X

Microsoft patches IE and more

Microsoft patches IE and more

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
Robert Vamosi
2 min read
The August edition of Microsoft's monthly security bulletins includes six patches, three of which are critical (including a patch to IE), one important, and two moderate. The patches cover products such as Internet Explorer and Windows services such as Plug-n-Play, Telephony Application Programming Interface (TAPI), and Print Spooler Service. The patches are available via Microsoft Update and should be automatically downloaded to Windows XP SP2 users.

MS05-38: Critical
This cumulative update for Internet Explorer addresses several critical flaws related to IE, for example, how it handles JPEG images, how COM objects in ActiveX can be run within Internet Explorer, and how Internet Explorer security zones handle cross-site requests. In the most extreme case, a remote attacker could run malicious code on your PC through an IE exploit.

MS05-39: Critical
This patch addresses flaws in Windows Plug-n-Play that could allow a remote attacker to take complete control of your PC.

MS05-40: Important
This flaw fixes the Telephony Application Programming Interface (TAPI). A known vulnerability could allow malicious code to run on your PC remotely.

MS05-41: Moderate
This patch addresses a Remote Desktop Protocol (RDP) flaw that could allow an attack to crash your system remotely.

MS05-42: Important
This patch addresses flaws in Kerberos (a communications protocol) that could allow for a denial-of-service attack.

MS05-43: Critical
This patch fixes a flaw in the Windows Print Spooler Service that could allow an attacker to run malicious code on your PC.