Comment The Big Three (Score 4, Informative) 344
The most worrisome are (from least to most)
MS05-019 Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service.
Remotely Exploitable. Good potential for the next superworm.
IP Validation Vulnerability (CAN-2005-0048 ) - "Incomplete validation of IP Network Packets" is how Microsoft describes this vulnerability.
MS05-021 - Vulnerability in Exchange Server Could Allow Remote Code Execution.
Remotely Exploitable Buffer Overflow
Exchange Server Vulnerability (CAN-2005-0560) - The service fails to handle SMTP extended verb requests. On Exchange 2000, if an attacker connects to an SMTP port (unauthenticated users will work) and issues a specially crafted extended verb request, this would allow an attacker to run the code of their choice as the SMTP service runs as Local System.
MS05-020: Cumulative Security Update for Internet Explorer (890923)
Remotely exploitable.
All three problems fixed would require a user to browse a malicious website or click on a link... but then there is a HIGH probability that THAT will happen. Again proof of concept exploit code has been released for this flaw.
MS05-019 Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service.
Remotely Exploitable. Good potential for the next superworm.
IP Validation Vulnerability (CAN-2005-0048 ) - "Incomplete validation of IP Network Packets" is how Microsoft describes this vulnerability.
MS05-021 - Vulnerability in Exchange Server Could Allow Remote Code Execution.
Remotely Exploitable Buffer Overflow
Exchange Server Vulnerability (CAN-2005-0560) - The service fails to handle SMTP extended verb requests. On Exchange 2000, if an attacker connects to an SMTP port (unauthenticated users will work) and issues a specially crafted extended verb request, this would allow an attacker to run the code of their choice as the SMTP service runs as Local System.
MS05-020: Cumulative Security Update for Internet Explorer (890923)
Remotely exploitable.
All three problems fixed would require a user to browse a malicious website or click on a link... but then there is a HIGH probability that THAT will happen. Again proof of concept exploit code has been released for this flaw.
