.showHelp method (KB811630) <ul> <li>V6 Classification error. Classification was changed from Update to Critical Update.</li> <li>Binaries did not change.</li> <li>Update 811630 does not have to be reinstalled.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

811630 HTML Help update to limit functionality when it is invoked with the window.showHelp method

</li></ul>

The following items were updated to take advantage of the WSUS locale filtering feature.
<ul> <li>Microsoft .NET Framework Service Pack 2

Affected localized versions: Korean (SDK Applied), Chinese (Simplified) (SDK Applied), English, Italian (SDK Applied), English (SDK Applied), Chinese (Simplified), Italian , German (SDK Applied), Chinese (Traditional) (SDK Applied), Chinese (Traditional), Japanese (SDK Applied), French (SDK Applied), Korean, Spanish, French, Spanish (SDK Applied), Japanese, German</li> <li>Microsoft Windows SharePoint Services Service Pack 1

For more information about this service pack, click the following article number to view the article in the Microsoft Knowledge Base:

841876 Description of Windows SharePoint Services Service Pack 1

Affected localized versions: Korean, Hungarian, Dutch, Turkish, Swedish, Polish, Hebrew, English, German, Czech, Japanese, Arabic, Chinese (Simplified), Spanish, French, Norwegian, Portuguese (Portugal), Danish, Chinese (Traditional), Greek, Finnish, Russian, Italian, Portuguese (Brazil)</li> <li>Security Update for Microsoft .NET Framework, Version 1.0 SP3

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

886906 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3

Localized versions: Italian, Chinese (Traditional), French, Japanese, English, Spanish, German, Korean, Chinese (Simplified)</li></ul>

Removed or expired content

 * Update for Windows XP Media Center Edition 2004 (KB836657)

Changes to existing security content
<ul> <li>MS05-018: Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service (KB890859)

A minor metadata change was made to resolve a possible Microsoft Systems Management Server (SMS) deployment issue. No changes were made to the binary or to detection. If you have already deployed this update, you do not have to redeploy it. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890859 MS05-018: Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service

</li></ul>

Changes to existing nonsecurity critical content

 * Microsoft Windows Server 2003 Service Pack 1

Targeting has been updated so that it describes the Microsoft Windows Server 2003 Service Pack 1 update as &quot;Installed&quot; and not as &quot;Not Needed.&quot;

New security content
<ul> <li>MS05-036: Vulnerability in Microsoft Color Management Module could allow remote code execution (KB901214)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Color Management Module that could allow an attacker to compromise a Microsoft Windows-based system and to gain control over it. You can help protect the computer by installing this update. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

901214 MS05-036: Vulnerability in Microsoft Color Management Module could allow remote code execution

</li> <li>MS05-037: Vulnerability in JView Profiler could allow remote code execution (KB903235)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and to gain control over it. You can help protect the computer by installing this update. This update sets a registry key that blocks attempts to take advantage of this security issue. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

903235 MS05-037: Vulnerability in JView Profiler could allow remote code execution

</li></ul>

New update rollup content
Update Rollup 1 for Windows 2000 SP4 and known issues (KB891861)

Microsoft Windows 2000 Service Pack 4

This update consists of previously released recommended, critical and security updates for Windows 2000 that are rolled into one convenient package. When you install this item, you obtain the same results as installing the individual updates. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

891861 Update Rollup 1 for Windows 2000 SP4 and known issues

New nonsecurity critical content
<ul> <li>A fix is available for a registry problem on Dell PowerEdge servers that have specific nonnative disk controllers and factory installed versions of Windows Server 2003 (KB898792)

Microsoft Windows Server 2003

This update fixes possible registry security value corruption on certain Dell PowerEdge servers that are running factory installed versions of Windows Server 2003 and specific disk controller configurations. By installing this update, you automatically verify and, if it is required, permanently repair this registry corruption issue. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898792 A fix is available for a registry problem on Dell PowerEdge servers that have specific nonnative disk controllers and factory installed versions of Windows Server 2003

</li> <li>Software update 898461 installs a permanent copy of the Package Installer for Windows version 6.1.22.4 (KB898461)

Microsoft Windows XP

This update installs a permanent copy of Package Installer for Windows to enable software updates to have a significantly smaller download size. The Package Installer makes it easier to install software updates for Microsoft Windows operating systems and other Microsoft products. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898461 Software update 898461 installs a permanent copy of the Package Installer for Windows version 6.1.22.4

</li> <li>You cannot correctly install security fixes in Windows XP Starter Edition (KB898543)

Microsoft Windows XP Starter Edition

This update resolves an issue with Windows-based systems that may prevent other software updates from installing correctly. It also resolves an issue that may reduce the maximum displayable screen resolution. This issue only affects computers that use one of the following languages: Brazilian Portuguese, Indonesian, Hindi, Malay, or Thai. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898543 You cannot correctly install security fixes in Windows XP Starter Edition

</li></ul>

New nonsecurity recommended content (unavailable on SUS)
<ul> <li>Description of the new features in Windows Rights Management Services 1.0 Service Pack 1 (KB839178)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

Rights Management Services (RMS) client Service Pack 1 contains software updates for RMS 1.0 and provides support for self-activating clients and client authentication by using smart cards and X.509 certificates. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

839178 Description of the new features in Windows Rights Management Services 1.0 Service Pack 1

</li> <li>Media Pack for Windows XP Home Edition N and Windows XP Professional N (KB886540)

Windows XP Home Edition N and Windows XP Professional N

Installation of the Media Pack makes sure that software programs and Web sites that rely on Windows Media Player, as defined by the European Commission, work correctly. After you install this item, you may have to restart the computer. After you have installed this item, it cannot be removed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

886540 Media Pack for Windows XP Home Edition N and Windows XP Professional N

</li> <li>Description of the new features in Windows Rights Management Services 1.0 Service Pack 1 (KB839178)

Microsoft Windows Server 2003

Rights Management Services (RMS) Service Pack 1 for Microsoft Windows Server 2003 contains software updates for RMS 1.0 and provides support for the following new features: <ul> <li>The ability to enroll the server that is running RMS without server-to-Internet connectivity</li> <li>Server application integration</li> <li>Better support for multiple language templates</li> <li>Support for dynamic groups in the Active Directory directory service</li></ul>

After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

839178 Description of the new features in Windows Rights Management Services 1.0 Service Pack 1

</li> <li>You cannot transfer files and settings from a computer that is running a 32-bit edition of Windows XP to a computer that is running Windows XP Professional x64 Edition (KB896344)

Microsoft Windows XP

The Files and Settings Transfer Wizard that is included in Windows XP SP2 does not support gathering data from a 32-bit Windows XP environment and applying it in a 64-bit Windows XP environment. Install this update to enable support for collecting data in a 32-bit Windows XP environment and applying it to a 64-bit Windows XP environment. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896344 You cannot transfer files and settings from a computer that is running a 32-bit edition of Windows XP to a computer that is running Windows XP Professional x64 Edition

</li></ul>

=
Changes are superseded by the Update Rollup and have been removed from the Windows Update site. However, changes will remain available through Software Update Services (SUS), Automatic Updates (AU) and Windows Update (WU) Catalog. =====

To mark this change for Windows 2000 SP4-only content, we had to touch all previously released security updates that were applicable and create new Windows 2000 SP4-only items. This may require a re-approval of the updates if you do not intend to deploy the Update Rollup. <ul> <li>

823182 MS03-041: Vulnerability in authenticode verification could allow remote code execution

</li> <li>

823559 MS03-023: Buffer overrun in the HTML converter could allow code execution

</li> <li>

824105 MS03-034: Flaw in NetBIOS could lead to information disclosure

</li> <li>

824141 MS03-045: Buffer overrun in the ListBox and in the ComboBox Control could allow code execution

</li> <li>

824151 MS04-030: Vulnerability in WebDAV XML message handler could lead to a denial of service

</li> <li>

825119 MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise

</li> <li>

826232 MS03-042: Buffer overflow in Windows Troubleshooter ActiveX control could allow code execution

</li> <li>

828035 MS03-043: Buffer overrun in Messenger service could allow code execution

</li> <li>

828741 MS04-012: Cumulative Update for Microsoft RPC/DCOM

</li> <li>

828749 MS03-049: Buffer Overrun in the Workstation Service Could Allow Code Execution

</li> <li>

835732 MS04-011: Security Update for Microsoft Windows

</li> <li>

837001 MS04-014: Vulnerability in the Microsoft Jet Database Engine could permit code execution

</li> <li>

839645 MS04-024: A vulnerability in the Windows shell could allow remote code execution

</li> <li>

840315 MS04-023: Vulnerability in HTML Help could allow code execution

</li> <li>

840987 MS04-032: Security update for Microsoft Windows

</li> <li>

841356 MS04-037: Vulnerability in Windows shell could allow remote code execution

</li> <li>

841533 MS04-031: Vulnerability in NetDDE could allow remote code execution

</li> <li>

841872 MS04-020: A vulnerability in POSIX could allow code execution

</li> <li>

841873 MS04-022: A vulnerability in Task Scheduler could allow code execution

</li> <li>

842526 MS04-019: A vulnerability in Utility Manager could allow code execution

</li> <li>

870763 MS04-045: Vulnerability in WINS could allow remote code execution

</li> <li>

871250 MS05-003: Vulnerability in the Indexing Service could allow remote code execution

</li> <li>

873333 MS05-012: Vulnerability in OLE and COM could allow remote code execution

</li> <li>

873339 MS04-043: Vulnerability in HyperTerminal could allow code execution

</li> <li>

885250 MS05-011: Vulnerability in server message block could allow remote code execution

</li> <li>

885834 MS05-010: Vulnerability in the License Logging service could allow code execution

</li> <li>

885835 MS04-044: Vulnerabilities in Windows Kernel and LSASS could allow elevation of privilege

</li> <li>

885836 MS04-041: A vulnerability in WordPad could allow code execution

</li> <li>

888113 MS05-015: Vulnerability in hyperlink object library could allow remote code execution in Windows Server 2003

</li> <li>

890047 MS05-008: Vulnerability in Windows shell could allow remote code execution

</li> <li>

890175 MS05-001: Vulnerability in HTML Help could allow code execution

</li> <li>

890859 MS05-018: Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service

</li> <li>

891711 MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution

</li> <li>

891781 MS05-013: Vulnerability in the DHTML editing component ActiveX control could allow code execution

</li> <li>

892944 MS05-017: Vulnerability in MSMQ could allow code execution

</li> <li>

893066 MS05-019: Vulnerabilities in TCP/IP could allow remote code execution and denial of service

</li> <li>

893086 MS05-016: Vulnerability in Windows Shell that could allow remote code execution

</li> <li>

839643 MS04-016: Vulnerability in DirectPlay could allow denial of service

</li> <li>

814078 MS03-008: Flaw in Windows Script Engine may allow code to run

</li> <li>

822343 MS03-022: Vulnerability in ISAPI Extension for Windows Media Services may cause code execution

</li> <li>

890923 MS05-020: Cumulative security update for Internet Explorer

</li></ul>

=
Changes are superseded by the update rollup and are removed from the Windows Update site. However, changes will remain available by using Software Update Services (SUS), Automatic Updates (AU), and the Windows Update Catalog. =====

To be able to mark this change for Windows 2000 SP4-only content, we had to touch all previously released updates that were applicable and create new Windows 2000 SP4-only items. This may require a re-approval of the updates if you do not intend to deploy the update rollup. <ul> <li>

820888 Computer stops responding (hangs) when it tries to mount an NTFS volume after you restart the computer

</li></ul>

New security content
<ul> <li>MS05-025: Cumulative security update for Internet Explorer (KB883939)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

Security issues have been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and to gain control over the computer. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

883939 MS05-025: Cumulative security update for Internet Explorer

</li> <li>MS05-026: Vulnerability in HTML Help could allow remote code execution (KB896358)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified in the HTML Help component that could allow an attacker to compromise a Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896358 MS05-026: A vulnerability in HTML Help could allow remote code execution

</li> <li>MS05-027: Vulnerability in server message block could allow remote code execution (KB896422)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in server message block that could allow an attacker to compromise a Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896422 MS05-027: Vulnerability in Server Message Block could allow remote code execution

</li> <li>MS05-028: A vulnerability in the Web Client Service could allow remote code execution (KB896426)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP

A security issue has been identified in the Web Client service that could allow an attacker to compromise a Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896426 MS05-028: A vulnerability in the Web Client Service could allow remote code execution

</li> <li>MS05-030: Vulnerability in Outlook Express could allow remote code execution (KB897715)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a computer that is running Microsoft Outlook Express and to gain control over the computer. User interaction is required to exploit this vulnerability. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

897715 MS05-030: Vulnerability in Outlook Express could allow remote code execution

</li> <li>MS05-031: Vulnerability in step-by-step interactive training could allow remote code execution (KB898458)

Bulletin Severity: Important

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in the Step-by-Step Interactive Training program that could allow an attacker to compromise a Microsoft Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898458 MS05-031: Vulnerability in step-by-step interactive training could allow remote code execution

</li> <li>MS05-032: Vulnerability in Microsoft agent could allow spoofing (KB890046)

Bulletin Severity: Moderate

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified in Microsoft Agent that could allow an attacker to compromise a Windows-based system and to gain control over the system. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890046 MS05-032: Vulnerability in Microsoft agent could allow spoofing

</li> <li>MS05-033: Vulnerability in Telnet client could allow information disclosure (KB896428)

Bulletin Severity: Moderate

Microsoft Windows Server 2003, Microsoft Windows XP

A security issue in Telnet has been identified that could allow an attacker to learn information about a Windows-based system. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896428 MS05-033: Vulnerability in Telnet client could allow information disclosure

</li></ul>

New binaries
<ul> <li>ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Media Center and Tablet PC Editions (KB887998)

Microsoft Windows XP Tablet PC Edition, Microsoft Windows XP Media Center Edition

A security issue has been identified that could allow an attacker to compromise a Windows-based system that is running the Microsoft .NET Framework and to gain access to restricted data. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887998 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Media Center and Tablet PC Editions

</li> <li>MS05-019: Vulnerabilities in TCP/IP could allow remote code execution and denial of service (KB893066)

Bulletin Severity: Critical

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based system and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893066 MS05-019: Vulnerabilities in TCP/IP could allow remote code execution and denial of service

</li></ul>

Updated for supersession
<ul> <li>

890923 MS05-020: Cumulative security update for Internet Explorer

</li> <li>

817606 MS03-024: Buffer overrun in Windows could lead to data corruption

</li> <li>

823353 MS04-018: Cumulative security update for Outlook Express

</li> <li>

825119 MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise

</li> <li>

840315 MS04-023: Vulnerability in HTML Help could allow code execution

</li> <li>

890175 MS05-001: Vulnerability in HTML Help could allow code execution

</li></ul>

Metadata or detection changes
<ul> <li>MS03-022: Vulnerability in ISAPI Extension for Windows Media Services may cause code execution (KB822343)

This update includes minor detection changes to prevent this item from being offered when Media Service is not installed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

822343 MS03-022: Vulnerability in ISAPI Extension for Windows Media Services may cause code execution

</li></ul>

New nonsecurity critical content
<ul> <li>An update for Windows Installer 3.1 is available for Windows Server 2003 S898715 and for the 64-bit editions of Windows XP (KB898715)

Portuguese (Brazil) and Spanish only

Microsoft Windows Server 2003

This update addresses compatibility issues with Microsoft Windows Installer 3.1 and with certain programs. These issues are described in Microsoft Knowledge Base article 898715. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898715 An update for Windows Installer 3.1 is available for Windows Server 2003 Service Pack 1 and for the 64-bit editions of Windows XP

</li> <li>Windows Installer 3.1 (v2) is available (KB893803)

Japanese-NEC only

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

Windows Installer 3.1 is the program installation and configuration service for Windows. The additional features in version 3.1 help make creating, distributing, and managing updates to programs easier and more efficient. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893803 Windows Installer 3.1 v2 (3.1.4000.2435) is available

</li></ul>

Updated for supersession
<ul> <li>

887797 Description of the cumulative update for Outlook Express

</li></ul>

Metadata or detection changes
<ul> <li>

870669 How to disable the ADODB.Stream object from Internet Explorer

This item is now marked for Windows Server Update Services (WSUS).</li></ul>

New nonsecurity recommended content

 * Root Certificates Update

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4

This item updates the list of root certificates on a computer to the latest list that is accepted by Microsoft as part of the Microsoft Root Certificate Program. Adding additional root certificates to a computer lets a greater range of security-enhanced Web browsing, secure e-mail, and secure code delivery programs work together seamlessly. This update includes root certificates from Verisign, Thawte, and Post.Trust in Ireland.

Software Update Services (SUS) 1.0

 * Microsoft Windows Server 2003 Service Pack 1

Locales released to date: Portuguese and Hungarian (released on May 24, 2005), Dutch, Swedish, Czech, Polish, Turkish (released on May 10, 2005), Chinese Traditional, Chinese Simplified, Portuguese Brazilian, Russian (released on April 26, 2005), Spanish, Italian and Korean (released on April 21, 2005), French and Japanese (released on April 18, 2005), English and German (released on March 28, 2005)

Microsoft Windows Server 2003, Enterprise Edition; Microsoft Windows Server 2003, Standard Edition; Microsoft Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools, such as the Security Configuration Wizard. These tools help secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth (precautionary defensive measures) by using Data Execution Protection and helps provide a safe and secure first-boot scenario by using the Post-setup Security Update Wizard.

Windows Update (WU) Consumer and Catalog sites

 * Windows Server 2003 Service Pack 1

Locales released to date: Portuguese and Hungarian (released May 24, 2005), Dutch, Swedish, Czech, Polish, Turkish (released on May 10, 2005), Chinese Traditional, Chinese Simplified, Chinese Hong-Kong (catalog only), Portuguese Brazilian, Russian (released on April 26, 2005), French, Italian, Spanish, Japanese, and Korean (released on April 18, 2005), English and German (released on March 28, 2005)

Microsoft Windows Server 2003, Enterprise Edition; Microsoft Windows Server 2003, Standard Edition; Microsoft Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools, such as the Security Configuration Wizard. These tools help secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection and helps provide a safe and secure first-boot scenario by using the Post-setup Security Update Wizard.

Changes to existing security content
<ul> <li>MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution (KB891711)

Microsoft Windows Millennium Edition

A security issue has been identified that could allow an attacker to compromise an affected system and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

891711 MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution

</li></ul>

Software Update Services (SUS) 1.0 and Windows Update (WU) Catalog
<ul> <li>An update for Windows Installer 3.1 is available for Windows Server 2003 S898715 and for the 64-bit editions of Windows XP (KB898715)

Microsoft Windows Server 2003 Service Pack 1

This update addresses application compatibility issues with Windows Installer 3.1 and with certain applications as described in Knowledge Base article 898715. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

898715 An update for Windows Installer 3.1 is available for Windows Server 2003 Service Pack 1 and for the 64-bit editions of Windows XP

</li></ul>

SUS 1.0, Windows Update (WU) Catalog Consumer, Catalog, and AutoUpdate
<ul> <li>Windows Installer 3.1 (v2) is available (KB893803)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, the original release version of Microsoft Windows Server 2003, the original release version of Microsoft Windows Server 2003 Datacenter Edition, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2

The Microsoft Windows Installer 3.1 is the application installation and configuration service for Windows. The additional features in version 3.1 help make creating, distributing, and managing updates to applications easier and more efficient. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893803 Windows Installer 3.1 v2 (3.1.4000.2435) is available

</li></ul>

New security updates
<ul> <li>MS05-024: Vulnerability in Web View could allow remote code execution (KB894320)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based computer and to gain control over the computer. You can help protect the computer by installing this update from Microsoft. After you install this item, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

894320 MS05-024: Vulnerability in Web View could allow remote code execution

</li></ul>

Software Update Services (SUS) 1.0

 * Microsoft Windows Server 2003 Service Pack 1

Locales released to date: Dutch, Swedish, Czech, Polish, and Turkish (released on May 10, 2005), Chinese Traditional, Chinese Simplified, Portuguese Brazilian, and Russian (released on April 26, 2005), Spanish, Italian, and Korean (released on April 21, 2005), French and Japanese (released on April 18, 2005), English and German (released on March 28, 2005)

Microsoft Windows Server 2003, Enterprise Edition; Microsoft Windows Server 2003, Standard Edition; Microsoft Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools, such as Security Configuration Wizard. These tools help secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection and helps provide a safe and secure first-boot scenario by using Post-setup Security Update Wizard.

Windows Update (WU) Consumer and Catalog sites

 * Windows Server 2003 Service Pack 1

Locales released to date: Dutch, Swedish, Czech, Polish, Turkish (released on May 10, 2005), Chinese Traditional, Chinese Simplified, Chinese Hong-Kong (catalog only), Portuguese Brazilian, Russian (released on April 26, 2005), French, Italian, Spanish, Japanese, and Korean (released on April 18, 2005), English and German (released on March 28, 2005)

Microsoft Windows Server 2003, Enterprise Edition; Microsoft Windows Server 2003, Standard Edition; Microsoft Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools, such as Security Configuration Wizard, that help secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection and helps provide a safe and secure first-boot scenario by using Post-setup Security Update Wizard.

Content removal
<ul> <li>Windows Installer 3.1 (v2) is available (KB893803)

Microsoft Windows 2000 Service Pack 3; Microsoft Windows 2000 Service Pack 4; the original release version of Microsoft Windows Server 2003; the original release version of Microsoft Windows Server 2003, Datacenter Edition; Microsoft Windows XP Service Pack 1; Microsoft Windows XP Service Pack 2

The Windows Installer 3.1 update has been removed because of unexpected compatibility issues with specific software applications. For more information, see the following articles in the Microsoft Knowledge Base:

893803 Windows Installer 3.1 v2 (3.1.4000.2435) is available

898628 Windows Installer fails silently after you upgrade to Windows Installer 3.1

</li></ul>

Software Update Services (SUS) 1.0

 * Microsoft Windows Server 2003 Service Pack 1

Locales released to date: Chinese Traditional, Chinese Simplified, Portuguese, Brazilian, Russian (released April 26, 2005), Spanish, Italian, Korean (released April 21, 2005), French, Japanese (released April 18, 2005), English, German (released March 28, 2005)

Microsoft Windows Server 2003, Enterprise Edition; Microsoft Windows Server 2003, Standard Edition; Microsoft Windows Server 2003, Web Edition

Republishing all locales to implement update to detection

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools, such as Security Configuration Wizard. Security Configuration Wizard helps secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection. Windows Server 2003 SP1 also helps provide a safe and secure first-boot scenario by using Post-setup Security Update Wizard.

Windows Update (WU) Consumer and Catalog sites

 * Microsoft Windows Server 2003 Service Pack 1

Locales released to date: Chinese Traditional, Chinese Simplified, Chinese Hong-Kong (catalog only), Portuguese, Brazilian, Russian (released April 26, 2005), French, Italian, Spanish, Japanese, and Korean (released April, 18, 2005), English and German (released March 28, 2005)

Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Web Edition

Republishing all locales to implement update to detection

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools such as Security Configuration Wizard. Security Configuration Wizard helps secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection. Windows Server 2003 SP1 also helps provide a safe and secure first-boot scenario by using Post-setup Security Update Wizard.

Metadata/behavior change
<ul> <li>MS05-003: Vulnerability in the Indexing Service could allow remote code execution (KB871250)

(This change applies only to the Dutch locale. It is a site-only issue. It does not affect SUS or WSUS.)

Microsoft Windows Server 2003

The Dutch express package installation command contained a typographic error that prevented the package from installing. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

871250 MS05-003: Vulnerability in the Indexing Service could allow remote code execution

</li> <li>MS03-045: Buffer overrun in the ListBox and in the ComboBox Control could allow code execution (KB824141)

Microsoft Windows Server 2003

Legacy targeting had to be changed to prevent this update from being offered to Windows Server 2003 SP1 users. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

824141 MS03-045: Buffer overrun in the ListBox and in the ComboBox Control could allow code execution

</li> <li>HTML Help update to limit functionality when it is invoked with the window.showHelp method (KB811630)

Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3

Corrected Windows Update (WU) catalog classification. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

811630 HTML Help update to limit functionality when it is invoked with the window.showHelp method

</li></ul>

Minor software update

 * Recommended update for DirectX 9.0 - Managed DirectX

Minor text changes and binary updates to prevent dialog boxes from appearing.

Software Update Services (SUS) 1.0

 * Microsoft Windows Server 2003 Service Pack 1

Locales released to date: French, Japanese (released on April 18, 2005), English, German (released on March 28, 2005), Spanish, Italian, Korean (will release on April 21, 2005)

Windows Server 2003, Enterprise Edition; Windows Server 2003, Standard Edition; Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools such as the Security Configuration Wizard. Security Configuration Wizard helps secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection. Windows Server 2003 SP1 also helps provide a safe and secure first-boot scenario by using the Post-setup Security Update Wizard.

Windows Update (WU) Consumer and Catalog sites

 * Windows Server 2003 Service Pack 1

Locales released to date: French, Italian, Spanish, Japanese and Korean (released on April 18, 2005), English, German (released March 28, 2005)

Windows Server 2003, Enterprise Edition; Windows Server 2003, Standard Edition; Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools such as the Security Configuration Wizard. The Security Configuration Wizard helps secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection. Windows Server 2003 SP1 also helps provide a safe and secure first-boot scenario by using the Post-setup Security Update Wizard.

Expired updates
These items have previously been removed from the site and are now expiring on Software Update Services (SUS).

Internet Explorer cumulative updates
<ul> <li>

828750 MS03-040: October, 2003, Cumulative Patch for Internet Explorer

</li> <li>

824145 MS03-048: November 2003 Cumulative Security Update for Internet Explorer

</li> <li>

832894 MS04-004: Cumulative Security Update for Internet Explorer

</li> <li>

834707 MS04-038: Cumulative Security Update for Internet Explorer

</li></ul>

New security updates
<ul> <li>MS05-016: Vulnerability in Windows Shell that could allow remote code execution (KB893086)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, the original release version of Microsoft Windows Server 2003, the original release version of Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2, Microsoft Windows Server 2003, Datacenter Edition for 64-bit Itanium-based Systems, Microsoft Windows Server 2003, Enterprise Edition for 64-bit Itanium-based Systems, Microsoft Windows XP Professional 64-Bit Edition (Itanium) 2003

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based computer and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893086 MS05-016: Vulnerability in Windows Shell that could allow remote code execution

</li> <li>MS05-017: Vulnerability in MSMQ could allow code execution (KB892944)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP 64-Bit Edition Service Pack 1, Microsoft Windows XP Professional Service Pack 1

A security issue has been identified in Microsoft Message Queuing (MSMQ) that could allow an attacker to compromise a Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

892944 MS05-017: Vulnerability in MSMQ could allow code execution

</li> <li>MS05-018: Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service (KB890859)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2, Microsoft Windows Server 2003, Datacenter Edition for 64-bit Itanium-based Systems, Microsoft Windows Server 2003, Enterprise Edition for 64-bit Itanium-based Systems, Microsoft Windows XP Professional 64-Bit Edition (Itanium) 2003

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890859 MS05-018: Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service

</li> <li>MS05-019: Vulnerabilities in TCP/IP could allow remote code execution and denial of service (KB893066)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2, Microsoft Windows Server 2003, Datacenter Edition for 64-bit Itanium-based Systems, Microsoft Windows Server 2003, Enterprise Edition for 64-bit Itanium-based Systems, Microsoft Windows XP Professional 64-Bit Edition (Itanium) 2003

A security issue has been identified that could allow an attacker to remotely compromise a Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893066 MS05-019: Vulnerabilities in TCP/IP could allow remote code execution and denial of service

</li> <li>MS05-020: Cumulative Security Update for Internet Explorer (KB890923)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890923 MS05-020: Cumulative security update for Internet Explorer

</li></ul>

New nonsecurity critical content
<ul> <li>An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000 (KB842773)

Microsoft Windows 2000 Service Pack 3; Microsoft Windows 2000 Service Pack 4; Microsoft Windows Server 2003; Microsoft Windows Server 2003, Datacenter Edition

This software updates the Background Intelligent Transfer Service (BITS) to version 2.0 and updates WinHTTP. These updates help make sure an optimal download experience. The updates use new versions of Automatic Updates, Windows Update, and other programs that rely on BITS to transfer files by using idle network bandwidth. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

842773 An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000

</li> <li>Windows Installer 3.1 (v2) is available (KB893803)

Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4; Microsoft Windows Server 2003; Microsoft Windows Server 2003, Datacenter Edition; Microsoft Windows XP Service Pack 1; Microsoft Windows XP Service Pack 2

Microsoft Windows Installer 3.1 is the application installation and configuration service for Windows. The additional features in version 3.1 help make creating, distributing, and managing updates to applications easier and more efficient. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

893803 Windows Installer 3.1 v2 (3.1.4000.2435) is available

</li> <li>Windows Server 2003 Service Pack 1

Locales released to date: English, German (shipped on March 28, 2005), Japanese, Korean, French, Spanish, Italian (will ship on April 18, 2005 to SUS).

Microsoft Windows Server 2003, Enterprise Edition; Microsoft Windows Server 2003, Standard Edition; Microsoft Windows Server 2003, Web Edition

Windows Server 2003 Service Pack 1 (SP1) enhances manageability, control, and security infrastructure by providing new security tools such as Security Configuration Wizard. This wizard helps secure a server for role-based operations. Windows Server 2003 SP1 improves defense-in-depth by using Data Execution Protection. Additionally, Windows Server 2003 SP1 provides a safe and secure first-boot scenario by using Post-setup Security Update Wizard. For more information, click the following article number to view the article in the Microsoft Knowledge Base:</li> <li>The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 (KB890830)

Microsoft Windows XP

After you download the Malicious Software Removal Tool, the tool runs one time to examine the computer for infection by specific, prevalent malicious software. (This software includes Blaster, Sasser, and Mydoom.) The tool automatically helps remove any variants found. After the tool runs, the tool is deleted from the computer. A new version of the tool is offered every month. If you want to manually run the tool on a computer, you can download a copy from the Microsoft Download Center, or you can run an online version from Microsoft.com. Besides using this tool, you should use an up-to-date antivirus product to help protect a computer from other malicious software. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

</li></ul>

New binaries:
<ul> <li>MS05-009: Microsoft has released a security update to Microsoft Windows Messenger (KB887472)

Microsoft Windows XP SP1

This update will be offered to v4.7.0.2009 users. The update changes prerequisite detection for the current live item from 4.7.0.2009 to 4.7.0.0041 for the Msmsgs.exe file. The original item was shipped to only update v4.7.0.2009 users. This is a rerelease of the same item. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887472 MS05-009: Microsoft has released a security update to Microsoft Windows Messenger

</li> <li>MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution (KB891711)

Microsoft Windows 98, Microsoft Windows Millennium Edition

A security issue has been identified that could allow an attacker to compromise a Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

891711 MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution

</li></ul>

Updated for supersession:
<ul> <li>

890047 MS05-008: Vulnerability in Windows shell could allow remote code execution

</li> <li>

867282 MS05-014: Cumulative security update for Internet Explorer

</li> <li>

891711 MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution

Microsoft Windows 2000 | Microsoft Windows XP</li></ul>

Expired security updates
These items have previously been removed from the site and are now expiring on SUS. This is per the agreement to keep content on SUS for one additional year. <ul> <li>

811493 MS03-013: Buffer overrun in Windows kernel message handling could lead to elevated privileges

Note This item is removed for Windows XP only in Windows Update Services (WUS). It is not a Software Update Services (SUS) 1.0-related issue.</li></ul>

New security updates
There are no new security updates for this release.

New nonsecurity critical updates
There are no new nonsecurity updates for this release.

Targeting changes:
The operating systems on the identified items have been changed from &quot;Windows Server 2003 Family&quot; to &quot;Windows Server 2003 RTM.&quot; The goal is to prevent the identified items from being offered to Windows Server 2003 Service Pack 1 (SP1) users.

839643 MS04-016: Vulnerability in DirectPlay could allow denial of service

823353 MS04-018: Cumulative security update for Outlook Express

832483 MS04-003: Buffer overrun in an MDAC function could allow code execution

819696 MS03-030: Unchecked Buffer in DirectX could enable system compromise

823182 MS03-041: Vulnerability in Authenticode verification could allow remote code execution

823559 MS03-023: Buffer overrun in the HTML converter could allow code execution

824105 MS03-034: Flaw in NetBIOS could lead to information disclosure

825119 MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise

828035 MS03-043: Buffer overrun in Messenger service could allow code execution

828741 MS04-012: Cumulative update for Microsoft RPC/DCOM

833987 MS04-028: Buffer overrun in JPEG processing (GDI+) could allow code execution

835732 MS04-011: Security Update for Microsoft Windows

837001 MS04-014: Vulnerability in the Microsoft Jet Database Engine could permit code execution

839645 MS04-024: A vulnerability in the Windows shell could allow remote code execution

840315 MS04-023: Vulnerability in HTML Help could allow code execution

819639 MS03-021: A flaw in Windows Media Player may permit the Media Library to be accessed

840374 MS04-015 Security Update for Microsoft Windows

Detection change:
824105 MS03-034: Flaw in NetBIOS could lead to information disclosure

There was a minor change to detection to prevent possible reoffering.

Targeting changes:
The operating systems on the identified items have changed from &quot;Windows Server 2003 Family&quot; to &quot;Windows Server 2003 RTM&quot; on version 4. The goal is to prevent the identified items from being offered by the v4 catalog and consumer site to Windows Server 2003 Service Pack 1 (SP1) users.

872769 You cannot configure Windows Firewall settings or Security Center settings on a Windows XP Service Pack 2-based client computer that is in a Windows Small Business Server 2003-based network

870669 How to disable the ADODB.Stream object from Internet Explorer

837272 The time to copy increases as the number of items in the Media Library increases for Windows Media Player 9 Series

843496 Description of Windows Media Services 9 Series software update package: July 13, 2004

828026 Update for Windows Media Player URL script command behavior

Expired security updates
The following items have previously been removed from the site and are now expiring on SUS. This is per the agreement to keep content on SUS for one additional year.

324380 MS02-051: Cryptographic flaw in RDP can cause information disclosure

328310 MS02-071: Flaw in Windows WM_TIMER message handling can enable privilege elevation

330994 MS03-014: April 2003 cumulative patch for Outlook Express

811493 MS03-013: Buffer overrun in Windows kernel message handling could lead to elevated privileges

822679 MS03-025: Flaw in Windows message handling through Utility Manager could enable privilege elevation

824146 MS03-039: A buffer overrun in RPCSS could allow an attacker to run malicious programs

828028 MS04-007: An ASN.1 vulnerability could allow code execution

New security updates
There are no new security updates for this release.

New nonsecurity critical updates
<ul> <li>Double-byte character set (DBCS) characters may appear corrupted in Internet Explorer on Windows XP when you browse a Web site that uses Shift-JIS character encoding (KB886677)

Microsoft Windows XP Service Pack 2 (SP2) (Japanese, Korean, Chinese [Traditional], Chinese [Simplified] only)

This update addresses an issue where double-byte character set (DBCS) characters may appear corrupted in Microsoft Internet Explorer on a Windows XP-based computer. This issue occurs when you browse a Web site that uses Shift-JIS character encoding. Install this update to help resolve this issue. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

886677 Double-byte character set (DBCS) characters may appear corrupted in Internet Explorer on Windows XP when you browse a Web site that uses Shift-JIS character encoding

</li> <li>You receive the Stop error &quot;Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)&quot; in Windows XP Service Pack 2 or Windows Server 2003 (KB887742)

Windows XP SP2 (all languages)

This update addresses an issue that could cause a computer to stop responding if certain firewall or antivirus programs are installed. You can help resolve this issue by installing this HTTP.sys update from Microsoft. After you install this update, you may have to restart the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887742 You receive the Stop error &quot;Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)&quot; in Windows XP Service Pack 2 or Windows Server 2003

</li> <li>Update package that includes Background Intelligent Transfer Service (BITS) version 2.0 and WinHTTP 5.1 is available for Windows XP (KB842773)

Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, and the original release version of Microsoft Windows Server 2003 (all languages)

This software updates the Background Intelligent Transfer Service (BITS) to version 2.0, and it also updates WinHTTP. These updates help guarantee an optimal download experience by using new versions of Automatic Updates, Windows Update, and other programs that rely on BITS to transfer files by using idle network bandwidth. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

842773 An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000

</li></ul>

Changes to text for software updates:
Recommended update for Microsoft DirectX 9.0 - Managed DirectX
 * DirectX 9.0a Managed DirectX update: The Korean &quot;read more&quot; link was corrected.

Changes to existing security updates
The changes in the following list were made between February 9, 2005 and February 15, 2005. These changes do not require the software updates to be reinstalled. However, Windows Update Services beta users may notice that these software updates appear to have changed. These changes do not represent cases where a software update was offered to a computer that does not require it, or where a software update was not offered to a computer that requires it. <ul> <li>The security level and the security bulletin number were missing from the content that is associated with the following software updates:

324380 MS02-051: Cryptographic flaw in RDP protocol can cause information disclosure

811114 MS03-018: May 2003 Cumulative patch for Internet Information Services (IIS)

828028 MS04-007: An ASN.1 vulnerability could allow code execution

828741 MS04-012: Cumulative update for Microsoft RPC/DCOM

830352 MS04-006: A vulnerability in the Windows Internet Name Service (WINS) could allow code execution

832359 MS04-008: Vulnerability in Windows Media Services could allow a Denial of Service attack

832483 MS04-003: Buffer overrun in an MDAC function could allow code execution

832894 MS04-004: Cumulative security update for Internet Explorer

835732 MS04-011: Security update for Microsoft Windows

837001 MS04-014: Vulnerability in the Microsoft Jet Database Engine could permit code execution

837009 MS04-013: Cumulative security update for Outlook Express

840374 MS04-015: Security update for Microsoft Windows

</li> <li>The following software updates were incorrectly registered as requiring a user interface when they are installed by SUS:

867801 MS04-025: Cumulative security update for Internet Explorer

888162 You receive an &quot;Explorer.EXE - Entry Point Not Found - The procedure entry point SHCreateThreadRef could not be located in the dynamic link library Shlwapi.dll&quot; error message after you install the MS04-038 security update

816093 MS03-011: Flaw in the Microsoft VM could enable system compromise

</li> <li>The severity rating was changed from Important to Critical:

835732 MS04-011: Security update for Microsoft Windows

</li></ul>

http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

New security updates
<ul> <li>ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 (KB886906)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer that is running the Microsoft .NET Framework and to gain access to restricted data. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-004.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

886906 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3

</li></ul>

<ul> <li>ASP.NET path validation vulnerability in Microsoft .NET Framework 1.1 Service Pack 1 (KB886903)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer that is running the Microsoft .NET Framework and to gain access to restricted data. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-004.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

886903 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.1 Service Pack 1

</li> <li>ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Media Center and Tablet PC Editions (KB887998)

Microsoft Windows XP Tablet Edition, Microsoft Windows Media Center Edition

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer that is running the Microsoft .NET Framework and to gain access to restricted data. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-004.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887998 ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Media Center and Tablet PC Editions

</li> <li>MS05-006: Vulnerability in Windows SharePoint Services and SharePoint Team Services could allow cross-site scripting and spoofing attacks (KB887981)

Microsoft Windows Server 2003

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-006.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887981 MS05-006: Vulnerability in Windows SharePoint Services and SharePoint Team Services could allow cross-site scripting and spoofing attacks

</li> <li>MS05-007: Vulnerability in Windows could allow information disclosure (KB888302)

Microsoft Windows XP

A security issue has been identified that could allow an attacker to remotely read information about a Microsoft Windows-based computer. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-007.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

888302 MS05-007: Vulnerability in Windows could allow information disclosure

</li> <li>MS05-008: Vulnerability in Windows shell could allow remote code execution (KB890047)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-008.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

890047 MS05-008: Vulnerability in Windows shell could allow remote code execution

</li> <li>Microsoft has released a security update to Microsoft Windows Media Player 9 (KB885492)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition, Microsoft Windows 98

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-009.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

885492 Microsoft has released a security update to Microsoft Windows Media Player 9

</li> <li>Microsoft has released a security update to Microsoft Windows Messenger (KB887472)

Microsoft Windows XP

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-009.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

887472 Microsoft has released a security update to Microsoft Windows Messenger

</li> <li>MS05-010: Vulnerability in the License Logging service could allow code execution (KB885834)

Microsoft Windows Server 2003, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-010.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

885834 MS05-010: Vulnerability in the License Logging service could allow code execution

</li> <li>MS05-011: Vulnerability in server message block could allow remote code execution (KB885250)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect the computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-011.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

885250 MS05-011: Vulnerability in server message block could allow remote code execution

</li> <li>MS05-012: Vulnerability in OLE and COM could allow remote code execution (KB873333)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-012.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

873333 MS05-012: Vulnerability in OLE and COM could allow remote code execution

</li> <li>MS05-013: A vulnerability in the DHTML editing component ActiveX control could allow code execution (KB891781)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-013.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

891781 MS05-013: A vulnerability in the DHTML editing component ActiveX control could allow code execution

</li> <li>MS05-014: Cumulative security update for Internet Explorer (KB867282)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Millennium Edition, Microsoft Windows 98 Second Edition

A security issue has been identified that could allow an attacker to compromise a computer that is running Microsoft Internet Explorer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-014.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

867282 MS05-014: Cumulative security update for Internet Explorer

</li> <li>MS05-015: Vulnerability in hyperlink object library could allow remote code execution (KB888113)

Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000

A security issue has been identified that could allow an attacker to compromise a Microsoft Windows-based computer and to gain control over it. You can help protect a computer by installing this update from Microsoft. After you install this update, you may have to restart the computer.

http://www.microsoft.com/technet/security/bulletin/MS05-015.mspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

888113 MS05-015: Vulnerability in hyperlink object library could allow remote code execution in Windows Server 2003

</li></ul>

New critical updates
There are no new critical updates.

Changes to existing content
The following changes were made to existing content and software updates on Tuesday, February 8, 2005.

Changes to software update detection:
<ul> <li>MS02-050: Certificate validation flaw might permit identity spoofing (KB329115)

Security update for Windows 2000. The detection for this package has to be changed so that the package is reoffered if the file is downgraded. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

329115 MS02-050: Certificate validation flaw might permit identity spoofing

</li> <li>MS04-024: A vulnerability in the Windows shell could allow remote code execution (KB839645)

The current package has a generic registry key in detection. The detection for this package has to be changed to remove this registry key and to use file-version detection. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

839645 MS04-024: A vulnerability in the Windows shell could allow remote code execution

</li></ul>

Replaced software updates:
<ul> <li>MS03-021: A flaw in Windows Media Player may permit the Media Library to be accessed (KB819639)

This package is superseded by security bulletin MS05-009 (885492). For more information, click the following article number to view the article in the Microsoft Knowledge Base:

819639 MS03-021: A flaw in Windows Media Player may permit the Media Library to be accessed

</li> <li>MS04-038: Cumulative security update for Internet Explorer (KB834707)

This package is superseded by MS05-014 (867282) on all supported non-Internet Explorer 6 Service Pack 1 (SP1) operating system/Internet Explorer 6 combinations. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

834707 MS04-038: Cumulative security update for Internet Explorer

</li> <li>MS04-040: Cumulative security update for Internet Explore (KB889293)

This package is superseded by MS05-014 (867282) for Internet Explorer 6 SP1 versions. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

889293 MS04-040: Cumulative security update for Internet Explorer

</li> <li>Windows Messenger version 4.7.2009 will no longer be available for download. It is superseded by Windows Messenger version 4.7.2010.</li></ul>

Expired software updates:
The following items have previously been removed from the site and are now expiring on SUS. This is per the agreement to keep content on SUS for one additional year. <ul> <li>MS03-010: Flaw in RPC endpoint mapper could allow Denial of Service attacks (KB331953)

Security update for Windows

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

331953 MS03-010: Flaw in RPC endpoint mapper could allow Denial of Service attacks

</li></ul>

Changes to text for software updates:
The following updates have text changes, either to the title or to the description. However, there is no change to the package or to the detection logic used.
 * Microsoft .NET Framework version 1.1 German Language Pack. There is a change to the description of this software update.

<div class="references_section">