Internet Explorer Security Patches IE Security Patches for 2005 Forrest Stroud
Internet Explorer / Outlook Express Security Patches for 2005
12.14.05.MS05-054 - December Cumulative Security Update. Severity Rating: Critical
Contains fixes for ALL previously identified and patched security vulnerabilities, as well as four new issues: File Download Dialog Box Manipulation Vulnerability - CAN-2005-2829, HTTPS Proxy Vulnerability - CAN-2005-2830, COM Object Instantiation Memory Corruption Vulnerability - CAN-2005-2831, and Mismatched Document Object Model Objects Memory Corruption Vulnerability - CAN-2005-1790.
10.11.05.MS05-052 - October Cumulative Security Update. Severity Rating: Critical
Contains fixes for ALL previously identified and patched security vulnerabilities, as well as one new issue: COM Object Instantiation Memory Corruption Vulnerability - CAN-2005-2127.
08.10.05.MS05-038 - August Cumulative Security Update. Severity Rating: Critical
Contains fixes for ALL previously identified and patched security vulnerabilities, as well as three new ones: JPEG Image Rendering Memory Corruption Vulnerability (CAN-2005-1988), Web Folder Behaviors Cross-Domain Vulnerability (CAN-2005-1989), and COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-1990).
07.12.05.MS05-037 - Vulnerability in JView Profiler Could Allow Remote Code Execution. Severity Rating: Critical
A remote code execution vulnerability exists in JView Profiler that could allow an attacker to take complete control of an affected system. All Windows 98+ operating systems (including XP and XP SP2) are vulnerable to this security flaw.
07.05.05.KB903144 - July Security Update. Severity Rating: Critical
An explanation and workaround (with download) for the newly identified COM Object (Javaprxy.dll) Could Cause Internet Explorer to Unexpectedly Exit security vulnerability. The workaround disables the Javaprxy.dll COM object from running in Internet Explorer.
06.14.05.MS05-025 - June Cumulative Security Update. Severity Rating: Critical
Contains fixes for ALL previously identified and patched security vulnerabilities, as well as two new ones: PNG Image Rendering Memory Corruption Vulnerability (CAN-2005-1211) and XML Redirect Information Disclosure Vulnerability (CAN-2002-0648).
Direct download for IE 6.x under Windows XP SP2 users here (4167 KB)
04.12.05.MS05-020 - April Cumulative Security Update. Severity Rating: Critical
Contains fixes for ALL previously identified and patched security vulnerabilities, as well as three new ones: DHTML Object Memory Corruption Vulnerability (CAN-2005-0553), URL Parsing Memory Corruption Vulnerability (CAN-2005-0554), and Content Advisor Memory Corruption Vulnerability (CAN-2005-0555).
02.08.05.MS05-014 - February Cumulative Security Update. Severity Rating: Critical
Contains fixes for ALL previously identified and patched security vulnerabilities, as well as four new ones: Drag-and-Drop Vulnerability (CAN-2005-0053), URL Decoding Zone Spoofing Vulnerability (CAN-2005-0054), DHTML Method Heap Memory Corruption Vulnerability (CAN-2005-0055), and Channel Definition Format (CDF) Cross Domain Vulnerability (CAN-2005-0056).
01.12.05.MS05-001 - Vulnerability in HTML Help Could Allow Code Execution. Severity Rating: Critical
The HTML Help vulnerability could allow information disclosure or remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. All Windows 2000+ operating systems (including XP and XP SP2) are vulnerable to these Trojan attacks.
01.12.05.MS05-002 - Vulnerability in Cursor and Icon Format Handling. Severity Rating: Critical
This vulnerability could allow an attacker to try and exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visits a malicious Web site or views a malicious e-mail message.
A Denial of Service (DoS) vulnerability is also patched in MS05-002. The vulnerability affects the way that cursor, animated cursor, and icon formats are handled. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially cause the operating system to become unresponsive. Users of Windows XP SP2 are not affected by these vulnerabilities.
