Microsoft Security Updates - December 2005

  Security patches have been issued for both Windows and Internet Explorer.  This update went well on my home PC with no issues and I recommend updating all workstations as soon as possible. 

Windows Update Link
http://www.microsoft.com/windowsupdate/

Microsoft Security Bulletin MS05-054
Cumulative Security Update for Internet Explorer (905915)
http://www.microsoft.com/technet/security/Bulletin/ms05-054.mspx

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical

Security Update Replacement: This update replaces the update that is included with Microsoft Security Bulletin MS05-052. That update is also a cumulative update.

Addresses four Vulnerabilities in Internet Explorer:

1. File Download Dialog Box Manipulation Vulnerability (CAN-2005-2829)
2. HTTPS Proxy Vulnerability (CAN-2005-2830)
3. COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-2831)
4. Mismatched Document Object Model Objects Memory Corruption Vulnerability (CAN-2005-1790)

Microsoft Security Bulletin MS05-055
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)
http://www.microsoft.com/technet/security/Bulletin/ms05-055.mspx

Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important

Addresses the following Vulnerability in Windows:  Windows Kernel Vulnerability - A privilege elevation vulnerability exists in the way that asynchronous procedure calls are processed within the kernel. This vulnerability could allow a logged on user to take complete control of the system (CAN-2005-2827)