• Chart: July 2005 Security Communications Summary

July 2005's "Patch Tuesday" included three critical patches for vulnerabilities in Microsoft software. The bulletin for a Java component in Windows and Internet Explorer (IE) replaces a security advisory issued when the vulnerability was first reported. (Security Advisories were recently added to Microsoft's security communications to provide timely information about security issues that don't warrant an update or that emerge before a bulletin and update are ready.) Despite this transformation, customers must continue to monitor both advisories and bulletins, as not all advisories will become bulletins.

July Patches

Three critical patches in July 2005 fix vulnerabilities in Word, Works, Windows, IE, and Microsoft's Java Virtual Machine (MSJVM), including the following:

• A patch for an unchecked buffer in Word's font-processing software (Word is included in the Works suite)
• A patch for an unchecked buffer in the Microsoft Color Management Module, which allows the OS to provide consistent color mappings among different devices and applications and to transform colors from RGB (typically used on displays) to CMYK (typically used in printing) color spaces
• A patch to stop IE from loading the JView Profiler (Javaprxy.dll), a debugger interface for the MSJVM, as an ActiveX control (this is the update initially released as an advisory.

On unpatched systems, these critical vulnerabilities could allow an attacker to take full control of the vulnerable computer.

The patch for the JView Profiler vulnerability is interesting in that it uses a Registry entry called a kill bit to stop the profiler from loading as an ActiveX control in IE. This workaround, initially released with the Security Advisory, has been updated as a patch to automatically set the kill bit.

The Malicious Software Removal Tool was also updated to remove variants of the worms and Trojan horses Hacty, Optix, Optixpro, Prustiu, and Wootbot.

There were no new Security Advisories, but MS05-033 was reissued with information about Windows Services for UNIX. Two critical (but not security-related) updates for Office, including an updated junk e-mail filter for Outlook, were released as well.

Resources

Information about updates released in July 2005 can be found at www.microsoft.com/technet/security/current.aspx.

The latest version of the Malicious Software Removal Tool can be executed from www.microsoft.com/security/malwareremove/default.mspx.

More information about kill bits can be found at support.microsoft.com/kb/240797.