NEWS FROM THE LAB - Tuesday, January 11, 2005

Microsoft's January security updates Posted by Ero @ 18:29 GMT

The first security fixes of the year, MS05-001, MS05-002 and MS05-003 have been released today.

MS05-001, MS05-002 are rated as critical , both fixing Remote Code Execution vulnerabilities. One involving HTML help and another the Icon and Cursor format handling.

The MS05-003 is rated as important and fixes an Elevation of Privilege vulnerability.

The vulnerability fixed by MS05-001 has already been used by the Phel malware. Information about this vulnerability, CAN-2004-1043, can be found here.

Both MS05-001 and MS05-002 might provide new ways for malware to enter the users' computers, so we encourage to apply such fixes as soon as possible.