Microsoft has released updates for XP -
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Version: 1.10
Date Published: November 8, 2005
Download Size: 988.3 KB
Code:
http://download.microsoft.com/download/4/a/a/4aa524c6-239d-47ff-860b-5b397199cbf8/Windows-KB890830-V1.10-ENU.exe
Summary
After the download, this tool runs once to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove any infection found. If an infection is found, the tool will display a status report the next time you start your computer. This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product.
Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
Version: 1.0
Published: November 8, 2005
Download size: 2.47 MB
Code:
http://download.microsoft.com/download/1/7/f/17f74fcb-5a29-492e-baf5-503357aeaf2b/WindowsXP-KB896424-x86-ENU.exe
Summary
A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Microsoft .NET Framework Version 2.0 Redistributable Package (x86)
Version: 2.0
Date Published: November 3, 2005
Size: 22.42 MB
Code:
http://download.microsoft.com/download/5/6/7/567758a3-759e-473e-bf8f-52154438565a/dotnetfx.exe
Summary
The .NET Framework version 2.0 improves scalability and performance with improved caching, application deployment and updating with ClickOnce, and support for the broadest array of browsers and devices with ASP.NET 2.0 controls and services. After you install this update, you may have to restart your computer.
Previous Updates:
Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)
Published: October 11, 2005
Version: 900725
Download Size: 4.93 MB
Code:
http://download.microsoft.com/download/4/d/a/4dadb98c-354d-4729-be91-a966adbd2e04/WindowsXP-KB900725-x86-ENU.exe
Summary
A security issue has been identified that could allow an authenticated attacker to gain access and potentially compromise your Microsoft Windows-based system. You can help protect your computer by installing this update from Microsoft.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important
Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (901017)
Published: October 11, 2005
Version: 901017
Download Size: 1021.7 KB
Code:
http://download.microsoft.com/download/c/e/9/ce9314f0-4dfb-4d70-9111-a2db25c381a7/WindowsXP-KB901017-x86-ENU.exe
Summary
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Collaboration Data Objects (CDO) and gain control over it. You can help protect your computer by installing this update from Microsoft.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)
Published: October 11, 2005
Version: 902400
Download Size: 4.71 MB
Code:
http://download.microsoft.com/download/4/c/d/4cd35721-3d29-4fc5-9fb0-f9a6a2bfef41/WindowsXP-KB902400-x86-ENU.exe
Summary
A remote code execution security issue has been identified that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Vulnerability in DirectShow Could Allow Remote Code Execution (904706)
Version: 1.0
Published: October 11, 2005
Download Size: 1.33 MB
Code:
http://download.microsoft.com/download/e/3/9/e398de49-3012-446b-9ea5-36d0dfa366ef/WindowsXP-KB904706-x86-ENU.exe
Summary
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using DirectShow and gain control over it. You can help protect your computer by installing this update from Microsoft.
Applies to: Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c, when they are installed on Windows 2000, on Windows XP, or on Windows Server 2003, require this update.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)
Published: October 11, 2005
Version: 905414
Download Size: 606.7 KB
Code:
http://download.microsoft.com/download/7/c/e/7ce2cf5f-7658-4835-90f4-3db49688b530/WindowsXP-KB905414-x86-ENU.exe
Summary
A denial of service security issue has been identified that could cause the Network Manager service to stop responding on your Windows-based system. You can help protect your computer by installing this update from Microsoft.
Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate
Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)
Published: October 11, 2005
Version: 905749
Download Size: 568.7 KB
Code:
http://download.microsoft.com/download/e/6/7/e67f4d2a-8988-485d-a0ba-4916e75173a9/WindowsXP-KB905749-x86-ENU.exe
Summary
A security issue has been identified in the Plug and Play service that could allow an authenticated attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Impact of Vulnerability: Remote Code Execution and Local Elevation of Privilege
Maximum Severity Rating: Important
Cumulative Security Update for Internet Explorer (896688)
Published: October 5, 2005
Version: 1.0
Download Size: 4.74 MB
Code:
http://download.microsoft.com/download/3/9/c/39c0e5fa-272a-4442-a31a-bf280f435aee/WindowsXP-KB896688-x86-ENU.exe
Summary
Security issues have been identified that could allow an attacker to compromise a computer running Microsoft Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB896727)
Version: XP_SP2
Date Published: Aug 9, 2005
Language: English
Download Size: 4.09 MB
Code:
http://download.microsoft.com/download/2/6/9/26980f82-fad7-471a-b71c-eec70efcea7d/WindowsXP-KB896727-x86-ENU.exe
Summary
Security issues have been identified that could allow an attacker to compromise a computer running Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft.
Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)
Version: 893756
Date Published: Aug 8, 2005
Language: English
Download Size:675.2 KB
Code:
http://download.microsoft.com/download/0/9/d/09d163d5-9793-458f-aeaa-b5c9dff72350/WindowsXP-KB893756-x86-ENU.exe
Summary
A security issue has been identified in the Telephony Application Programming Interface (TAPI) that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)
Version: 896423
Date Published: Aug 8, 2005
Language: English
Download Size: 550.2 KB
Code:
http://download.microsoft.com/download/7/a/f/7af980c5-5a65-4067-8801-1f27856ef4f3/WindowsXP-KB896423-x86-ENU.exe
Summary
A security issue has been identified in the Print Spooler service that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)
Version: 899587
Date Published: Aug 8, 2005
Language: English
Download Size: 720.2 KB
Code:
http://download.microsoft.com/download/4/3/0/430cb1fd-38b9-4dbc-9077-0cad900ca5e5/WindowsXP-KB899587-x86-ENU.exe
Summary
A security issue has been identified that could allow an attacker to gain access to sensitive data transmitted through your Microsoft Windows-based system in a domain environment, and to perform denial of service attacks against domain controllers. You can help protect your computer by installing this update from Microsoft.
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
Version: 899588
Date Published: Aug 8, 2005
Language: English
Download Size: 565.7 KB
Code:
http://download.microsoft.com/download/1/8/a/18a58cf1-8ee0-494d-99ec-65fe1891b965/WindowsXP-KB899588-x86-ENU.exe
Summary
A security issue has been identified in the Plug and Play service that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)
Version: 899591
Date Published: Aug 8, 2005
Language: English
Download Size:570.2 KB
Code:
http://download.microsoft.com/download/0/8/2/082a950a-fdec-4cb3-8e9c-69d877e4f922/WindowsXP-KB899591-x86-ENU.exe
Summary
A security issue has been identified in the Remote Desktop Protocol (RDP) that could allow an attacker to remotely cause your Microsoft Windows-based system to stop responding. You can help protect your computer by installing this update from Microsoft.
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)
Version: XPSP2
Date Published: July 12, 2005
Download Size: 484 KB (494,832 bytes)
Code:
http://download.microsoft.com/download/d/c/3/dc31c892-6251-4c9b-a780-2688179229f3/WindowsXP-KB903235-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
- Recommendation: Customers should apply the update immediately.
- Security Update Replacement: None
- Description: A security issue has been identified that could allow an attacker to compromise a computer running Microsoft Internet Explorer and gain control over it. You can help protect your computer by installing this update, which sets a registry key that blocks attempts to take advantage of this issue.
Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
Version: 901214
Date Published: July 11, 2005
Download Size: 612 KB (625,904 bytes)
Code:
http://download.microsoft.com/download/e/1/d/e1dea0de-8f7d-481c-b04c-c873f6140df2/WindowsXP-KB901214-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
- Recommendation: Customers should apply the update immediately.
- Security Update Replacement: None
- Description: A security issue has been identified in the Color Management Module that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Permanent copy of the Package Installer for Windows version 6.1.22.4:
Download Size: 476.7 KB
Date Published: June 27, 2005
Version: 898461
Code:
http://www.microsoft.com/downloads/info.aspx?na=90&p=&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=50c334e1-9a67-4b99-a65a-069b79267856&genscs=0&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f5%2ff%2fd%2f5fdc6240-2127-42b6-8e16-bab6171db233%2fWindowsXP-KB898461-x86-ENU.exe
Summary
This update installs a permanent copy of Package Installer for Windows to enable software updates to have a significantly smaller download size. The Package Installer facilitates the install of software updates for Microsoft Windows operating systems and other Microsoft products.
Update for Windows XP (KB900930)
(An update that addresses Outlook Express 6.0 issues)
Version: 900930
Date Published: June 24, 2005
Download Size: 1.25 MB
Code:
http://download.microsoft.com/download/5/4/9/54935bff-636b-4f51-ab67-f71f59c5c252/WindowsXP-KB900930-x86-ENU.exe
Summary
Install this update to address multiple Outlook Express issues in Windows XP.
Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458)
Issued: June 14, 2005
Updated: June 15, 2005
Version: 1.0
Download size: 1001.8 KB
Code:
http://www.microsoft.com/downloads/info.aspx?na=46&p=10&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=591265a7-e7f4-409f-992b-84d954824ba8&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f5%2f9%2fe%2f59e7db6e-b5b7-45ff-8827-be69103ab535%2fStepByStepInteractiveTraining-KB898458-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Important
- Recommendation: Customers should apply the update at the earliest opportunity.
- Security Update Replacement: None
Vulnerabilities in TCP/IP could allow remote code execution and denial of service
Article ID : 893066
Last Review : June 14, 2005
Revision : 5.0
Download size: 772.2 KB
Code:
http://download.microsoft.com/download/2/8/e/28ef9005-4845-4496-a2e1-c0f8a2b673ca/WindowsXP-KB893066-v2-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
- Recommendation: Customers should apply the update immediately.
- Security Update Replacement: None.
Cumulative Security Update for Internet Explorer (883939)
Issued: June 14, 2005
Version: 1.0
Date Published: June 2, 2005
Version: IE6_XPSP2
Download size: 4.07 MB
Code:
http://download.microsoft.com/download/e/6/a/e6ab9d30-f492-4007-932a-7e3b264a05e0/WindowsXP-KB883939-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
- Recommendation: Customers should apply the update immediately.
- Security Update Replacement: This update replaces the update that is included with Microsoft Security Bulletin MS05-020. That update is also a cumulative update.
Vulnerability in Microsoft Agent Could Allow Spoofing (890046)
Issued: June 14, 2005
Version: 1.0
Date Published: June 13, 2005
Version: 890046
Download Size: 510.2KB
Code:
http://download.microsoft.com/download/7/5/1/7514f760-a4e1-444d-8d4c-316b09e5a175/WindowsXP-KB890046-x86-ENU.exe
Summary- Impact of Vulnerability: Spoofing
- Maximum Severity Rating: Moderate
- Recommendation: Customers should consider applying the security update.
- Security Update Replacement: None
Vulnerability in HTML Help Could Allow Remote Code Execution (896358)
Issued: June 14, 2005
Version: 1.0
Download Size: 1014.2 KB
Date Published: June 13, 2005
Version: 896358
Code:
http://download.microsoft.com/download/6/3/9/639eef80-2245-486c-a23f-914c0b31336b/WindowsXP-KB896358-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
- Recommendation: Customers should apply the update immediately.
- Security Update Replacement: This bulletin replaces several prior security updates.
Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)
Issued: June 14, 2005
Version: 1.0
Download Size: 703.7 KB
Date Published: June 13, 2005
Version: 896422
Code:
http://download.microsoft.com/download/f/d/4/fd470cc2-1813-4a50-be2a-5b1b5a343305/WindowsXP-KB896422-x86-ENU.exe
Summary- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
- Recommendation: Customers should apply the update immediately.
- Security Update Replacement: This bulletin replaces several prior security updates.
Vulnerability in Telnet Client Could Allow Information Disclosure (896428)
Issued: June 14, 2005
Version: 1.0
Download Size: 512.7 KB
Date Published: June 13, 2005
Version: 896428
Code:
http://www.microsoft.com/downloads/info.aspx?na=90&p=&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=b8ba775e-e9a7-47e9-81a9-a68a71b9faac&genscs=&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f7%2f1%2f1%2f7114dee3-7f2c-4ac9-acc9-b97acde812e8%2fWindowsXP-KB896428-x86-ENU.exe
Summary- Impact of Vulnerability: Information Disclosure
- Maximum Severity Rating: Moderate
- Recommendation: Customers should consider applying the security update.
- Security Update Replacement: None
Update of the File and Settings Transfer Wizard (KB896344)
Version: 896344
Date Published: May 24, 2005
Download Size: 1.27 MB
Code:
http://download.microsoft.com/download/e/c/b/ecb33ee1-a923-4f6c-92ed-9fcca3b8a52a/WindowsXP-KB896344-v2-x86-ENU.exe
What fixed?
When you use the File and Settings Transfer Wizard on a computer that is running a 32-bit edition of Microsoft Windows XP to transfer your files and settings, and then you try to use the File and Settings Transfer Wizard on a computer that is running Microsoft Windows XP Professional x64 Edition to restore the files and settings that you copied earlier, you may receive the following error message:
Your migration store was created with a previous version of File and Settings Transfer Wizard. Please collect your settings using the current version of the Files and Settings Transfer Wizard. It is available on the Windows XP x64 edition CD under Perform Additional Tasks. You can also create a wizard disk by running the wizard on your Windows XP x64 Edition computer.
This behavior occurs because the File and Settings Transfer Wizard that is included in 32-bit versions of Windows XP is not compatible with the File and Settings Transfer Wizard that is included in Windows XP Professional x64 Edition.
To resolve this problem, download and install the updated version of the File and Settings Transfer Wizard.
FIX: DBCS attachment file names are not displayed in Rich Text e-mail messages and you may receive a "Generic Host Process" error message after you install security update MS05-012
Download Size: 1.98MB
Article ID: 894391
Last Review : May 18, 2005
Revision : 2.0
Code:
http://www.microsoft.com/downloads/info.aspx?na=90&p=&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=a87b44b9-7a6a-49b6-bd89-afad4e049c48&genscs=0&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2fd%2f3%2f0%2fd30f4165-2e4e-48c3-93b3-430ebd2d3e89%2fWindowsXP-KB894391-x86-ENU.exe
SYMPTOMS
After you install security update 873333 (MS05-012), you experience the following problems:
- You may receive the following error message after you start the computer:
Generic Host Process for Win32 Services Error
Note This problem only occurs in Microsoft Windows XP Service Pack 2 (SP2).
- File names are not displayed in e-mail messages that include file attachments when the following conditions are true:[list:a26f481148]
- The file name contains double-byte character set (DBCS) characters.
- The file name is longer than 42 characters.
Note: This problem only occurs when the e-mail message format is Rich Text. [*]An application that implements the IMallocSpy debugging interface may experience heap corruption after you install security update 873333.[/list:u:a26f481148]
RESOLUTION
Hotfix information
A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Windows service pack that contains this hotfix.
To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the
Microsoft Web site.
Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
Prerequisites
No prerequisites are required.
Restart requirement
You must restart the computer after you apply this hotfix.
Hotfix replacement information
This hotfix does not replace any other hotfixes.
File information
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Windows Installer 3.1 Redistributable (v2)
Download Size: 2.47MB
Date Published: 5/12/2005
Version: 3.1.4000.2435
Code:
http://www.microsoft.com/downloads/info.aspx?na=131&p=3&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=889482fc-5f56-4a38-b838-de776fd4138c&genscs=&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f1%2f4%2f7%2f147ded26-931c-4daf-9095-ec7baf996f46%2fWindowsInstaller-KB893803-v2-x86.exe
New features in Windows Installer 3.1:- New minor UpdateTargetRTMProperty property: Patch files can now target both the original release baseline and the latest service-pack-level baseline that is on the system.
- New MsiSetExternalUIRecord API: Packages that use an external user interface can now receive messages as records instead of receiving the messages as strings.
- New x64 and Msix64 properties: Packages can now use the x64 and Msix64 properties to indicate x64 processor-based operating system support.
- New MsiNotifySidChange API: You can use this API to upgrade the Windows Installer configuration if the security identifier (SID) of a user changes.
- Flyweight patching is now an opt-in behavior: Windows Installer 3.0 introduced new "flyweight patching" functionality. By default, this functionality was enabled for all patches. Windows Installer 3.1 now disables this functionality unless you specifically enable the functionality by setting the OptimizedInstallMode property in the MsiPatchMetaData table.
Issue that is addressed in Windows Installer 3.1 (v2) - Windows Installer no longer fails silently when the installer tries to update a file that is protected by the Windows File Protection feature.
WindowsXP update released (Nov 8, 2005) - link and review
Linear Mode
