The critical holes affect Windows, Internet Explorer, Exchange Server, MSN Messenger and Word. All of them could allow an attacker to take control of an affected system, according to Microsoft. It has advised people to install the patches immediately.
The list also includes non-critical problems with the Windows shell, Message Queuing or "MSMQ" and the Windows kernel.
The following are critical:
- Security Bulletin MS05-019 affects Windows software for TCP/IP and could allow remote code execution and denial of service. Needed for Windows 98, Millennium, 2000 and XP as well as Windows Server 2003.
- MS05-020 covers the risk of remote code execution on Internet Explorer. It affects various versions of Explorer and Windows 98, Millennium, 2000 and XP as well as Windows Server 2003.
- MS05-21 deals with remote code execution attacks on Exchange Server. It affects Exchange Server 2003, service packs 1 and 3.
- MS05-22 also involves a danger of remote code execution through MSN Messenger 6.2. MSN Messenger 7.0 is not affected.
- MS05-23 is also remote code execution, this time through Word 2000, 2002 and 2003, as well as all Works Suites since 2001.
That's all for this month.