Microsoft on Tuesday issued five patches and security bulletins for nine vulnerabilities, none critical, as part of its normal monthly security patch release schedule. The flaws all affect desktop and server versions of Windows, Microsoft says. Additionally, the company reissued one security bulletin to reflect newly available updates.
"Two of this month's bulletins apply to Windows XP Service Pack 2, but the severity rating is reduced to 'moderate' for SP2 customers," a Microsoft representative noted Tuesday. "Customers who have followed our guidance of enabling Automatic Updates will automatically receive these two updates without taking additional actions. Microsoft continues to encourage customers to review and install Windows XP SP2 by turning on Automatic Updates."
While the five vulnerabilities run the gamut from desktop to server operating systems, all of them involve Windows components, such as applications or services, that are bundled with the core OS. The patches affect applications such as WordPad and Hyperterminal, and services like Dynamic Host Configuration Protocol (DHCP), Local Security Authority Subsystem Service (LSASS), and Windows Internet Naming Service (WINS). The reissued bulletin, "JPEG Parsing (GDI+) in Windows, Office, Graphics Application and Developer Applications subsystem in Microsoft Windows," now references new fixes for Microsoft Visual FoxPro 8.0 and the.NET Framework versions 1.0 and 1.1 without Service Pack 1.
For more information about these security flaws, please visit the Microsoft Security Web site. That site also includes links to manual downloads for each patch.