There are three levels of updates released by Microsoft. Hotfixes are updates that fix a single issue or a few closely related issues. Service Packs (SP) are major updates of the operating system, which include all the hotfixes released since the last service pack. Rollup Packages are a collection of security hotfixes released since the last service pack. Rollup packages are used to ease the process of bringing a computer up to date in between the release of service packs.

Update Name	Description	Fix	Bulletin
Windows NT 4.0 Post SP-6a Security Rollup Pack	Bundle of security hotfixes released since Windows NT 4.0 Service Pack 6a.	NT: Q299444
Windows 2000 Post SP 2 Security Rollup Pack	Bundle of security hotfixes released since Windows 2000 Service Pack 2.	2000: Q311401 or SP3 or SP4
Relative Shell Path	Fixes a problem in which an attacker could cause an alternate Explorer.exe program to run when another user logs in, resulting in arbitrary code execution. (CVE 2000-0663)	NT: Q269049 or Q299444 2000: Q269049 or SP2 or SP3 or SP4 XP: Not Affected	00-052
RPC Denial of Service	Fixes vulnerabilities in various Windows RPC services which could allow an attacker to cause a denial of service. (CVE 2001-0509)	NT: Q299444 2000: Q298012 or Q311401 or SP3 or SP4 XP: Not Affected	01-041
Unchecked Buffer in UPnP Hotfix	Fixes two vulnerabilities: (1) a buffer overflow which would allow an attacker to take complete control over the computer; and (2) a denial-of-service vulnerability. (CVE 2001-0876, CVE 2001-0877)	NT: Not Affected 2000: Not Affected XP: Q315000 or SP1 or SP2	01-059
Java Applet Redirect Hotfix	Fixes two vulnerabilities in Microsoft Virtual Machine. (CVE 2002-0058 CVE 2002-0076)	NT: Q300845 or 810030 2000: Q300845 or 810030 or SP3 or SP4 XP: Q300845 or 810030 or SP1 or SP2	02-013
Windows Shell Unchecked Buffer Hotfix	Fixes a buffer overflow condition in the Windows shell that could allow a local attacker to execute arbitrary code at the user's privilege level. (CVE 2002-0070)	NT: Q313829 2000: Q313829 or SP3 or SP4 XP: Not Affected	02-014
Multiple UNC Provider Hotfix	Fixes a vulnerability in Windows' Multiple Uniform Naming Convention Provider which could allow an attacker to gain Local System privileges. (CVE 2002-0151)	NT: Q311967 2000: Q311967 or SP3 or SP4 XP: Q311967 (XP 32 bit) or Q311967 (XP 32 bit embedded) or Q311967 (XP 64 bit) or SP1 or SP2	02-017
Windows debugger authentication Hotfix	Fixes an authentication flaw in the Windows debugger which could allow a local user to execute commands with the privileges of the operating system. (CVE 2002-0367)	NT: Q320206 2000: Q320206 or SP3 or SP4 XP: Not Affected	02-024
Remote Access Service Phonebook Hotfix	Eliminates an unchecked buffer vulnerability which could allow an unprivileged user to gain complete control over the machine hosting the RAS Phonebook. (CVE 2002-0366)	NT: Q318138 2000: Q318138 or SP3 or SP4 XP: Q318138 or SP1 or SP2	02-029
Network Connection Manager Hotfix	Fixes a vulnerability in the Network Connection Manager which could allow a local attacker to gain Local System privileges. (CVE 2002-0720)	NT: Not Affected 2000: Q326886 or SP4 XP: Not Affected	02-042
Unchecked Buffer in Network Share Provider Hotfix	Eliminates an unchecked buffer associated with the Server Message Block (SMB) protocol that could lead to Denial of Service (DoS). (CVE 2002-0724)	NT: Q326830 2000: Q326830 or SP4 XP: Q326830 or SP1 or SP2	02-045
Certificate Validation Flaw Hotfix	Eliminates a security vulnerability (associated with the validation of digital certificate chains) that could permit identity spoofing. (CVE 2002-0862)	NT: Q329115 2000: Q329115 or SP4 XP: Q329115 or SP2	02-050
VM JDBC Classes Hotfix	Eliminates three vulnerabilities in Microsoft Virtual Machine's Java Database Connectivity classes which could allow code execution from a malicious web site or e-mail message. (CVE 2002-0865 CVE 2002-0866 CVE 2002-0867)	NT: Q329077 or 810030 2000: Q329077 or 810030 or SP4 XP: Q329077 or 810030 or SP2	02-052
Help Facility Hotfix	Fixes two vulnerabilities in the Windows Help Facility, one in the ActiveX Control (CVE 2002-0693) and another in the processing of .chm files (CVE 2002-0694), which could allow code execution from a remote web site or mail message.	NT: Q323255 2000: Q323255 XP: Q323255 (XP 32 bit) or Q323255 (XP 32 Embedded w/ SP1 or Q323255 (XP 64) or SP2	02-055
VM COM object access Hotfix	Fixes eight vulnerabilities in Microsoft Virtual Machine, including a vulnerability which could allow a Java applet to access COM objects. (CVE 2002-1257 CVE 2002-1258 CVE 2002-1260 CVE 2002-1262 CVE 2002-1286 CVE 2002-1292 CVE 2002-1295)	NT: 810030 2000: 810030 or SP4 XP: 810030 or SP2	02-069
Windows XP shell buffer overflow Hotfix	Fixes a buffer overflow in the Windows XP shell which could allow an attacker to run commands via a .MP3 or .WMA file with corrupt custom attributes. (CVE 2002-1327)	NT: not affected 2000: not affected XP: 32-bit: Q329390 or SP2     64-bit: Q329390 or SP2	02-072 CA-2002-37
VM ByteCode Verifier Hotfix	Fixes the ByteCode Verifier to check for illegal commands when loading Java applets, thus preventing attacks from remote web pages and e-mail messages. (CVE 2003-0111)	NT: 816093 2000: 816093 or SP4 XP: 816093 or SP2	03-011
Kernel Debugger Hotfix	Fixes a flaw in the way the kernel passes error messages to the debugger which could allow a local attacker to gain system privileges. (CVE 2003-0112)	NT: 811493 2000: 811493 or SP4 XP: 32-bit: 811493 or SP2 64-bit: 811493 or SP2	03-013
Windows Media Player skins filename decoding Hotfix	Fixes a problem which could allow a web site or e-mail message to save .wmz files to arbitrary directories, leading to command execution. (CVE 2003-0228)	Media Player 7.1: 817787 Media Player 8.0: 817787	03-017
ntdll.dll Hotfix	Fixes a buffer overflow in a core operating system component which can be exploited through many possible attack vectors, including IIS with WebDAV. (CVE 2003-0109)	NT: 815021 2000: 815021 or SP4 XP: 32-bit: 815021 or SP2 64-bit: 815021 or SP2	03-007
NetMeeting directory traversal fix	Fixes a directory traversal vulnerability allowing an attacker to write files anywhere on the disk, leading to code execution. (CVE 2003-0505 CVE 2003-0506)	NT: not affected 2000: SP4 XP: SP1 or SP2 2003: not affected	Bugtraq ID 7931
ShellExecute API fix	Fixes a buffer overflow in the ShellExecute API function which could be exploitable through any application which uses the function. (CVE 2003-0503)	NT: not affected 2000: SP4 XP: not affected 2003: not affected	SNS-65
HTML Converter fix	Fixes a buffer overflow in the HTML file conversion feature which could allow an attacker to run commands via a malicious web page or HTML e-mail message. (CVE 2003-0469)	NT: 823559 2000: 823559 or SP4 Update Rollup 1 XP: 32-bit: 823559 or SP2 64-bit: 823559 or SP2 2003: 32-bit: 823559 or SP1 64-bit: 823559 or SP1	03-023 CA-2003-14
RPC buffer overflow fix	Fixes a buffer overflow in the DCOM interface to RPC which could allow a remote attacker to execute arbitrary commands. (CVE 2003-0352)	NT: 823980 2000: 823980 or SP4 Update Rollup 1 XP: 32-bit: 823980 or SP2 64-bit: 823980 or SP2 2003: 32-bit: 823980 or SP1 64-bit: 823980 or SP1	03-026 CA-2003-16
DirectX buffer overflow fix	Fixes a vulnerability in the Windows DirectX component which could allow an attacker to run commands via a malformed MIDI file. Note: If you have installed DirectX 9.0b or higher you are not vulnerable. (CVE 2003-0346)	NT: 819696 2000: 819696 or SP4 Update Rollup 1 or DirectX 9.0b or later XP: 32-bit: 819696 or SP2 or DirectX 9.0b or later 64-bit: 819696 or SP2 or DirectX 9.0b or later 2003: 32-bit: 819696 or DirectX 9.0b or later or SP1 64-bit: 819696 or DirectX 9.0b or later or SP1	03-030 CA-2003-18
ActiveX Controls	Even if a vulnerable control is locally patched or removed, a website can still instruct a client to download and install the vulnerable control and then exploit the hole. Example: mciwndx.ocx.	Set the kill bit for the vulnerable CLSID to keep IE from downloading the vulnerable control again.	Full Disclosure
RPCSS Buffer Overflow	Fixes multiple buffer overflow vulnerabilities in the RPCSS DCOM activation code that could enable an attacker to run arbitrary code on a user's system. (CVE 2003-0715 CVE 2003-0528 CVE 2003-0605 )	NT: Workstation: 824146 NT: Server: 824146 2000: 824146 or SP4 Update Rollup 1 XP: 32-bit: 824146 or SP2 64-bit: 824146 or SP2 64-bit Version 2003: 824146 or SP2 2003: 32-bit: 824146 or SP1 64-bit: 824146 or SP1	03-039 CA-2003-23
Windows Media Player URL script execution	Adds protection against execution of unauthorized scripts embedded in audio or video streams. (CVE 2003-1107)	NT: 828026 2000: 828026 XP: 828026 or SP2 2003: 828026	828026
Authenticode verification vulnerability	Fixes a vulnerability which could allow an attacker to install and run an untrusted ActiveX control, either via a malicious web page or an HTML e-mail. (CVE 2003-0660)	NT: 823182 2000: 823182 or SP4 Update Rollup 1 XP: 823182 or SP2 2003: 823182 or SP1	03-041 CA-2003-27
NetBIOS Name Service information disclosure	Fixes an Information Disclosure vulnerability which could allow an attacker to receive random data from the target system's memory. (CVE 2003-0661)	NT: 824105 2000: 824105 XP: 824105 2003: 824105	03-034
Troubleshooter ActiveX control vulnerability	Fixes a vulnerability in the Windows troubleshooter application which could allow an attacker to execute commands via a malicious web page or HTML e-mail. (CVE 2003-0662)	NT: 826232 2000: 826232 or SP4 Update Rollup 1 XP: 826232 or SP2 2003: 826232 or SP1	03-042 CA-2003-27
Windows messenger service buffer overflow	Fixes a vulnerability which could allow a remote attacker to execute arbitrary commands with Local System privileges. (CVE 2003-0717)	NT: 828035 2000: 828035 or SP4 Update Rollup 1 XP: 828035 or SP2 2003: 828035 or SP1	03-043 CA-2003-27
Workstation Service Elevation of Privilege	Fixes an overflow vulnerability which could allow remote command execution when the client receives a specially crafted RPC message. (CVE 2009-1544)	971657	09-041
Windows workstation service buffer overflow	Fixes a vulnerability which could allow a remote attacker to execute arbitrary commands with Local System privileges. (CVE 2003-0812)	NT: not affected 2000: 828749 or SP4 Update Rollup 1 XP: 32-bit/64-bit: 828749 or SP2 64-Bit Version 2003: not affected 2003: not affected	03-049 CA-2003-28
Windows Help and Support Center buffer overflow	Fixes a vulnerability in the code which handles the HCP protocol which could allow an attacker to execute commands with System privileges via a malicious web page. (CVE 2003-0711)	NT: 825119 2000: 825119 or SP4 Update Rollup 1 XP: 825119 or SP2 2003: 825119 or SP1	03-044 CA-2003-27
Windows ListBox and ComboBox buffer overflow	Fixes a vulnerability in Windows controls which could allow a local user to gain elevated privileges. (CVE 2003-0659)	NT: 824141 2000: 824141 or SP4 Update Rollup 1 XP: 824141 or SP2 2003: 824141 or SP1	03-045 CA-2003-27
Microsoft Data Access Components patch needed	Fixes a vulnerability in MDAC which could allow remote code execution. (CVE 2003-0353 CVE 2003-0903)	NT/2000: 832483 XP: 832483 or SP2 2003: 832483 or SP1	04-003
ASN.1 buffer overflow	Fixes a vulnerability in ASN.1 which could allow remote code execution. (CVE 2003-0818)	NT: 828028 2000: 828028 or SP4 Update Rollup 1 XP: 828028 or SP2 2003: 828028 or SP1	04-007
Multiple vulnerabilities (MS04-011)	Fixes 14 vulnerabilities announced in Microsoft bulletin MS04-011, the most critical of which could allow remote code execution. (CVE 2003-0533 CVE 2003-0663 CVE 2003-0719 CVE 2003-0806 CVE 2003-0906 CVE 2003-0907 CVE 2003-0908 CVE 2003-0909 CVE 2003-0910 CVE 2004-0117 CVE 2004-0118 CVE 2004-0119 CVE 2004-0120 CVE 2004-0123)	NT: 835732 2000: 835732 or SP4 Update Rollup 1 XP: 835732 or SP2 2003: 835732 or SP1	04-011 TA04-104A
RPC runtime library vulnerability	Fixes a race condition which could allow an attacker to take control of a system, and fixes three other RPC vulnerabilities. (CVE 2003-0807 CVE 2003-0813 CVE 2004-0116 CVE 2004-0124)	NT: 828741 2000: 828741 or SP4 Update Rollup 1 XP: 828741 or SP2 2003: 828741 or SP1	04-012 TA04-104A
Jet Database Engine buffer overflow	Fixes a vulnerability which could allow an attacker to take control of a computer by sending a specially crafted database query to an application using Jet. (CVE 2004-0197)	NT: 837001 2000: 837001 or SP4 Update Rollup 1 XP: 837001 or SP2 2003: 837001 or SP1	04-014 TA04-104A
HCP URL validation vulnerability	Fixes a vulnerability in the Help and Support Center which could allow an attacker to control a computer via a malicious web page or HTML e-mail message. (CVE 2004-0199)	NT/2000: not affected XP: 840374 or SP2 2003: 840374 or SP1	04-015
Task Scheduler buffer overflow	Fixes a vulnerability which could allow an attacker to execute commands via a malicious web page or a specially crafted .job file. (CVE 2004-0212)	NT: (with IE6) 841873 NT: (without IE6) not affected 2000: 841873 or SP4 Update Rollup 1 XP: 841873 or SP2 XP: (64-bit) 841873 or SP2	04-022
HTML Help and showHelp vulnerability	Fixes vulnerabilities in HTML Help and showHelp which could allow code execution via a malicious web page or e-mail message. (CVE 2003-1041 CVE 2004-0201)	NT: 840315 2000: 840315 or SP4 Update Rollup 1 XP: 840315 or SP2 2003: 840315 or SP1	04-023
Windows Shell API CLSID vulnerability	Fixes a vulnerability which could allow an attacker to send a class identifier which could persuade a user to run malicious code. (CVE 2004-0420)	NT: 839645 2000: 839645 or SP4 Update Rollup 1 XP: 839645 or SP2 2003: 839645 or SP1	04-024
Utility Manager privilege elevation	Fixes a vulnerability which could allow any logged-on user to force Utility Manager to start an application with system privileges. (CVE 2004-0213)	NT: not affected 2000: 842526 or SP4 Update Rollup 1 XP: not affected 2003: not affected	04-019
POSIX subsystem buffer overflow	Fixes a buffer overflow which could allow a locally logged-on user to take full control of the computer. (CVE 2004-0210)	NT: 841872 NT: (server) 841872 2000: 841872 or SP4 Update Rollup 1 XP: not affected 2003: not affected	04-020
GDI+ component JPEG buffer overflow	Fixes a buffer overflow in the Graphics Device Interface which could allow code execution when an application opens a malformed image. (CVE 2004-0200)	XP: 833987 2003: 833987 or SP1 Other: See list of affected products in MS04-028	04-028 TA04-260A
application start vulnerability in Windows shell	Fixes a buffer overflow which could allow an attacker to execute commands when the shell starts an application. (CVE 2004-0214 CVE 2004-0572)	841356	04-037
Compressed folder buffer overflow	Fixes a buffer overflow in the processing of compressed files which could allow code execution via a malicious web page or e-mail message. (CVE 2004-0575)	NT: not affected 2000: not affected XP: 873376 (64-bit): 873376 2003: 873376 or SP1 (64-bit): 873376 or SP1	04-034
Metafile rendering buffer overflow	Fixes four vulnerabilities, the most critical of which could allow code execution via a malformed WMF or EMF image. (CVE 2004-0207 CVE 2004-0208 CVE 2004-0209 CVE 2004-0211)	840987	04-032
Windows NT RPC runtime library denial of service	Fixes a buffer overflow which allows a remote attacker to crash the system or read portions of active memory. (CVE 2004-0569)	NT: 873350 2000: not affected XP: not affected 2003: not affected	04-029
Kernel and LSASS privilege elevation	Fixes vulnerabilities in kernel's launching of applications and LSASS validation of identity tokens which could allow a normal user to gain administrative access. (CVE 2004-0893 CVE 2004-0894)	NT: 885835 2000: 885835 or SP4 Update Rollup 1 XP: 885835 2003: 885835 or SP1	04-044
WordPad Word-for-Windows Converter buffer overflow	Fixes buffer overflows in table conversion and font conversion which could allow command execution when a malformed document is opened in WordPad. (CVE 2004-0571 CVE 2004-0901)	NT: 885836 2000: 885836 or SP4 Update Rollup 1 XP: 885836 2003: 885836 or SP1	04-041
Windows HyperTerminal buffer overflow	Fixes a vulnerability which could allow code execution when a user opens a malicious .ht file or possibly a Telnet URL. (CVE 2004-0568)	NT: 873339 2000: 873339 or SP4 Update Rollup 1 XP: 873339 2003: 873339 or SP1	04-043
HTML Help cross-domain vulnerability	Fixes a vulnerability which could allow command execution in the Local Machine security zone when a user follows a specially crafted link. (CVE 2004-1043)	NT: 890175 2000: 890175 or SP4 Update Rollup 1 XP: 890175 2003: 890175 or SP1	05-001 TA05-012B Bugtraq
Cursor and Icon vulnerabilities	Fixes vulnerabilities allowing command execution or a system crash when a user opens a malformed cursor or icon file. (CVE 2004-1049 CVE 2004-1305)	NT: 891711 2000: 891711 or SP4 Update Rollup 1 XP: 891711 or SP2 2003: 891711 or SP1	05-002 TA05-012A
Indexing service buffer overflow	Fixes a command execution vulnerability exploitable by an authenticated user, or by a web user if IIS allows access to indexing. (CVE 2004-0897)	2000: 871250 or SP4 Update Rollup 1 XP: 871250 or SP2 2003: 871250 or SP1	05-003
DHTML Editing Component vulnerability	Fixes a cross-domain vulnerability allowing information disclosure or command execution when a user visits a malicious web page. (CVE 2004-1319)	2000: 891781 or SP4 Update Rollup 1 XP: 891781 2003: 891781 or SP1	05-013
Hyperlink Object Library buffer overflow	Fixes a buffer overflow which could allow command execution when a user clicks on a specially crafted hyperlink. (CVE 2005-0057)	2000: 888113 or SP4 Update Rollup 1 XP: 888113 2003: 888113 or SP1	05-015
OLE and COM vulnerabilities	Fixes two vulnerabilities, the more critical of which could allow command execution by a malicious document. (CVE 2005-0044 CVE 2005-0047)	2000: 873333 or SP4 Update Rollup 1 XP: 873333 2003: 873333 or SP1	05-012
PNG Image Processing Vulnerability	Fixes a vulnerability which could allow command execution when Windows Media Player or Windows Messenger opens a malformed image. (CVE 2004-0597 CVE 2004-1244)	Media Player 9: 885492 Windows Messenger: 5.1	05-009
Named Pipe Information Disclosure	Prevents attackers from reading the names of users who are connected to shared resources. (CVE 2005-0051)	2000: Not affected XP: 888302 or disable Computer Browser service 2003: Not affected	05-007
Windows Shell Drag-and-Drop Vulnerability	Fixes a vulnerability which could allow writing of arbitrary files when a user takes certain actions on a malicious web page. (CVE 2005-0053)	2000: 890047 or SP4 Update Rollup 1 XP: 890047 2003: 890047 or SP1	05-008
SMB Transaction response buffer overflow	Fixes command execution vulnerability in processing of responses to Transaction commands by the SMB client driver. (CVE 2005-0045)	2000: 885250 or SP4 Update Rollup 1 XP: 885250 2003: 885250 or SP1	05-011
Windows XP Unprivileged Remote Shutdown	Fixes Windows XP SP1 Remote Desktop to observe the Force shutdown from a remote system user right when running TSShutdn.exe. (CVE 2005-0904)	2000: Not affected XP: SP2 or 889323 2003: Not affected	889323
Windows TCP/IP Vulnerabilities	Fixes vulnerabilities which could allow a remote attacker to cause a denial of service, or possibly execute commands. (CVE 2004-0230 CVE 2004-0790 CVE 2004-1060 CVE 2005-0048 CVE 2005-0688)	2000: 893066 or SP4 Update Rollup 1 XP: 893066 2003: 893066 or SP1	05-019
HTML Application Host vulnerability in Windows shell	Fixes a vulnerability which could allow an e-mail attachment of an unregistered type to execute code using HTML Application Host. (CVE 2005-0063)	2000: 893086 or SP4 Update Rollup 1 XP: 893086 2003: 893086 or SP1	05-016
Windows kernel access request buffer overflow	Fixes vulnerabilities in the Windows kernel which could allow privilege elevation or denial of service. (CVE 2005-0060 CVE 2005-0061 CVE 2005-0550 CVE 2005-0551)	2000: 890859 or SP4 Update Rollup 1 XP: 890859 2003: 890859 or SP1	05-018
Message Queuing vulnerability	Fixes a buffer overflow in Message Queuing which could allow remote command execution. (Sites using only HTTP Message Delivery are not affected.) (CVE 2005-0059)	2000: 892944 or SP4 Update Rollup 1 XP: 892944 or SP2 2003: not affected	05-017
Jet Database Engine input validation	Fixes vulnerabilities which could allow command execution by a malformed database file. (CVE 2005-0944)	2000: 950749 XP: 950749 2003 SP1: 950749	08-028 VU#936529 Full Disclosure
Windows Explorer Web View	Fixes vulnerability which could allow a malicious file to execute commands when previewed in Windows Explorer's Web View. (CVE 2005-1191)	2000: 894320 XP: Not affected 2003: Not affected	05-024 Bugtraq
HTML Help integer overflow	Fixes an integer overflow in HTML Help which could allow command execution. (CVE 2005-1208)	2000: 896358 XP: 896358 2003: 896358 or SP2	05-026 VulnWatch
Interactive Training bookmark file buffer overflow	Fixes a vulnerability which allows command execution when a user opens a .cbo file with a long User field. (CVE 2005-1212)	898458	05-031 iDEFENSE
Microsoft Agent spoofing vulnerability	Prevents spoofing of trusted Internet content using a Microsoft Agent character which disguises security prompts. (CVE 2005-1214)	2000: 890046 XP: 890046 2003: 890046 or SP2	05-032
SMB input validation vulnerability	Fixes a vulnerability which could allow remote code execution. (CVE 2005-1206)	2000: 896422 XP: 896422 2003: 896422 or SP2	05-027
Telnet client session variable disclosure	Fixes a vulnerability which could reveal telnet session variables to an attacker when a user clicks on a malformed telnet URL. (CVE 2005-1205)	XP: 896428 2003: 896428 or SP2 Services for UNIX 3.5: 896428 Services for UNIX 3.0: 896428 Services for UNIX 2.2: 896428	05-033
Microsoft Color Management Module buffer overflow	Fixes a vulnerability in ICC profile format tag validation which could allow command execution when a user views a malformed image. (CVE 2005-1219)	2000: 901214 XP: 901214 2003: 901214 or SP2	05-036
Windows 2000 SP4 Update Rollup 1	Update Rollup 1 for Windows 2000 SP4 fixes multiple potential problems. (CVE 2005-3168 CVE 2005-3169 CVE 2005-3170 CVE 2005-3171 CVE 2005-3172 CVE 2005-3173 CVE 2005-3174 CVE 2005-3175 CVE 2005-3176 CVE 2005-3177)	2000: SP4 Update Rollup 1	SP4 Update Rollup 1
DirectShow Buffer Overflow	Fixes a vulnerability in DirectX which could allow command execution by a specially crafted .avi file. (CVE 2005-2128)	2000: 904706 XP: 904706 2003: 904706 or SP2	05-050
Windows COM+ command execution vulnerability	Fixes vulnerabilities which could allow remote command execution on Windows 2000 and XP SP1, or privilege elevation on Windows XP SP2 and 2003. (CVE 2005-1978 CVE 2005-1979 CVE 2005-1980 CVE 2005-2119)	2000: 902400 XP: 902400 2003: 902400 or SP2	05-051
Windows Shortcut File command execution	Fixes three Windows shell vulnerabilities, the most critical of which could allow command execution when a .lnk file is opened. (CVE 2005-2117 CVE 2005-2118 CVE 2005-2122)	2000: 900725 XP: 900725 2003: 900725 or SP2	05-049
Collaboration Data Object vulnerability	Fixes a vulnerability in Collaboration Data Objects which could allow an attacker to perform remote code execution. (CVE 2005-1987)	2000: 901017 XP: 901017 2003: 901017 or SP2	05-048
Client Service for NetWare vulnerability	Fixes a vulnerability in Client Service for NetWare which could allow an attacker to perform remote code execution. (CVE 2005-1985)	2000: 899589 XP: 899589 2003: 899589	05-046
FTP Client vulnerability	Fixes a vulnerability in Windows FTP Client that could allow tampering in File Transfer location. (CVE 2005-2126)	2000: 905495 XP: 905495 2003: 905495	05-044
Network Connection Manager vulnerability	Fixes a vulnerability in Network Connection Manager that could allow Denial of Service. (CVE 2005-2307)	2000: 905414 XP: 905414 2003: 905414 or SP2	05-045
Windows EMF/WMF image file vulnerability	Fixes a vulnerability in the graphics engine processing of EMF/WMF image files that could allow an attacker to take control of a host. (CVE 2005-0803 CVE 2005-2123 CVE 2005-2124)	2000: 896424 XP: 896424 2003: 896424 or SP2	05-053
Windows Kernel privilege elevation vulnerability	Fixes a vulnerability in the Windows 2000 Kernel that allows an attacker who has successfully logged into the system to take control of a host. (CVE 2005-2827)	2000: 908523	05-055
Windows WMF gdi32.dll vulnerability	Fixes a remote code execution vulnerability which exists in the Graphics Rendering Engine because of the way that it handles Windows Metafile (WMF) images. An attacker could exploit the vulnerability to take complete control of the affected system by constructing a specially crafted WMF image which is read by a user on the system. (CVE 2005-4560)	2000: 912919 XP: 912919 2003: 912919 or SP2	06-001
Windows web fonts vulnerability	Fixes a vulnerability in embedded web fonts that could allow remote code execution. An attacker could exploit the vulnerability by having a user access a web page with the malformed web fonts in it. This would allow the attacker to execute commands with the authority of the user. (CVE 2006-0010)	2000: 908519 XP: 908519 2003: 908519 or SP2	06-002
Windows Media Player bmp buffer overflow	Fixes a command execution vulnerability in bmp image parsing. (CVE 2006-0006)	911565	06-005
Windows Media Player plug-in EMBED vulnerability	Fixes a buffer overflow which could allow command execution when a user plays media files through non-Microsoft browsers. (CVE 2006-0005)	911564	06-006
Windows IGMP v3 DoS vulnerability	Fixes a denial-of-service vulnerability that would allow an attacker to send a specially crafted IGMP packet to an affected system causing the affected system to stop responding. (CVE 2006-0021)	2000: not affected XP: 913446 2003: 913446 or SP2	06-007
WebClient buffer overflow	Fixes a buffer overflow which could allow a remote authenticated user to gain administrative privileges. (CVE 2005-1207 CVE 2006-0013)	2000: not affected XP: 911927 2003: 911927 or SP2 or disable WebClient service	05-028 06-008
Korean IME privilege elevation vulnerability	Fixes a privilege elevation vulnerability which could allow an attacker who has interactively logged onto the system to take full control of the system. (CVE 2006-0008)	2000: not affected XP: 901190 2003: 901190	06-009
Windows DACL privilege elevation vulnerability	Fixes a privilege elevation vulnerability allowing full control of the system by any user on Windows XP or by a user in the network configuration operators group on Windows Server 2003. (CVE 2006-0023)	2000: not affected XP: 914798 or SP2 2003: 914798 or SP1	06-011
Windows Help File Image Processing Heap Buffer Overflow	Windows 2000, XP, and 2003 are affected by a heap overflow issue when handling a specially crafted Windows Help (.hlp) file containing a malicious image. (CVE 2006-1591)		Bugtraq ID 17325
Microsoft Data Access Component vulnerability	A remote code execution vulnerability exists in the RDS.Dataspace ActiveX control in ADO distributed in MDAC. Opening a file provided by an attacker (Mail or Website) allows an attacker to execute code with the rights of that user. (CVE 2006-0003)	2000: 911562 XP: 911562 2003: 911562 or SP2	06-014
Windows Explorer COM object command execution	Fixes a vulnerability which could allow command execution by a web site which forces a connection to a remote file server. (CVE 2004-2289 CVE 2006-0012)	2000: 908531 XP: 908531 2003: 908531 or SP2	06-015
Distributed Transaction Coordinator Denial of Service	Fixes two vulnerabilities that an attacker could use to cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. (CVE 2006-0034 CVE 2006-1184)	2000: 913580 XP: 913580 2003: 913580	06-018
ART Rendering Buffer Overflow	Fixes a vulnerability which allows code execution when a user views a malformed ART image. (CVE 2006-2378)	XP SP1/IE6: 918439 XP SP2: 918439 2003: 918439 or SP2 IE 5.01: 918439	06-022
Routing and Remote Access Service remote code execution	Fixes a vulnerability that allows for remote code execution when the RASMAN service is active (CVE 2006-2370 CVE 2006-2371)	2000: 911280 XP: 911280 2003: 911280 or SP2	06-025
Windows Media Player PNG buffer overflow	Fixes a vulnerability in Windows Media Player which could allow command execution when a user opens a malformed media file. (CVE 2006-0025)	917734	06-024
Windows SMB invalid handle denial of service	Fixes two vulnerabilities, one that would allow for a denial of service and the other which would allow privilege elevation. (CVE 2006-2373 CVE 2006-2374)	2000: 914389 XP: 914389 2003: 914389 or SP2	06-030
Windows TCP/IP remote code execution vulnerability	Fixes vulnerability in Windows TCP/IP IP Source Routing code which allows for remote code execution. (CVE 2006-2379)	2000: 917953 XP: 917953 2003: 917953 or SP2	06-032
Windows RPC Mutual Authentication spoofing	Fixes vulnerability in Windows RPC for Windows 2000 that allows for spoofing of RPC authentication. (CVE 2006-2380)	2000: 917736	06-031
Windows Mailslot Heap Overflow	Fixes a heap overflow in Mailslot allowing remote command execution, and an SMB information disclosure vulnerability. (CVE 2006-1314 CVE 2006-1315)	2000: 917159 XP: 917159 2003: 917159 or SP2	06-035
DHCP Client Buffer Overflow	Fixes a vulnerability which could allow command execution by an attacker-controlled DHCP server on the local subnet. (CVE 2006-2372)	2000: 914388 XP: 914388 2003: 914388 or SP2	06-036
Server Service Buffer Overrun	Fixes a vulnerability which could allow command execution on a buffer overrun on the Server Service (CVE 2006-3439)	2000: 921883 XP: 921883 2003: 921883 or SP2	06-040
DNS Resolution Remote Code Execution	Fixes vulnerabilities in the Winsock Hostname functionality and a DNS Resolution Client Buffer Overrun. (CVE 2006-3440 CVE 2006-3441)	2000: 920683 XP: 920683 2003: 920683 or SP2	06-041
Windows MMC redirect cross-site scripting vulnerability	Fixes vulnerabilities which allow for Remote Code Execution in the Microsoft Management Console on the load of malformed files. (CVE 2006-3643)	2000: 917008	06-044
Windows Explorer Folder GUID Code Execution vulnerability	Fixes a remote code execution vulnerability which exists in Windows Explorer dealing with Drag and Drop events. (CVE 2006-3281)	2000: 921398 XP: 921398 2003: 921398 or SP2	06-045
HTML Help ActiveX Control string buffer overflow	Fixes an overflow in a string buffer which could allow command execution by a malicious web site or e-mail. (CVE 2006-3357)	2000: 922616 XP: 922616 2003: 922616 or SP2	06-046
Windows Kernel privilege elevation vulnerability	Fixes a vulnerability that allows an attacker who has successfully logged into the system to take control of a host. Note: Different than MS05-055. (CVE 2006-3444)	2000: 920958	06-049
Hyperlink Object Library function vulnerability and buffer overflow	Fixes both a function vulnerability and a buffer overflow, either of which could allow command execution when a user clicks on a specially crafted hyperlink. (CVE 2006-3086 CVE 2006-3438)	2000: 920670 XP: 920670 2003: 920670 or SP2	06-050
Windows unhandled exception vulnerability	Fixes two vulnerabilities, including a bug in handling of chained exceptions allowing command execution when a user visits a malformed web page. (CVE 2006-3443 CVE 2006-3648)	2000: 917422 XP: 917422 2003: 917422 or SP2	06-051
Windows PGM remote code execution	Fixes a vulnerability which allows a malformed Pragmatic General Multicast (PGM) message to cause remote code execution through the MSMQ service. (CVE 2006-3442)	2000: not affected XP: 919007 2003: not affected	06-052
Windows indexing service cross-site scripting	Fixes a vulnerability that allows cross-site scripting leading to information disclosure through the indexing (cisvc) service. (CVE 2006-0032)	2000: 920685 XP: 920685 2003: 920685 or SP2	06-053
Windows Explorer setslice remote code execution	Fixes a remote code execution vulnerability which exists in Windows Explorer WebViewFolderIcon ActiveX setslice function. A crafted website or email message could cause remote code execution. (CVE 2006-3730)	2000: 923191 XP: 923191 2003: 923191 or SP2	06-057
Microsoft XML Core Services remote code execution	Fixes two vulnerabilities in the XML Core services, a remote code execution and an information disclosure. (CVE 2006-4685 CVE 2006-4686)	924191	06-061
Windows SMB Remote Code Execution	Fixes a vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on a server that is sharing files or folders. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. (CVE 2008-4038) Also fixes other two vulnerabilities. A null pointer dereference in srv.sys allows an attacker to remotely crash the system. A validated attacker can execute code as administrator. (CVE 2006-3942 CVE 2006-4696)	2000: 957095 XP: 957095 2003: 957095 Vista: 957095 2008: 957095	08-063 06-063
Windows TCP/IP IPv6 denial of service	Fixes vulnerabilities which allow for denial of service when IPv6 is used. (CVE 2004-0230, CVE 2004-0790, CVE 2005-0688, CVE 2005-1649)	XP: 922819 2003: 922819 or SP2	06-064
Windows Object Packer dialogue spoofing vulnerability	Fixes a vulnerability which could allow a file to execute commands by creating a misleading dialogue box. (CVE 2006-4692)	XP: 924496 2003: 924496 or SP2	06-065
Microsoft Windows NAT Helper DNS Query Denial of Service	DoS vulnerability in Windows NAT Helper caused by improper processing of crafted DNS queries. (CVE 2006-5614)		Bugtraq ID 20804
Client Service for NetWare buffer overflow and driver denial of service	Vulnerabilities allowing remote attacker to execute arbitrary commands or crash the system. (Requires valid login on 2003.) (CVE 2006-4688 CVE 2006-4689)	2000: 923980 XP: 923980 2003: 923980	06-066
Microsoft Agent ACF memory corruption	Microsoft Agent vulnerability causing remote code execution through read of crafted .ACF files read in web page. (CVE 2006-3445)	2000: 920213 XP: 920213 2003: 920213	06-068
Windows Workstation service remote code execution	A remote code execution vulnerability in Workstation service allows complete control of the affected system. (Note, administrator privileges are required for XP) CVE 2006-4691)	2000: 924270 XP: 924270 2003: Not affected	06-070
Microsoft XMLHTTP setRequestHeader code execution	XMLHTTP 4.0 and 6.0 ActiveX Control vulnerability in setRequestHeader allows remote code execution from read of crafted webpage. (CVE 2006-5745)	MSXML 4.0: 927978 MSXML 6.0: 927977	06-071
Client Server Run-Time Subsystem file manifest vulnerability	Fixes a vulnerability allowing local authenticated users to gain elevated privileges due to improper handling of file manifests. (CVE 2006-5585)	XP: 926255 2003: 926255	06-075
Windows Media Format ASX Parsing Buffer Overflow	Fixes vulnerabilities in Windows Media Format which could allow command execution when parsing ASF and ASX files. (CVE 2006-4702 CVE 2006-6134)	2000: 923689 or 925398 (WMP 6.4) XP: 923689 or 925398 (WMP 6.4) 2003: 923689 or 925398 (WMP 6.4)	06-078
Microsoft Windows Workstation Service NetrWkstaUserEnum denial of service	Vulnerability in the Workstation Service that allows for a temporary denial of service due to memory allocation. (CVE 2006-6723)	Not currently fixed	Secunia Advisory SA23487
HTML Help ActiveX Control remote code execution	Fixes an overflow which could allow command execution by a malicious web site or e-mail. (CVE 2007-0214)	2000: 928843 XP: 928843 2003: 928843	07-008
Interactive Training bookmark file remote code execution	Fixes a vulnerability which allows command execution when a user opens a bookmark file. (CVE 2006-3448)	923723	07-005
Windows Shell Privilege Elevation	Fixes a privilege elevation vulnerability when Shell Hardware Detection service is enabled. (CVE 2007-0211)	XP: 928843 2003: 928843	07-006
Windows Image Acquisition Privilege Elevation	Fixes a privilege elevation vulnerability when the Windows Image Acquisition (WIA) service (stisvc) is enabled. (CVE 2007-0210)	XP: 927802	07-007
RTF OLE dialog memory corruption	Fixes a memory corruption of OLE objects within RTF files. (CVE 2007-0026)	2000: 926436 XP: 926436 2003: 926436	07-011
RTF MFC component memory corruption	Fixes a memory corruption of MFC components within RTF files. (CVE 2007-0025)	2000: 924667 XP: 924667 2003: 924667	07-012
RTF RichEdit component memory corruption	Fixes a memory corruption of RichEdit components within RTF files. (CVE 2006-1311)	2000: 918118 XP: 918118 2003: 918118	07-013
Microsoft Malware Protection Engine PDF integer overflow	Fixes an integer overflow which can occur when the Malware Protection Engine processes PDF files. (CVE 2006-5270)	Automatic update from Microsoft Update, Windows Live OneCare AutoUpdate, or Forefront Server security update service	07-010
Multiple GDI vulnerabilities fixed by MS07-017	Multiple vulnerabilities in parts of the Graphic Design Interface including remote code execution. (CVE 2006-5586 CVE 2006-5758 CVE 2007-0038 CVE 2007-1211 CVE 2007-1212 CVE 2007-1213 CVE 2007-1215)	2000: 925902 XP: 925902 2003: 925902 Vista: 925902	07-017
Windows Kernel privilege elevation vulnerability	Fixes a vulnerability that allows an attacker who has successfully logged into the system to take control of a host. Note: Different than MS05-055 and MS06-049. (CVE 2007-1206)	2000: 931784 XP: 931784 2003: 931784	07-022
Windows CSRSS remote code execution	Fixes vulnerabilities in the Windows Client/Server Run-time Subsystem (CSRSS) that include remote code execution. (CVE 2006-6696 CVE 2006-6797 CVE 2007-1209)	2000: 930178 XP: 930178 2003: 930178 Vista: 930178	07-021
Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege	Fixes a vulnerability which could allow elevation of privilege if an attacker logged on to an affected system that is configured with a Chinese, Japanese, or Korean system locale. An attacker who successfully exploited this vulnerability could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE 2010-1891 )	XP: KB2121546 2003: KB2121546	10-069
Microsoft Agent URL parsing vulnerability	Fixes a vulnerability in Microsoft Agent that allows remote code execution when reading a crafted URL (CVE 2007-1205)	2000: 932168 XP: 932168 2003: 932168	07-020
Windows Help File Handling Heap Buffer Overflow	Windows 2000, XP, and 2003 are affected by a heap overflow issue when handling a specially crafted Windows Help (.hlp) file containing a malicious bitmap. (CVE 2007-1912)		Bugtraq ID 23382
CAPICOM.Certificates ActiveX control code execution	Fixes a vulnerability in the Cryptographic API Component Object Model (CAPICOM) allowing code execution by a malicious web page. (CVE 2007-0940)	931906	07-028
Windows DirectX ActiveX control Denial of Service	Internet Explorer Denial of Service in the DirectX Media software for XP. (CVE 2006-4301)		Bugtraq archive 443901
Windows Schannel digital signature parsing vulnerability	Fixes a vulnerability affecting applications which use SSL/TLS allowing code execution on Windows XP and denial of service on Windows 2000 and 2003. (CVE 2007-2218)	2000: 935840 XP: 935840 2003: 935840	07-031
Fixes Vista Permissive User Information Store ACLs Information Disclosure Vulnerability	Fixes a vulnerability allowing non-privileged users to access local user information data stores such as admin passwords contained within the registry and local file system. (CVE 2007-2229)	Vista: 931213	07-032
Win32 API parameter validation vulnerability	Fixes a vulnerability which could allow command execution by a specially crafted web site. (CVE 2007-2219)	2000: 935839 XP: 935839 2003: 935839	07-035
GDI+ component ICO divide by zero	Fixes a divide by zero error in the Graphics Device Interface which could allow denial of service when an application opens a malformed image. Affects Windows 2003. (CVE 2007-2237)	Do not download ICO files from untrusted sources.	VU#290961
Windows Vista Teredo interface firewall bypass	Fixes a flaw which could allow network traffic to bypass firewall rules on the Teredo interface. (CVE 2007-3038)	Vista: 935807	07-038
DirectX RLE Compressed Targa Image File Heap Overflow	Fixes a buffer overflow vulnerability in DirectX libraries which handles compressed Targa (TGA) files. (CVE 2006-4183)	Update to the October 2006 version of DirectX or later.	Secunia Advisory SA26131
Microsoft XML Core Services remote code execution	Fixes a vulnerability in the XML Core services which allowed for remote code execution on processing of a crafted file. (CVE 2007-2223)	3.0: 936021 4.0: 936181 6.0: 933579	07-042
Microsoft XML Core Services vulnerable version	Fixes a vulnerability in Microsoft XML Core Services 3.0 which allows command execution when a user loads a specially crafted HTML page. (CVE 2010-2561)	XP: 2079403 2003: 2079403 Vista: 2079403 2008: 2079403 7: 2079403 2008 R2: 2079403	10-051
Windows OLE Automation remote code execution	Fixes a vulnerability in the OLE automation which allowed for remote code execution on processing of a crafted file. (CVE 2007-2224)	2000: 921503 XP: 921503 2003: 921503	07-043
Windows GDI image handling buffer overflow	Fixes a vulnerability in the Windows graphics device interface allowing command execution when a specially crafted image is rendered. (CVE 2007-3034)	2000: 938829 XP: 938829 2003: 938829	07-046
Windows Media Player Skin parsing and decompression remote code execution	Fixes a vulnerability in Windows Media Player which could allow command execution when a user opens a media file with a malformed skin. (CVE 2007-3035 CVE 2007-3037)	936782	07-047
Windows Gadgets remote code execution vulnerabilities	Fixes vulnerabilities in Windows Gadgets for Headline, Contacts and Weather that allow for remote code execution when accessing remote feeds. (CVE 2007-3032 CVE 2007-3033 CVE 2007-3891)	Vista: 938123	07-048
DirectX DirectTransform FlashPix ActiveX buffer overflow	Fixes a remote code execution vulnerability in the DirectTransform FlashPix ActiveX control as packaged in Microsoft DirectX Media 6.0 SDK. (CVE 2007-4336)	Workaround: Set kill bit for CLSID 201EA564-A6F6-11D1-811D-00C04FB6BD36.	Secunia Advisory SA26426
Microsoft Agent ActiveX remote code execution	Fixes an additional vulnerability in Microsoft Agent that allows remote code execution when reading a crafted URL. (CVE 2007-3040)	2000: 938827	07-051
Windows Services for UNIX 3.0 and 3.5, and Subsystem for UNIX-based Applications setuid privilege elevation	Fixes a vulnerability in Windows Services for UNIX where running certain setuid binary files could allow an attacker to gain elevated privileges. (CVE 2007-3036)	WS UNIX 3.0: 939778 WS UNIX 3.5: 938827 SfUA 2003: 938827 SfUA Vista: 938827	07-053
Vulnerable MFC Library FileFind Class file Heap Overflow	A Heap Overflow exists in the Microsoft Windows MFC Shared Library - FileFind Class. (CVE 2007-4916)	To mitigate the impact of the known ActiveX vector to this vulnerability, set the kill bit for the following CLSID: F3F381A3-4795-41FF-8190-7AA2A8102F85.	VU#611008
Kodak Image Viewer remote code execution	Fixes a vulnerability in the Kodak Image Viewer that allows for remote code execution when viewing a crafted file. (CVE 2007-2217)	2000: 923810 XP: 923810 2003: 923810	07-055
Windows RPC Authentication denial of service	Fixes vulnerability in Windows RPC for Windows that allows for a denial of service to be caused in the RPC authentication. (CVE 2007-2228)	2000: 933729 XP: 933729 2003: 933729 Vista: 933729	07-058
SharePoint Services site privilege elevation	SharePoint Services 3.0 and Office SharePoint Server 2007 have an elevation of privilege vulnerability within the SharePoint site. (CVE 2007-2581)	2003 SharePoint Services 3.0: 934525 Office SharePoint Server 2007: 934525 and 937832	07-059
Microsoft SharePoint Server 2007 Elevation of Privilege	Microsoft SharePoint Server 2007 has an elevation of privilege vulnerability within the SharePoint site. (CVE 2008-3006)	Microsoft SharePoint Server 2007: KB953397	08-043
Shell32.dll Windows URI handling Remote Code Execution	Fixes vulnerability in Windows URI handling that can lead to remote code execution. (CVE 2007-3896)	XP: 943460 2003: 943460	07-061
Jet Database Engine vulnerable version	Fixes a vulnerability which could allow an attacker to execute arbitrary code by enticing a target user to open a crafted MDB file. (CVE 2007-6026 CVE 2008-1092 )	2000: 950749 XP: 950749 2003 SP1: 950749	08-028 VU#936529
Windows Vista SMBv2 Remote Code Execution	Fixes a vulnerability that could allow an attacker to tamper with data transferred in SMBv2 leading to remote code execution. (CVE 2007-5351)	Vista: 942624	07-063
DirectX Parsing Remote Code Execution	Fixed vulnerabilities that could allow remote code execution parsing SAMI, WAV or AVI files. (CVE 2007-3895 CVE 2007-3901)	2000 (7.0): 941568 2000 (8.0): 941568 2000 (9.0c): 941568 XP: 941568 2003: 941568 Vista: 941568	07-064
Microsoft Video ActiveX Control Stack Buffer Overflow	A buffer overflow vulnerability exists in Microsoft DirectShow. The flaw is due to the way Microsoft Video ActiveX Control parses image files. An attacker can persuade the target user to open a malicious web page to exploit this vulnerability. (CVE 2008-0015)	Video ActiveX Control: 972890	09-032
Message Queuing validation vulnerability	Fixes a buffer overflow in Message Queuing which could allow remote command execution for Windows 2000 and privilege elevation for Windows XP. (CVE 2007-3039)	2000: 937894 XP: 937894	07-065
Vulnerability in Message Queuing Could Allow Elevation of Privilege	Fixes a memory corruption vulnerability in Message Queuing. The vulnerability is caused by a failure to validate messages containing user-defined memory address. Remote unauthenticated attackers can exploit this vulnerability by sending specially crafted messages to the affected interface. A successful exploitation can lead to arbitrary code execution with System level privileges. (CVE 2008-3479) Fixes a vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. (CVE 2009-1922)	2000: 971032 XP: 971032 2003: 971032 Vista: 971032	09-040 08-065
Windows Kernel privilege elevation vulnerability	Fixes a vulnerability that allows an attacker who has successfully logged into the system to take control of a host running Vista. (CVE 2007-5350)	Vista: 943078	07-066
Windows Media Format ASF file parsing vulnerability	Fixes a vulnerability allowing command execution when Windows Media Player or Media Services processes malformed content. (CVE 2007-0064)	Windows Media Format: 941569 Windows Media Services: 944275	07-068
Multiple Windows TCP/IP vulnerabilities	Fixes two vulnerabilities: (1) an IGMPv3 and MLDv2 vulnerability that could allow remote code execution; and (2) an ICMP vulnerability that could result in denial of service. (CVE 2007-0069, CVE 2007-0066)	2000: 941644 XP: 941644 2003: 941644 Vista: 941644	08-001
Windows LSASS vulnerability	Fixes a vulnerability that could allow an attacker to gain elevated privileges. (CVE 2007-5352)	2000: 943485 XP: 943485 2003: 943485	08-002
Vista DHCP response denial of service	Fixes a TCP/IP vulnerability allowing a denial of service by a response from a DHCP server. (CVE 2008-0084)	Vista: 946456	08-004
Windows WebDAV Mini-Redirector Remote Code Execution	Fixes a vulnerability that could allow a remote attacker to take complete control of an affected system. (CVE 2008-0080)	XP: 946026 2003: 946026 Vista: 946026	08-007
Windows OLE Automation Heap Overrun	Fixes a heap-based buffer overflow in Object Linking and Embedding (OLE) automation that could allow remote attackers to execute arbitrary code via a crafted request. (CVE 2007-0065)	2000: 943055 XP: 943055 2003: 943055 Vista: 943055	08-008
Windows DNS Spoofing Attack vulnerability	Fixes a vulnerability in the Windows DNS client that leads to a lack of entropy in the randomness of the choice of transaction IDs which could allow an attacker to send malicious responses to DNS requests. (CVE 2008-0087)	2000: 945553 XP: 945553 2003: 945553 Vista: 945553	08-020
Windows GDI remote code execution	Fixes several vulnerabilities: (1) stack overflow vulnerability in the way Graphics Device Interface (GDI) handles filename parameters in EMF image files; (CVE 2008-1087) (2) heap overflow vulnerability in the way GDI handles integer calculations; (CVE 2008-1083) (3) remote code execution vulnerability in the way that GDI handles integer calculations; (CVE 2008-2249) (4) remote code execution vulnerability in the way that GDI handles file size parameters in WMF files. (CVE 2008-3465)	2000: 956802 XP: 956802 2003: 956802 Vista: 956802 2008: 956802	08-071 08-021
Windows kernel user mode callback vulnerability	Fixes a privilege elevation vulnerability caused by insufficient validation of input passed from user mode to the kernel. (CVE 2008-1084)	2000: 941693 XP: 941693 2003: 941693 Vista: 941693 2008: 941693	08-025
DirectX SAMI-MJPEG Parsing Remote Code Execution	Fixed vulnerabilities that could allow remote code execution parsing MJPEG and SAMI files. (CVE 2008-0011 CVE 2008-1444)	2000: 951698 XP: 951698 2003: 951698 Vista: 951698 2008: 951698	08-033
Windows PGM denial of service	Fixes two vulnerabilities which allow a malformed Pragmatic General Multicast (PGM) message to cause a denial of service through the MSMQ service. (CVE 2008-1440 CVE 2008-1441)	2000: not affected XP: 950762 2003: 950762 Vista: 950762 2008: 950762	08-036
Snapshot Viewer for Microsoft Access file download vulnerability	Fixes a vulnerability which could allow files to be downloaded to arbitrary locations. (CVE 2008-2463)	Set kill bits (see 08-041) Snapshot Viewer 2000: 955441 Snapshot Viewer 2002: 955440 Snapshot Viewer 2003: 955439	08-041
Windows DNS Client Spoofing vulnerability	Fixes a vulnerability in the Windows DNS client. This vulnerability could allow a remote unauthenticated attacker to quickly and reliably spoof responses and insert records into the client cache, thereby redirecting Internet traffic. (CVE 2008-1447)	2000: 951748 XP: 951748 2003: 951748	08-037
Windows DNS Server Spoofing vulnerability	Fixes two vulnerabilities in the Windows DNS Server. The vulnerabilities could allow spoofing by poisoning the DNS cache. (CVE 2008-1447 CVE 2008-1454)	2000: 951746 2003: 951746 2008: 951746	08-037
Windows Explorer Remote Code Execution	Fixes several vulnerabilities: (1) remote code execution vulnerability when a specially crafted saved-search file is opened and saved; (CVE 2008-1435) (2) remote code execution vulnerability when saving a specially crafted search file within Windows Explorer; (CVE 2008-4268) (3) remote code execution vulnerability in Windows Explorer that allows an attacker to construct a malicious web page that includes a call to the search-ms protocol handler. (CVE 2008-4269)	Vista: 958623, 958624 2008: 958623, 958624	08-075 08-038
Microsoft Image Color Management System vulnerable version	Fixes a vulnerability which could allow remote command execution on Windows 2000, Windows XP and Windows Server 2003. (CVE 2008-2245)	2000: 952954 XP: 952954 2003: 952954	08-046
Windows Messenger UIAutomation ActiveX vulnerability	Fixes an information disclosure vulnerability caused by an ActiveX control which is incorrectly marked safe. (CVE 2008-0082)	XP: 946648 2003: 954723	08-050
Event System vulnerabilities	Fixes two vulnerabilities which allow authenticated users to execute arbitrary code on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. (CVE 2008-1456 CVE 2008-1457)	2000: 950974 XP: 950974 XP Professional x64: 950974 2003: 950974 2003 x64 950974 Vista: 950974 Vista x64: 950974 2008: 950974 2008 x64: 950974	08-049
Active Directory Federation Services vulnerable version	Fixes two vulnerabilities which allow remote authenticated code execution and spoofing on Windows Server 2003 SP2, and Windows Server 2008. (CVE 2009-2508 CVE 2009-2509)	2003 SP2: 971726 2003 SP2 x64: 971726 2008 & SP2: 971726 2008 x64 & SP2: 971726	09-070
Windows kernel vulnerable version	Fixes multiple vulnerabilities which allow authenticated users to elevate privileges on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. (CVE 2009-2515 CVE 2009-2516 CVE 2009-2517 CVE 2010-0232 CVE 2010-0233 )	2000: 977165 XP: 977165 2003: 977165 Vista: 977165 2008: 977165 Windows 7: 977165	09-058 10-015
Windows GDI+ vulnerabilities	Fixes vulnerabilities in the gdiplus.dll of Microsoft Windows GDI+ subsystem which could allow remote code execution if a user viewed a specially crafted file. (CVE 2009-2500 CVE 2009-2501 CVE 2009-2502 CVE 2009-2503 CVE 2009-2504 CVE 2009-3126 CVE 2009-2528 CVE 2009-2518)	XP: 958869 XP Professional x64: 958869 2003: 958869 2003 X64: 958869 2003 Itanium: 958869 Vista: 958869 Vista X64: 958869 2008: 958869 2008 X64: 958869	09-062 (superseded by 11-029)
Windows GDI+ vulnerabilities	Fixes vulnerabilities in the gdiplus.dll of Microsoft Windows GDI+ subsystem which could allow remote code execution if a user viewed a specially crafted file. (CVE 2007-5348 CVE 2008-3012 CVE 2008-3013 CVE 2008-3014 CVE 2008-3015)	XP: 938464 XP Professional x64: 938464 2003: 938464 2003 X64: 938464 Vista: 938464 Vista X64: 938464 2008: 938464 2008 X64: 938464	08-052
Windows Media Player sampling rate vulnerability	Fixes a command execution vulnerability when streaming audio files from a Windows Media Server in a server-side playlist. (CVE 2008-2253)	XP: 954154 Vista: 954154 2008: 954154	08-054
Windows Media Encoder wmex.dll ActiveX vulnerability	Fixes a command execution vulnerability in an ActiveX control which was incorrectly marked safe-for-scripting. (CVE 2008-3008)	2000: 954156 XP: 954156 2003: 954156 Vista: 954156 2008: 954156	08-053
Windows kernel validation	Fixes vulnerabilities by validating input passed from user mode through the kernel component of GDI, correcting the way that the kernel validates handles, and changing the way that the Windows kernel handles specially crafted invalid pointers. (CVE 2009-0081 CVE 2009-0082 CVE 2009-0083) Fixes vulnerabilities by correcting window property validation passed during the new window creation process, calls from multiple threads are handled, and validation of parameters passed to the Windows Kernel from user mode. (CVE 2008-2250 CVE 2008-2251 CVE 2008-2252)	2000: 958690 XP: 958690 2003: 958690 Vista: 958690 2008: 958690	09-006 08-061
AFD Kernel Overwrite vulnerability	Fixes a privilege elevation vulnerability in the Ancillary Function Driver which occurs when passing data from user to kernel mode. (CVE 2008-3464)	XP: 956803 2003: 956803	08-066
Elevation of Privilege Vulnerabilities in Windows	Fixes multiple privilege elevation vulnerabilities. (CVE 2008-4036 CVE 2008-1436 CVE 2009-0078 CVE 2009-0079 CVE 2009-0080 )	2000: 952004 XP: 952004 2003: 952004 Vista: 952004 2008: 952004	08-064 09-012
Windows Server Service MS08-067 buffer overflow	Fixes a buffer overflow in the Windows Server service which could allow remote attackers to take complete control of the computer. (CVE 2008-4250)	2000: 958644 XP: 958644 2003: 958644 Vista: 958644 2008: 958644	08-067
Microsoft XML Core Services vulnerabilities	Fixes multiple vulnerabilities which could allow code execution when XML content is parsed. (CVE 2007-0099 CVE 2008-4029 CVE 2008-4033)	955218	08-069
Windows SMB credential reflection vulnerability	Fixes validation of NTLM authentication replies to ensure that a user's credentials are not reflected back to an attacker. (CVE 2008-4037)	2000: 957097 XP: 957097 2003: 957097 Vista: 957097 2008: 957097	08-068
Windows Media components SPN credential reflection vulnerability	Fixes a vulnerability which allows unauthorized access by forwarding a client's credentials and a credential disclosure vulnerability in ISATAP. (CVE 2008-3009 CVE 2008-3010)	Media Player: 954600 Media Format: 952069 Media Services: 952068	08-076
SharePoint Services site privilege elevation	Microsoft Office SharePoint Server 2007 and Microsoft Search Server 2008 have an elevation of privilege vulnerability within the SharePoint site. (CVE 2008-4032)	Office SharePoint Server 2007: 956716 (32 Bit) or 956716 (64 Bit) Office Search Server 2008: 956716 (32 Bit) or 956716 (64 Bit)	08-077
Multiple Windows SMB vulnerabilities	Fixes multiple SMB buffer overflow vulnerabilities that could give an attacker administrative rights to the system. (CVE 2008-4114 CVE 2008-4834 CVE 2008-4835)	2000: 958687 (32 bit) XP: 958687 (32 bit) or 958687 (64 bit) 2003: 958687 (32 bit), 958687 (64 bit), or 958687 Itanium Vista: 958687 (32 bit) or 958687 (64 bit) 2008: 958687 (32 bit), 958687 (64 bit), or 958687 Itanium	09-001
Windows Schannel spoofing vulnerability	Fixes a spoofing vulnerability in windows 2000, 2003, XP, Vista, and 2008. The vulnerability is only harmful if the attacker gains access to the certificate after having obtained the public key component through other means. (CVE 2009-0085)	2000: 960225 XP: 960225 (32 bit), or 960225 (64 bit) 2003: 960225 (32 bit), 960225 (64 bit), or 960225 Itanium Vista: 960225 (32 bit), or 960225 (64 bit) 2008: 960225 (32 bit), 960225 (64 bit), or 960225 Itanium	09-007
Vulnerabilities in SChannel could allow Remote Code Execution	Fixes two vulnerabilities in the Secure Channel (SChannel) security package in Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted Web site that is designed to exploit these vulnerabilities through an Internet Web browser. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. (CVE 2009-3555 CVE 2010-2566)	XP: 980436, 2003: 980436, Vista: 980436, 2008: 980436, Windows 7: 980436, 2008 R2: 980436.	10-049
WordPad and Text converters remote code execution	Fixes Microsoft WordPad and Microsoft Office text converters memory corruption. (CVE 2008-4841 CVE 2009-0087 CVE 2009-0235 CVE 2009-2506)	2000: 973904 XP: 973904 2003: 973904	09-010 09-073
DirectX MJPEG decompression remote code execution	Corrects the way the DirectShow component of DirectX decompresses media files. CVE 2009-0084)	2000 (8.1): 961373 2000 (9.0->9.0c): 961373 XP: 32-bit: 961373 64-bit: 96173 2003: 32-bit: 961373 64-bit: 961373 Itanium: 961373	09-011
Windows HTTP Services integer underflow	Fixes integer underflow, certificate name mismatch, and credential reflection vulnerabilities in Windows HTTP Services. (CVE 2009-0086 CVE 2009-0089 CVE 2009-0550)	2000: 960803 XP: 960803 2003: 960803 Vista: 960803 2008: 960803	09-013
Blended threat privilege elevation vulnerability	Fixes a privilege elevation vulnerability in Windows 2000, 2003, XP, Vista, and 2008. The vulnerability exists due to a faulty SearchPath function used for locating and opening files on windows. An attacker could exploit the vulnerability by enticing a user to download a crafted file to a specific location and then have them open an application that uses the file. (CVE 2008-2540)	2000: 959426 XP: 959426 (32 bit), or 959426 (64 bit) 2003: 959426 (32 bit), 959426 (64 bit), or 959426 Itanium Vista: 959426 (32 bit), or 959426 (64 bit) 2008: 959426 (32 bit), 959426 (64 bit), or 959426 Itanium	09-015
Microsoft SharePoint Server 2007 Remote Code Execution	Microsoft SharePoint Server 2007 has a remote code execution vulnerability. (CVE 2009-0549 CVE 2009-0557 CVE 2009-0558 CVE 2009-0559 CVE 2009-0560 CVE 2009-0561 CVE 2009-1134 CVE 2011-1989 CVE 2011-1990)	Microsoft SharePoint Server 2007 SP1:KB969737 (32 bit), or KB969737 (64 bit) Microsoft SharePoint Server 2007 SP2:KB2553093 (32 bit), or KB2553093 (64 bit)	09-021 11-072
Microsoft SharePoint Server 2010 Remote Code Execution	Microsoft SharePoint Server 2010 has a remote code execution vulnerability. (CVE 2011-1989)	Microsoft SharePoint Server 2010 SP1:KB2553094 (32 bit), or KB2553094 (64 bit)	11-072
Microsoft Office Web Apps 2010 Remote Code Execution	Microsoft Office Web Apps 2010 has a remote code execution vulnerability. (CVE 2011-1989)	Microsoft Office Web Apps 2010 SP1:KB2553095 (32 bit), or KB2553095 (64 bit)	11-072
Windows Search Contains Information Disclosure Vulnerability	Windows 2003 and XP contain an information disclosure vulnerability in Windows search due to the way file previews are generated. Exploitation requires user interaction and upon a successful attack, information will be presented to the attacker. (CVE 2009-0239)	2003 SP2: KB963093 (32 bit), or KB963093 (64 bit) XP SP2, SP3: KB963093, or KB963093	09-023
Windows kernel desktop validation vulnerabilities	Fixes four vulnerabilities by correcting the methods used in validating a change in kernel object, the input passed from user mode to the kernel and the argument passed to the system call. (CVE 2009-1123 CVE 2009-1124 CVE 2009-1125 CVE 2009-1126)	2000: 968537 XP: 968537 2003: 968537 Vista: 968537 2008: 968537	09-025
Windows RPC Marshalling Engine vulnerability	Fixes an elevation of privilege vulnerability by correcting the way RPC Marshalling Engine updates its internal state. (CVE 2009-0568)	2000: 970238 XP: 970238 2003: 970238 Vista: 970238 2008: 970238	09-026
Windows print spooler vulnerabilities	Fixes two privilege elevation vulnerabilities in the Windows print spooler, and one remote command execution vulnerability on Windows 2000. (CVE 2009-0228 CVE 2009-0229 CVE 2009-0230)	2000: 961501 XP: 961501 2003: 961501 Vista: 961501 2008: 961501	09-022
Microsoft DirectShow QuickTime Movie Parsing Code Execution	Fixes three vulnerabilities which could allow code execution when DirectShow parses Quicktime media files, validates pointer values and size fields. (CVE 2009-1537 CVE 2009-1538 CVE 2009-1539)	2000: 971633 XP: 971633 2003: 971633	09-028
Windows Embedded OpenType Font Engine vulnerabilities	Fixes a vulnerability allowing command execution when a user opens a file or web page containing Embedded OpenType fonts. (CVE 2009-0231 CVE 2009-0232)	2000: 961371 XP: 961371 2003: 961371 Vista: 961371 2008: 961371	09-029
Vulnerability in the OpenType Compact Font Format Driver Could Allow Elevation of Privilege	Fixes a vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow elevation of privilege if a user views content rendered in a specially crafted CFF font. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. (CVE 2010-0819 CVE 2010-2740 CVE 2010-2741)	2000: 980218 (Note: Windows 2000 is past its maintenance window) XP: 2279986 (32-bit), 2279986 (64-bit) 2003: 2279986 (32-bit), 2279986 (64-bit), 2279986 (Itanium) Vista: 980218 2008: 980218 Windows 7: 980218	10-037 10-078 (supersedes 10-037 on XP and 2003)
Windows media file processing vulnerable	Fixes a vulnerability that allows remote code execution due to improper handling of specially crafted AVI format files. (CVE 2009-1545 CVE 2009-1546)	2000: 971557 XP: 971557 (32-bit), 971557 (64 bit) 2003: 971557 (32-bit), 971557 (64 bit), 971557 (Itanium) Vista: 971557 (32-bit), 971557 (64-bit) 2008: 971557 (32-bit), 971557 (64-bit), 971557 (Itanium)	09-038
Windows Remote Desktop Connection vulnerabilities	Fixes two heap overflow vulnerabilities which could allow command execution when the client receives a specially crafted response from a RDP server or web site. (CVE 2009-1133 CVE 2009-1929)	970927	09-044
Multiple Windows ATL vulnerability	Fixes multiple vulnerabilities in Windows Active Template Library that could allow an attacker to execute arbitrary code. (CVE 2008-0015 CVE 2008-0020 CVE 2009-0901 CVE 2009-2493 CVE 2009-2494)	Outlook:973354 Media Player:973540 ATL Component:973507 DHTML Component:973869 ActiveX: 973525	09-037 09-055
DHTML Editing Component ActiveX Control Vulnerability	Fixes a remote code execution vulnerability in the DHTML Editing Component ActiveX Control brought on by users visiting a specially crafted web page. (CVE 2009-2519)	2000: 956844 XP: 956844 (32-bit), 956844 (64-bit) 2003: 956844 (32-bit), 956844 (64-bit), 956844 (Itanium)	09-046
Windows Media header parsing and playback memory corruption vulnerabilities	Fixes code execution vulnerabilities in the handling of ASF format files and MP3 media files. (CVE 2009-2498 CVE 2009-2499)	2000: 968816 XP SP2: 968816 XP SP3: 968816 2003: 968816 Vista: 968816 2008: 968816	09-047
Microsoft Windows TCP/IP remote code execution vulnerability	Fixes several vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. The vulnerabilities could allow remote code execution if an attacker sent specially crafted TCP/IP packets over the network to a computer with a listening service. (CVE 2008-4609, CVE 2009-1925, CVE 2009-1926)	2003: 967723 Vista: 967723 2008: 967723	09-048
Wireless LAN AutoConfig Service frame parsing remote code execution vulnerability	Fixes a remote code execution vulnerability in the Wireless LAN AutoConfig Service (wlansvc) triggered when the service receives a specially crafted wireless frame. (CVE 2009-1132)	Vista: 970710 (32-bit), 970710 (64-bit) 2008: 970710 (32-bit), 970710 (64-bit)	09-049
Windows Media Player ASF file heap overflow	Fixes a vulnerability which could allow command execution when a user opens a malformed file in Windows Media Player 6.4. (CVE 2009-2527)	2000: 974112 XP: 974112 2003: 974112	09-052
Windows LSASS denial of service vulnerability	Fixes a vulnerability which could allow a remote attacker to crash the computer. (CVE 2009-2524)	XP: 975467 2003: 975467 Vista: 975467 2008: 975467 7: 975467	09-059
SMBv2 remote code execution vulnerability	Fixes a remote code execution vulnerability that could allow a remote attacker to take control of or crash the system. (CVE 2009-2526 CVE 2009-2532 CVE 2009-3103)	Vista: 975517 (32-bit), 975517 (64-bit) 2008: 975517 (32-bit), 975517 (64-bit), 975517 (Itanium)	09-050
Windows WMA Voice codec vulnerability	Fixes vulnerabilities in Windows Media Runtime that could allow remote code execution (CVE 2009-0555 CVE 2009-2525)	2000, XP and 2003 (Voice codec): 969878 2000 WMF 9: 954155 2000 WMP 9: 975025 2000, XP and 2003 (Decoder): 969878 XP SP2 WMF 9, 9.5 and 11: 954155 XP (Compression Manager): 975025 2000 WMP 9: 975925	09-051
Windows ASN1 spoofing vulnerability	Fixes vulnerabilities in Windows CryptoAPI component when parsing ASN.1. (CVE 2009-2510 CVE 2009-2511)	2000: 974571 XP: 974571 XP (64-bit): 974571 2003: 974571 2003 (64-bit): 974571 Vista: 974571	09-056
Windows Indexing Service memory corruption vulnerability	Fixes a remote code execution vulnerability that could allow a remote attacker to execute arbitrary code with the permissions of the user loading a specially crafted web page. (CVE 2009-2507)	2000: 969059 XP: 969059 (32-bit), 969059 (64-bit) 2003: 969059 (32-bit), 969059 (64-bit), 969059 (Itanium)	09-057
Windows kernel embedded font vulnerabilities	Fixes a remote code execution vulnerability that could allow a remote attacker to execute arbitrary code with the permissions of the user loading a specially crafted Embedded OpenType (EOT) font. (CVE 2009-1127) (CVE 2009-2513) (CVE 2009-2514)	2000: 969947 XP: 969947 (32-bit), 969947 (64-bit) 2003: 969947 (32-bit), 969947 (64-bit), 969947 (Itanium) Vista: 969947 (32-bit), 969947 (64-bit) 2008: 969947 (32-bit), 969947 (64-bit), 969947 (Itanium)	09-065
Windows WSDAPI remote code execution vulnerability	Fixes a remote code execution vulnerability that could allow a remote attacker to send specially crafted message to a computer using the Web Services on Devices API (WSDAPI) on Windows systems. The service is enabled by default on Windows Vista and Windows Server 2008. (CVE 2009-2512)	Vista: 973565 2008: 973565	09-063
Windows Internet Authentication Service vulnerabilities	Fixes vulnerabilities in the Windows PEAP and MS-CHAPv2 protocol implementations, which could lead to remote code execution in Windows 2008, privilege elevation in other server operating systems, and potential vulnerabilities in workstations. (CVE 2009-2505 CVE 2009-3677)	2000: 974318 XP: 974318 2003: 974318 Vista: 974318 2008: 974318	09-071
Windows LSASS IPSEC Denial-of-Service Vulnerability	Fixes a vulnerability in the Local Security Authority Subsystem Service (LSASS) which could allow a denial of service. (CVE 2009-3675)	2000: 974392 2003: 974392 (32-bit), 974392 (64-bit), 974392 (Itanium) XP: 974392 (32-bit), 974392 (64-bit)	09-069
Windows Embedded OpenType Font Engine Vulnerability	Fixes a remote code execution vulnerability in Windows 2000, 2003, XP, Vista, 7, and Server 2008. The vulnerability exists due to the way Windows Embedded OpenType (EOT) Font Engine decompresses specially crafted EOT fonts. (CVE 2010-0018)	2000: 972270 2003: 972270 (32-bit), 972270 (64-bit) XP: 972270 (32-bit), 972270 (64-bit) Vista: 972270 (32-bit), 972270 (64-bit) Windows 7: 972270 2008: 972270 (32-bit), 972270 (64-bit)	10-001
Microsoft Paint Integer Overflow vulnerability	Fixes a remote code execution vulnerability if a user viewed a specially crafted JPEG image file using Microsoft Paint in Windows 2000, XP and Server 2003. An attacker who successfully exploited this vulnerability could take complete control of an affected system and could then install programs; view, change, or delete data; or create new accounts. (CVE 2010-0028)	2000: 978706 XP: 978706 (32-bit), 978706 (64-bit) 2003: 978706 (32-bit), 978706 (64-bit), 978706 (Itanium)	10-005
DirectShow AVI buffer overflow	Fixes vulnerabilities in DirectShow which could allow code execution when a user opens a crafted AVI file. (CVE 2010-0250)	977914 and 975560	10-013
Windows Shell Handler vulnerability	Fixes a remote code execution vulnerability in Windows 2000, XP and Server 2003; if an application such as a Web browser passes specially crafted data to the ShellExecute API function through the Windows Shell Handler. An attacker who successfully exploited this vulnerability could take complete control of an affected system. (CVE 2010-0027)	2000: 975713 XP: 975713 (32-bit), 975713 (64-bit) 2003: 975713 (32-bit), 975713 (64-bit), 975713 (Itanium)	10-007
Microsoft Hyper-V Server Denial of Service Vulnerability	Fixes a remote denial of service vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. (CVE 2010-0026)	2008: 977894 (64-bit) 2008 R2: 977894 (64-bit)	10-010
Multiple vulnerabilities (MS10-012)	Fixes 4 vulnerabilities announced in Microsoft bulletin MS10-012, the most critical of which could allow remote code execution. The vulnerabilities are due to weak entropy used in encryption, bounds checking on path names, and null pointers. (CVE 2010-0020 CVE 2010-0021 CVE 2010-0022 CVE 2010-0231)	2000 (all versions): 971468 XP: 971468 2003 (all versions): 971468 Vista (all versions): 971468 Windows 7 (all versions): 971468 2008 (all versions): 971468	10-007
Multiple vulnerabilities (MS10-009)	Fixes 4 vulnerabilities announced in Microsoft bulletin MS10-009, the most critical of which could allow remote code execution. (CVE 2010-0239 CVE 2010-0240 CVE 2010-0241 CVE 2010-0242)	Vista (all versions): 971468 2008 (all versions): 971468	10-007
Multiple Data Analyzer ActiveX Control vulnerabilities	Fixes multiple vulnerabilities in Windows Data Analyzer ActiveX Control that could allow an attacker to execute arbitrary code. (CVE 2010-0252)	ActiveX:978262	10-008
Windows SMB Client vulnerabilities	Fixes vulnerabilities which could allow remote code execution when a user initiates an SMB connection with a malicious server. (CVE 2010-0016 CVE 2010-0017)	2000: 978251 XP: 978251, 978251 (64-bit) 2003: 978251, 978251 (64-bit) Vista: 978251, 978251 (64-bit) Windows 7: 978251, 978251 (64-bit) 2008: 978251, 978251 (64-bit)	10-006
CSRSS Local Privilege Elevation	Fixes a vulnerability in Client/Server Run-time Subsystem (CSRSS). (CVE 2010-0023)	2000: 978037 XP: 978037, 978037 (64-bit) 2003: 978037, 978037 (64-bit)	10-011
Elevation of Privilege	Vulnerability in Windows CSRSS could Allow Elevation of Privilege. (CVE 2011-0030)	XP:2476687 XP:2476687 (64-bit) 2003:2476687 2003:2476687 (64-bit)	11-010
Elevation of Privilege	Vulnerability in Windows CSRSS could Allow Elevation of Privilege. (CVE 2011-3408)	XP:2620712 XP:2620712 (64-bit) 2003:2620712 2003:2620712 (64-bit) Vista:2620712 Vista:2620712 (64-bit) 2008:2620712 2008:2620712 (64-bit) Windows 7:2620712 Windows 7:2620712 (64-bit) 2008 R2:2620712 (64-bit)	11-097
Elevation of Privilege	Vulnerability in Windows CSRSS could Allow Elevation of Privilege. (CVE 2011-1281 CVE 2011-1282 CVE 2011-1283 CVE 2011-1284 CVE 2011-1870)	XP:2507938 XP:2507938 (64-bit) 2003:2507938 2003:2507938 (64-bit) Vista:2507938 Vista:2507938 (64-bit) 2008:2507938 2008:2507938 (64-bit) Windows 7:2507938 Windows 7:2507938 (64-bit) 2008 R2:2507938 (64-bit)	11-056
Movie Maker and Producer Buffer Overflow vulnerability	Fixes a vulnerability which could allow remote code execution when a user opens a specially crafted Movie Maker or Microsoft Producer project file. An attacker could exploit this vulnerability to take complete control of the affected system. (CVE 2010-0265)	XP: 975561 (32-bit), 975561 (64-bit) Vista: 975561 (32-bit)(MM 2.6), 975561 (32-bit)(MM 6.0), 975561 (64-bit)(MM 2.6) 975561 (64-bit)(MM 6.0) Windows 7: 975561 (32-bit), 975561 (64-bit)	10-016
Vulnerability in Windows Movie Maker Could Allow Remote Code Execution	Fixes a vulnerability in Windows Movie Maker. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE 2010-2564)	XP: 981997, Vista: 981997(MM 2.6), 981997(MM 6.0).	10-050
Windows Media Unicast Service transport information buffer overflow	Fixes a remote code execution vulnerability in handling transport information packets. (CVE 2010-0478)	2000: 980858	10-025
Windows MPEG layer 3 codec vulnerable	Fixes remote code execution vulnerability in MPEG Layer-3 codecs. (CVE 2010-0480)	2000: 977816, XP: 977816 (32-bit), 977816 (64-bit), 2003: 977816 (32-bit), 977816 (64-bit), Vista: 977816 (32-bit), 977816 (64-bit), 2008: 977816 (32-bit), 977816 (64-bit)	10-026
Windows SMB Client vulnerabilities	Fixes vulnerabilities which could allow remote code execution when a user initiates an SMB connection with a malicious server. (CVE 2009-3676 CVE 2010-0269 CVE 2010-0270 CVE 2010-0476 CVE 2010-0477)	2000: 980232 XP: 980232, 980232 (64-bit) 2003: 980232, 980232 (64-bit), 980232 (Itanium) Vista: 980232, 980232 (64-bit) 2008: 980232, 980232 (64-bit), 980232 (Itanium) Windows 7: 980232, 980232 (64-bit) 2008 R2: 980232 (64-bit), 980232 (Itanium)	10-020
Windows ISATAP Component spoofing vulnerability	Fixes a spoofing vulnerability which exists in the Microsoft Windows IPv6 stack due to the way that Windows checks the inner packet's IPv6 source address in a tunneled ISATAP packet. (CVE 2010-0812)	XP: 978338, 978338 (64-bit) 2003: 978338, 978338 (64-bit), 978338 (Itanium) Vista: 978338, 978338 (64-bit) 2008: 978338, 978338 (64-bit), 978338 (Itanium)	10-029
Windows VB script vulnerable	Fixes remote code execution vulnerability which exists due to the way VB Script interacts with help files in Internet Explorer. (CVE 2010-0483)	Apply the appropriate patch	10-022
Windows Authenticode Verification	Fixes vulnerabilities which could allow remote code execution when a user modifies an existing signed executable file. (CVE 2010-0486 CVE 2010-0487 )	For Authenticode Signature Verification: 2000 978601 XP 978601 XP x64 978601 2003 978601 2003 x64 978601 Vista 978601 Vista x64 978601 2008 978601 2008 x64 978601 Windows 7 978601 Windows 7 x64 978601 Server 2008 R2 x64 978601 For Cabinet File Viewer: 2000 979309 XP 979309 XP x64 979309 2003 979309 2003 x64 979309 Vista 979309 Vista x64 979309 2008 979309 2008 x64 979309 Windows 7 979309 Windows 7 x64 979309 Server 2008 R2 x64 979309	10-019
Windows Media Player ActiveX vulnerability	Fixes a vulnerability in Windows Media Player 9 series which could allow remote code execution. (CVE 2010-0268 )	2000 979402 XP SP2 979402 XP SP3 979402	10-027 (superseded by 10-082 on XP SP3)
Windows kernel multiple privilege elevation vulnerabilities	Fixes multiple vulnerabilities which allow authenticated users to elevate privileges on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. (CVE 2010-0484 CVE 2010-0485 CVE 2010-1255)	2000 SP 4 979559 XP SP 2 & SP 3 979559 XP x64 SP 2 979559 Server 2003 SP 2 979559 Server 2003 x64 SP 2 979559 Server 2003 SP2 Itanium 979559 Vista SP 1 & SP 2 979559 Vista x64 SP 1 & SP 2 979559 Server 2008 32 SP 2 979559 Server 2008 x64 SP 2 979559 Server 2008 Itanium SP 2 979559 Windows 7 32-bit 979559 Windows 7 x64-based 979559 Server 2008 R2 x64 979559 Server 2008 R2 Itanium 979559	10-032
Multiple ActiveX Control vulnerabilities	Fixes multiple vulnerabilities in Windows Data Analyzer ActiveX Control and Internet Explorer 8 Development Tools ActiveX Control that could allow an attacker to execute arbitrary code. (CVE 2010-0252 CVE 2010-0811)	ActiveX:980195	10-034
Windows Media decompression vulnerabilities	Fixes multiple vulnerabilities in DirectX, Windows Media Format and Encoder, and Asycfilt.dll allowing command execution when invalid compression data in media files is processed. (CVE 2010-1879 CVE 2010-1880)	10-033	10-033
MS10-039 fixes toStaticHTML Information Disclosure Vulnerability	InfoPath 2003, 2007, and SharePoint Server 2007 have a vulnerability in the way toStaticHTML sanitizes HTML content in Microsoft SharePoint. (CVE 2010-1257)	InfoPath 2003: KB980923 InfoPath 2007: KB979441	10-039
Windows Help and Support Center trusted document whitelist bypass	The MPC:HexToNum function in helpctr.exe in Windows Help and Support Center on Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, thereby allowing a remote attacker to bypass the trusted documents whitelist and execute arbitrary commands if a user is enticed to open a specially crafted hcp:// URL. (CVE 2010-1885)	XP: KB2229593 XP Pro x64: KB2229593 2003: KB2229593 2003 x64: KB2229593 2003 Itanium: KB2229593	10-042
Canonical Display Driver vulnerable version	Windows 7 and Windows Server 2008 R2 contain an integer overflow vulnerability in the canonical display driver that could allow an attacker to cause a denial of service or take complete control of the system. (CVE 2009-3678)	Windows 7:KB2032276 2008 R2:KB2032276	10-043
Microsoft Windows Shell Remote Code Execution Vulnerability	A remote code execution vulnerability exists in Windows Shell, a component of Microsoft Windows. The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability is most likely to be exploited through removable drives. (CVE 2010-2568)	XP: 2286198 2003: 2286198 Vista: 2286198 2008: 2286198 7: 2286198 2008 R2: 2286198	10-046
Over-the-network SMB packet vulnerabilities in Windows	Fixes 3 vulnerabilities announced in Microsoft bulletin MS10-054, the most critical of which could allow remote code execution. (CVE 2010-2550 CVE 2010-2551 CVE 2010-2552)	XP: 982214 2003: 982214 Vista: 982214 2008: 982214 7: 982214 2008 R2: 982214	10-054
Windows cinepak codec decompression vulnerability	Fixes a vulnerability in windows cinepak codec triggered by a user opening a malformed media file. (CVE 2010-2553)	XP: 982665 (32-bit) 982665 (64-bit) Vista: 982665 (32-bit) 982665 (64-bit) 7: 982665 (32-bit) 982665 (64-bit)	10-055
TCP/IP authenticated user privilege escalation or unauthenticated denial of service	Fixes 2 vulnerabilities announced in Microsoft bulletin MS10-058. (CVE 2010-1892 CVE 2010-1893)	Vista: 978886 2008: 978886 7: 978886 2008 R2: 978886	10-058
Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability	A remote code execution vulnerability exists in the way that Microsoft DirectShow MP3 filter handles supported format files. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE 2010-1882)	XP: 2115168 (32-bit), 2115168 (64-bit) 2003: 2115168 (32-bit), 2115168 (64-bit)	10-052
Windows Tracing Feature for Services	Fixes a vulnerability in the Windows Tracing Feature for Services feature which allowed for local code execution. A local user account is required. (CVE 2010-2554, CVE 2010-2555)	Vista: 982799 2008: 982799 7: 982799 2008 R2: 982799	10-059
Windows kernel vulnerable version	Fixes multiple vulnerabilities which allow authenticated users to elevate privileges on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. (CVE 2010-0232 CVE 2010-0233 CVE 2010-0234 CVE 2010-0235 CVE 2010-0236 CVE 2010-0237 CVE 2010-0238 CVE 2010-0481 CVE 2010-0481 CVE 2010-0482 CVE 2010-0810) Fixes three vulnerabilities in the Windows kernel. A data initialization bug may be exploited when creating new threads. A double free error may be exploited during error handling. These two vulnerabilities may allow a local attacker to execute arbitrary code in kernel mode. A kernel object ACL validation routine lacks sufficient sanity checking, which may allow a local attacker to cause the system to reboot or become unresponsive. (CVE 2010-1888 CVE 2010-1889 CVE 2010-1890) Also fixes vulnerabilities which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. (CVE 2010-4398 CVE 2011-0045)	XP: KB2393802 2003: KB2393802 Vista: KB2393802 2008: KB2393802 Windows 7: KB2393802	10-021 10-047 11-011
Windows kernel multiple privilege elevation vulnerabilities	Fixes multiple vulnerabilities which allow authenticated users to elevate privileges on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2008 R2, and Windows 7. (CVE 2010-1887 CVE 2010-1894 CVE 2010-1895 CVE 2010-1896 CVE 2010-1897)	XP 2160329 XP x64 2160329 Server 2003 2160329 Server 2003 x64 2160329 Server 2003 Itanium 2160329 Vista 2160329 Vista x64 2160329 Server 2008 2160329 Server 2008 x64 2160329 Server 2008 Itanium 2160329 Windows 7 2160329 Windows 7 x64 2160329 Server 2008 R2 x64 2160329 Server 2008 R2 Itanium 2160329	10-048
Microsoft Windows Service Isolation Bypass Local Privilege Escalation	Fixed a vulnerability which leverages the Windows Service Isolation feature to gain elevation of privilege. (CVE 2010-1886)	TAPI 982316	2264072
Microsoft Windows Insecure Library Loading vulnerability	A remote attacker could execute DLL preloading attacks through an SMB share or WebDAV.	Disable loading of libraries from WebDAV and remote network shares as described in Microsoft KB 2264107.	2269637
WordPad Word 97 Text Converter Memory Corruption Vulnerability	Fixes a vulnerability in mswrd8.wpc which could allow remote code execution. (CVE 2010-2563)	XP 2259922 XP x64 2259922 2003 2259922 2003 x64 2259922	10-067
Print Spooler Service remote code execution vulnerability	Fixes a remote code execution vulnerability that exists due to the way the Print Spooler Service handles data sent over RPC calls. (CVE 2010-2729)	XP 975558 XP x64 975558 2003 975558 2003 x64 975558 Vista 975558 Vista x64 975558 2008 975558 2008 x64 975558 7 975558 7 x64 975558 2008 R2 975558	10-061
MPEG 4 remote code execution vulnerability	Fixes a remote code execution vulnerability that exists due to the way the MPEG-4 codec handles supported format files. (CVE 2010-0818)	XP 975558 XP x64 975558 2003 975558 2003 x64 975558 Vista 975558 Vista x64 975558 2008 975558 2008 x64 975558	10-062
Active Directory LDAP LSASS privilege elevation vulnerability	Fixes a remote authenticated privilege elevation vulnerability that exists due to a heap overflow in the handling of LDAP messages in the LSASS service. (CVE 2010-0820)	ADAM Client Patches XP 982000 2003 982000 2003 x64 982000 Active Directory Patches 2003 981550 2003 x64 981550 2003 Itanium 981550 Vista 981550 Vista x64 981550 2008 981550 2008 x64 981550 7 981550 7 x64 981550 2008 R2 x64 981550	10-068
Windows RPC Memory Corruption vulnerability	An unauthenticated remote code execution vulnerability exists in the way that the Remote Procedure Call (RPC) client implementation allocates memory when parsing specially crafted RPC responses. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. (CVE 2010-2567)	XP: 982802 (32-bit), 982802 (64-bit) 2003: 982802 (32-bit), 982802 (64-bit), 982802 (Itanium)	10-066
Uniscribe Font Parsing Engine Memory Corruption	Fixes a memory corruption vulnerability that exists because Windows and Office incorrectly parse specific font types. The vulnerability could allow remote code execution if a user viewed a specially crafted document or Web page with an application that supports embedded OpenType fonts. (CVE 2010-2738)	XP: 981322 (32-bit), 981322 (64-bit) 2003: 981322 (32-bit), 981322 (64-bit), 981322 (Itanium) Vista: 981322 (32-bit), 981322 (64-bit) 2008: 981322 (32-bit), 981322 (64-bit), 981322 (Itanium) Office XP: 2288608 Office 2003: 2288613 2007 Office Suite: 2288621	10-063
Windows MFC Document Title Update vulnerability	Fixes a vulnerability in the Windows MFC libraries which could allow remote code execution if an attacker is able to control the title of an application written using the Microsoft Foundation Class (MFC) Library. (CVE 2010-3227)	XP: 2387149 (32-bit), 2387149 (64-bit) 2003: 2387149 (32-bit), 2387149 (64-bit) Vista: 2387149 (32-bit), 2387149 (64-bit) 2008: 2387149 (32-bit), 2387149 (64-bit) 7: 2387149 (32-bit), 2387149 (64-bit) 2008 R2: 2387149 (64-bit)	10-074
Windows Media Player Network Sharing Service vulnerability	Fixes a vulnerability in Windows Media Player Network Sharing Service which could allow remote code execution if an attacker sends a specially crafted RTSP packet to an affected system. (CVE 2010-3225)	Vista 2281679, 2281679 (64-bit) Windows 7 2281679, 2281679 (64-bit)	10-075
Embedded OpenType Font Engine vulnerability	Fixes a vulnerability in Windows which could allow remote code execution if an attacker gets a user to open a document containing a malicious embedded open-type font. (CVE 2010-1883)	XP: 982132 (32-bit), 982132 (64-bit) 2003: 982132 (32-bit), 982132 (64-bit) Vista: 982132 (32-bit), 982132 (64-bit) 2008: 982132 (32-bit), 982132 (64-bit) 7: 982132 (32-bit), 982132 (64-bit) 2008 R2: 982132 (64-bit)	10-076
Windows Common Control Library SVG vulnerability	Fixes a vulnerability in Windows which could allow remote code execution if an attacker gets a user to open a document containing a malicious Scalable Vector Graphic image using a variety of third-party image viewers or editors. (CVE 2010-2746)	XP: 2296011 (32-bit), 2296011 (64-bit) 2003: 2296011 (32-bit), 2296011 (64-bit) Vista: 2296011 (32-bit), 2296011 (64-bit) 2008: 2296011 (32-bit), 2296011 (64-bit) 7: 2296011 (32-bit), 2296011 (64-bit) 2008 R2: 2296011 (64-bit)	10-081
Windows LPC Elevation of Privilege vulnerability	Fixes a vulnerability that could allow elevation of privilege if an attacker logs on to an affected system and runs specially crafted code that sends an LPC message to the local LRPC Server. (CVE 2010-3222)	XP: 2360937, 2360937 (64-bit) 2003: 2360937, 2360937 (64-bit), 2360937 (Itanium)	10-084
Microsoft Windows JIT remote code execution vulnerability	Fixes a vulnerability in Microsoft Windows x64 .NET 4 framework that could allow arbitrary code execution. (CVE 2010-3228)	All: KB 2160841	10-077
Windows SChannel Denial of Service vulnerability	Fixes a vulnerability in the Secure Channel (SChannel) security package in Windows which could allow denial of service if an affected Internet Information Services (IIS) server hosting a Secure Sockets Layer (SSL)-enabled web site receives a specially crafted packet message. (CVE 2010-3229)	Vista: 2207566, 2207566 (64-bit) 2008: 2207566, 2207566 (64-bit), 2207566 (Itanium) Windows 7: 2207566, 2207566 (64-bit) 2008 R2: 2207566 (64-bit), 2207566 (Itanium)	10-085
Vulnerability in windows shared cluster disks	Fixes a vulnerability in windows shared cluster disks due to incorrect permission handling that could allow unauthorized users to read, write, and delete administrative shares on a failover cluster disk. (CVE 2010-3223)	2008 R2: 2294255 (64-bit), 2294255 (Itanium)	10-086
SharePoint, Groove and Sharepoint Services multiple Vulnerabilities	This update resolves multiple Information Disclosure vulnerabilities in Microsoft SharePoint and Windows SharePoint Services. The vulnerability can be triggered if an attacker submits a specially crafted script to a target site that uses SafeHTML. (CVE 2010-3243, CVE 2010-3324)	Microsoft Windows SharePoint Services 3.0 SP2: 2345304 (32 Bit) or 2345304 (64 Bit) Microsoft Office SharePoint Server 2007 SP2: 2345212 (32 Bit) or 2345212 (64 Bit) Microsoft SharePoint Foundation 2010: 2345322 Microsoft Groove Server 2010: 2346298 Microsoft Office Web Apps: 2346411	10-072
Windows kernel multiple privilege elevation vulnerabilities	Fixes multiple vulnerabilities which allow authenticated users to elevate privileges on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2008 R2, and Windows 7. (CVE 2010-2549 CVE 2010-2743 CVE 2010-2744)	XP: 981957 (32-bit), 981957 (64-bit) 2003: 981957 (32-bit), 981957 (64-bit), 981957 (Itanium) Vista: 981957 (32-bit), 981957 (64-bit) 2008: 981957 (32-bit), 981957 (64-bit), 981957 (Itanium) Win 7: 981957 (32-bit), 981957 (64-bit) 2008 R2: 981957 (64-bit), 981957 (Itanium)	10-073
Windows Shell validation vulnerability	Fixes a vulnerability in a way Windows Shell validate COM object instantiation. (CVE 2010-1263)	Vista: 979688 (32-bit), 979688 (64-bit) 2008: 979688 (32-bit), 979688 (64-bit), 979688 (Itanium) Win 7: 979688 (32-bit, 979688 (64-bit) 2008 R2: 979688 (64-bit), 979688 (Itanium))	10-083
Windows Wordpad COM validation vulnerability	Fixes a vulnerability in a way WordPad validate COM object instantiation. (CVE 2010-1263)	XP: 979687 (32-bit), 979687 (64-bit) 2003: 979687 (32-bit), 979687 (64-bit), 979687 (Itanium) Vista: 979687 (32-bit), 979687 (64-bit) 2008: 979687 (32-bit), 979687 (64-bit), 979687 (Itanium) Win 7: 979687 (32-bit), 979687 (64-bit) 2008 R2: 979687 (64-bit), 979687 (Itanium)	10-083
Memory Corruption Vulnerability in Windows Media Player 9.x, 10.x, 11.x	Fixes a memory corruption vulnerability in Windows Media Player (WMP). The vulnerability can be triggered if an attacker is able to entice their victim into opening specially crafted media content from a malicious web site. A successful attack would result in the attacker executing code in the context of the logged in user. (CVE 2010-2745)	XP: 2378111 (WMP 9, 10 or 11) XP 64-bit: 2378111 (WMP 10) or 2378111 (WMP 11) 2003 SP2: 2346411 (WMP 10) 2003 SP2 64-bit: 2346411 (WMP 10) Vista SP1 and SP2: 2346411 (WMP 11) Vista SP1 and SP2 64-bit: 2346411 (WMP 11) 2008 and SP2: 2346411 (WMP 11) 2008 and SP2 64-bit: 2346411 (WMP 11) 7: 2346411 (WMP 12) 7 64-bit: 2346411 (WMP 12) 2008 R2 64-bit: 2346411 (WMP 12)	10-082
Forefront Unified Access Gateway Cross-Site Scripting	Fixes several cross-site scripting vulnerabilities and one redirection spoofing vulnerability in Forefront Unified Access Gateway (UAG). The vulnerability may be triggered if an attacker is able to entice their victim into clicking a specially crafted link. A successful attack would result in the attacker making requests to the UAG server in the context of the victim's logged in session. (CVE 2010-2732) (CVE 2010-2733) (CVE 2010-2734) (CVE 2010-3936)	UAG 2010: KB2433585 UAG 2010 Update 1: KB2433584 UAG 2010 Update 2: KB2418933	10-089
Windows kernel NDProxy privilege elevation vulnerability	Fixes a buffer overflow vulnerability which could allow privilege elevation when a local user runs a specially crafted application. (CVE 2010-3963)	XP: 2440591 2003: 2440591	10-099
Windows kernel multiple privilege elevation vulnerabilities fixed by MS11-077	Fixes multiple vulnerabilities which could allow privilege elevation and this vulnerability could allow an attacker to run arbitrary code in kernel mode, then install programs; view, change, or delete data; or create new accounts with full administrative rights. (CVE 2011-1874, CVE 2011-1875, CVE 2011-1876, CVE 2011-1877, CVE 2011-1878, CVE 2011-1879, CVE 2011-1880, CVE 2011-1881, CVE 2011-1882, CVE 2011-1883, CVE 2011-1884, CVE 2011-1885, CVE 2011-1886, CVE 2011-1887, CVE 2011-1888, CVE 2011-1985, CVE 2011-2002, CVE 2011-2003, CVE 2011-2011.)	Windows XP:KB2567053 Windows Server 2003:KB2567053 Windows Vista:KB2567053 Windows Server 2008:KB2567053 Windows 7:KB2567053	11-054 11-077
Windows kernel multiple privilege elevation vulnerabilities fixed by MS10-098	Fixes multiple vulnerabilities which could allow privilege elevation when a local user runs a specially crafted application. (CVE 2010-3939, CVE 2010-3940, CVE 2010-3941, CVE 2010-3942, CVE 2010-3943, CVE 2010-3944)	XP: 2436673 2003: 2436673 Vista: 2436673 2008: 2436673 7: 2436673 2008 R2: 2436673	10-098
Windows Movie Maker insecure library loading vulnerability	Fixes a vulnerability which could allow command execution when a user loads a document from an untrusted remote location. (CVE 2010-3967)	Vista: 2424434	10-093
Windows Live DLL Injection Vulnerability	Fixes a local DLL injection vulnerability in the Webio.dll that is used by many Windows Live applications, as well as other Microsoft applications. This vulnerability may be exploited to allow a remote attacker to trick a user into opening a file opened by the vulnerable applications. If the file is located on a Windows file share or a WebDAV HTTP file share, the attacker can overwrite libraries that the application dynamically loads at run time with a payload of their choosing. (CVE 2010-3966)	7: KB2385678 2008 R2 64-bit KB2385678	10-095
Windows Consent UI Impersonation vulnerability	Fixes a privilege elevation vulnerability which allows an authenticated user with SeImpersonatePrivilege to execute code with LocalSystem privilege. (CVE 2010-3961)	Vista: 2442962 2008: 2442962 7: 2442962 2008R2: 2442962	10-100
Windows Task Scheduler Privilege Elevation Vulnerability	Windows Task Scheduler does not validate whether or not scheduled tasks run within the intended security context properly. An attacker could run arbitrary code with system privileges. (CVE 2010-3338)	Vista: 2305420 Vista 64-bit: 2305420 2008: 2305420 2008 64-bit: 2305420 2008 R2: 2305420 7: 2305420 7 64-bit: 2305420	10-092
Windows Media Encoder insecure library loading vulnerability	Fixes a vulnerability which could allow command execution when a user loads a .prx file located in the same network directory as a specially crafted DLL. (CVE 2010-3965)	XP: 2447961 2003: 2447961 Vista: 2447961 2008: 2447961	10-094
Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution	Fixes a vulnerability that could allow remote code execution if a user opens an .ins or .isp file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application. (CVE 2010-3144)	XP: KB2443105 2003: KB2443105	10-097
Hyper-V Authenticated DOS Vulnerabilities	Multiple denial of service vulnerabilities exist in the Hyper-V server that can be exploited by sending a crafted packet to the VMBus. Sending such a packet requires the attacker to already be authenticated to a guest virtual machine. (CVE 2010-3960) (CVE 2011-1872)	2008 64-bit: 2525835 R2: 2525835	10-102 11-047
Netlogon RPC Denial of Service	A remote authenticated denial of service vulnerability exists in implementations of the Netlogon RPC Service on affected versions of Windows Server. An attacker who successfully exploited this vulnerability could cause affected versions of the Windows Server to restart. Only Windows Servers that are configured as domain controllers and host the Netlogon service are affected by this vulnerability. (CVE 2010-2742)	2003: 2207559 (32-bit), 2207559 (64-bit), 2207559 (Itanium) 2008: 2207559 (32-bit), 2207559 (64-bit) 2008 R2: 2207559 (64-bit)	10-101
OpenType Font format driver remote code execution	Fixes three vulnerabilities which could allow remote command execution on Windows Vista, 2008, and 7, and privilege elevation on earlier operating systems. (CVE 2010-3956 CVE 2010-3957 CVE 2010-3959) Also fixes a vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow remote code execution if a user views content rendered in a specially crafted CFF font. (CVE 2011-0033)	XP: KB2485376 2003: KB2485376 Vista: KB2485376 2008: KB2485376 Windows 7: KB2485376	10-091 11-007
Microsoft Graphics Rendering Engine Thumbnail Image Stack Buffer Overflow	Fixes a vulnerability in the Windows Graphics Rendering Engine. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. (CVE 2010-3970)	XP: 2483185 (32-bit), 2483185 (64-bit) 2003: 2483185 (32-bit), 2483185 (64-bit), 2483185 (Itanium) Vista: 2483185 (32-bit), 2483185 (64-bit) 2008: 2483185 (32-bit), 2483185 (64-bit), 2483185 (Itanium)	11-006
Backup Manager Insecure Library Loading Vulnerability	Fixes a remote code execution vulnerability in the Microsoft Windows Backup Manager. An attacker who successfully exploited this vulnerability could take complete control of an affected system and could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE 2010-3145)	Vista: 2478935 (32 bit), 2478935 (64 bit)	11-001
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege	Fixes vulnerabilities which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. (CVE 2011-0662 CVE 2011-0665 CVE 2011-0666 CVE 2011-0667 CVE 2011-0670 CVE 2011-0671 CVE 2011-0672 CVE 2011-0673 CVE 2011-0674 CVE 2011-0675 CVE 2011-0676 CVE 2011-0677 CVE 2011-1225 CVE 2011-1226 CVE 2011-1227 CVE 2011-1228 CVE 2011-1229 CVE 2011-1230 CVE 2011-1231 CVE 2011-1232 CVE 2011-1233 CVE 2011-1234 CVE 2011-1235 CVE 2011-1236 CVE 2011-1237 CVE 2011-1238 CVE 2011-1239 CVE 2011-1240 CVE 2011-1241 CVE 2011-1242) Also fixes five vulnerabilities which could allow elevation of privileges if an attacker logged on locally and was able to execute a specially crafted program. (CVE 2011-0086 CVE 2011-0087 CVE 2011-0088 CVE 2011-0089 CVE 2011-0090)	XP: KB2506223 2003: KB2506223 Vista: KB2506223 2008: KB2506223 Windows 7: KB2506223	11-034 11-012
Windows SMB Server Transaction Vulnerability	Fixes multiple vulnerabilities in SMB server and SMB client which could allow remote code execution. (CVE 2011-0661)	XP: 2508429 (32-bit), 2508429 (64-bit) 2003: 2508429 (32-bit), 2508429 (64-bit), Vista: 2508429 (32-bit), 2508429 (64-bit), 2008: 2508429 (32-bit), 2508429 (64-bit), Windows 7: 2508429 (32-bit), 2508429 (64-bit), Windows 7 SP1: 2508429 (32-bit), 2508429 (64-bit), 2008 R2: 2508429 (64-bit), 2008 R2 SP1: 2508429 (64-bit)	11-020
Microsoft Data Access Component remote code execution (MS11-002)	Fixes two vulnerabilities which could allow remote execution in the way it validates third-party API usage and memory allocation. (CVE 2011-0026 CVE 2011-0027)	XP: 2419632 (32-bit), 2419632 (64-bit) 2003: 2419635 (32-bit), 2419635 (64-bit), Vista: 2419640 (32-bit), 2419640 (64-bit), 2008: 2419640 (32-bit), 2419640 (64-bit), Windows 7: 2419640 (32-bit), 2419640 (64-bit), 2008 R2: 2419640 (64-bit)	11-002
Windows DNS Resolution Vulnerability	Fixes a vulnerability in the DNS client which could allow remote code execution if an attacker is able to deliver specially crafted LLMNR broadcast packets to the target system. (CVE 2011-0657)	XP: 2509553 (32-bit), 2509553 (64-bit) 2003: 2509553 (32-bit), 2509553 (64-bit), Vista: 2509553 (32-bit), 2509553 (64-bit), 2008: 2509553 (32-bit), 2509553 (64-bit), Windows 7: 2509553 (32-bit), 2509553 (64-bit), 2008 R2 SP1: 2509553 (64-bit)	11-030
Windows Active Directory SPN validation denial of service	Fixes a vulnerability which could allow an administrator on a computer in the domain to downgrade the target from Kerberos to NTLM, possibly leading to a denial of service. (CVE 2011-0040)	2003: 2478953	11-005
Windows LSASS length validation vulnerability	Fixes a privilege elevation vulnerability which could allow an authenticated user to take complete control of the system. (CVE 2011-0039)	XP: 2478960 2003: 2478960	11-014
Vulnerabilities in DirectShow and Windows Media Player	Fixes remote code execution vulnerabilities in DirectShow and Windows Media Player. (CVE 2011-0032 CVE 2011-0042)	XP: 2502898 (Windows XP Media Center Edition 2005), 2479943 (32-bit), 2479943 (Pro 64-bit) Vista: 2479943 (32-bit), 2479943 (64-bit) Win 7: 2479943 (32-bit), 2479943 (64-bit) 2008 R2: 2479943 (64-bit)	11-015
Vulnerabilities in Windows Media Center TV Pack	Fixes remote code execution vulnerabilities in Windows Media Center TV Pack. (CVE 2011-0032 CVE 2011-0042)	Vista: 2494132 (32-bit), 2494132 (64-bit)	11-015
JScript and VBScript information disclosure vulnerability	Fixes an information disclosure vulnerability due to a memory corruption error. (CVE 2011-0031)	Win 7: 2475792 (32-bit) 2475792 (64-bit) 2008 R2: 2475792	11-009
Windows Remote Desktop Insecure Library Loading Vulnerability	Fixes a vulnerability which could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. (CVE 2011-0029)	XP: 2483618 (32-bit 5.2), 2481109 (32-bit 6.1), 2481109 (64-bit 6.0), 2483614 (32-bit 7.0) 2003: 2481109 (32-bit) 6.0, 2481109 (64-bit) 6.0 Vista: 2481109 (32-bit) 6.1, 2481109 (64-bit) 6.1, 2483614 (32-bit) 7.0, 2483614 (64-bit) 7.0 2008: 2481109 (32-bit) 6.1, 2481109 (64-bit) 6.1 Win 7: 2483614 (32-bit) 7.0, 2483614 (64-bit) 7.0 2008 R2: 2483614 (64-bit) 7.0	970927
Windows MHTML Script Injection Vulnerability	Fixes a vulnerability which could allow an attacker to run MIME-formated MHTML requests in the wrong security context. This may result in an information disclosure, similar to a cross-site scripting attack. (CVE 2011-0096)	XP:2503658 (32-bit), 2503658 (64-bit) 2003:2503658 (32-bit), 2503658 (64-bit) Vista:2503658 (32-bit), 2503658 (64-bit) 2008:2503658 (32-bit), 2503658 (64-bit) Win 7:2503658 (32-bit), 2503658 (64-bit) 2008 R2:2503658 (64-bit)	11-026
Multiple ActiveX Control vulnerabilities	Fixes multiple vulnerabilities in WMITools ActiveX Control, Internet Explorer 8 Development Tools ActiveX Control, and Windows Messenger ActiveX Control that could allow an attacker to execute arbitrary code. (CVE 2010-0811 CVE 2010-3973 CVE 2011-1243)	ActiveX:KB2508272	11-027
Windows Fax Cover Page Remote Code Execution Vulnerability (MS11-024)	Fixes a vulnerability in Windows Fax Cover Page Editor which improperly parses malformed cover pages. Successful exploitation could give the attacker the same privileges as the logged on user. (CVE 2010-3974 CVE 2010-4701)	XP 32-bit:2491683 and 2506212 XP 64-bit:2491683 and 2506212 2003 32-bit:2491683 and 2506212 2003 64-bit:2491683 and 2506212 Vista 32-bit:2491683 and 2506212 Vista 64-bit:2491683 and 2506212 2008 32-bit:2491683 and 2506212 2008 64-bit:2491683 and 2506212 Windows 7 32-bit:2491683 and 2506212 Windows 7 64-bit:2491683 and 2506212 2008 R2:2491683 and 2506212	11-024
Windows GDI+ Integer Overflow	Fixes a vulnerability which could allow remote code execution if the user opens a specially crafted Windows Enhanced Metafile (EMF) image file. (CVE 2011-0041)	XP: 2412687, 2412687 (64-bit) 2003: 2412687, 2412687 (64-bit) Vista: 2412687, 2412687 (64-bit) 2008: 2412687, 2412687 (64-bit)	11-029
Windows SMB Client vulnerabilities	Fixes vulnerabilities which could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server. (CVE 2011-0654 CVE 2011-0660)	XP: 2511455, 2511455 (64-bit) 2003: 2511455, 2511455 (64-bit) Vista: 2511455, 2511455 (64-bit) 2008: 2511455, 2511455 (64-bit) Windows 7: 2511455, 2511455 (64-bit) 2008 R2: 2511455 (64-bit)	11-019
WordPad Text Converter Vulnerability	Fixes a vulnerability which could allow remote code execution if a user opens a specially crafted Word file that includes a malformed structure. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE 2011-0028)	XP 2485663, 2485663 (64-bit) 2003 2485663, 2485663 (64-bit)	11-033
Windows OpenType CFF vulnerability	Fixes a vulnerability which could allow remote code execution in the way that the OpenType Font (OTF) driver improperly parses specially crafted OpenType fonts. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE 2011-0034)	XP 2507618, 2507618 (64-bit) 2003 2507618, 2507618 (64-bit) Vista: 2507618, 2507618 (64-bit) 2008: 2507618, 2507618 (64-bit) Windows 7: 2507618, 2507618 (64-bit) 2008 R2: 2507618 (64-bit)	11-032
Ancillary Function Driver	Fixes a vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). A local user with valid login credentials could exploit this vulnerability to elevate privileges by executing a specially crafted application. (CVE 2011-1249)	XP 2503665, 2503665 (64-bit) 2003 2503665, 2503665 (64-bit) Vista 2503665, 2503665 (64-bit) 2008 2503665, 2503665 (64-bit) Windows 7: 2503665, 2503665 (64-bit) 2008 R2: 2503665 (64-bit)	11-046
Ancillary Function Driver	Fixes a vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). A local user with valid login credentials could exploit this vulnerability to elevate privileges by executing a specially crafted application. (CVE 2011-2005)	XP 2592799, 2592799 (64-bit) 2003 2592799, 2592799 (64-bit)	11-080
Ancillary Function Driver	Fixes two vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities. (CVE 2012-0148 CVE 2012-0149)	XP x64 Edition:KB2645640 2003:KB2645640 2003 x64 Edition:KB2645640 Vista x64 Edition:KB2645640 2008:KB2645640 Windows 7:KB2645640 2008 R2:KB2645640	12-009
Windows SMB Server vulnerability	Fixes a vulnerability which could allow remote denial of service attacks from an unauthenticated user. (CVE 2011-1267)	Vista 2536275, 2536275 (64-bit) 2008 2536275, 2536275 (64-bit) Windows 7: 2536275, 2536275 (64-bit) 2008 R2: 2536275 (64-bit)	11-048
Windows Distributed File System vulnerabilities	Fixes a vulnerability which could allow remote denial of service and remote code execution attacks from an unauthenticated user. (CVE 2011-1868 CVE 2011-1869)	XP: (32-bit), (64-bit) 2003: (32-bit), (64-bit) Vista: (32-bit), (64-bit) 2008: (32-bit), (64-bit) Windows 7: (32-bit), (64-bit) 2008 R2: (64-bit)	11-042
Active Directory Certificate Services Web Enrollment Vulnerability	A reflective cross-site scripting vulnerability may allow an attacker to execute scripts under the context of a user's Internet Explorer client. This may allow an attacker to steal session data or perform a phishing attack. (CVE 2011-1264)	2003: 2518295 2008: 2518295 2008 R2: 2518295	11-051
Windows Kernel-Mode drivers remote code execution vulnerability	Fixes a vulnerability which could allow remote code execution attacks by enticing a user to visit a specially crafted web page. (CVE 2011-1873)	XP: (64-bit), 2003: (64-bit), Vista: (64-bit), 2008: (64-bit), Windows 7: (64-bit), 2008 R2: (64-bit)	11-041
Forefront Threat Management Gateway Vulnerability	Fixes a vulnerability which could allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the Threat Management Gateway (TMG) firewall client is used. (CVE 2011-1889)	Forefront TMG: KB2520426	11-040
Windows SMB Client vulnerabilities	Fixes vulnerabilities which could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server. (CVE 2011-1268)	XP: 2536276, 2536276 (64-bit) 2003: 2536276, 2536276 (64-bit) 2536276 (Itanium) Vista: 2536276, 2536276 (64-bit) 2008: 2536276, 2536276 (64-bit) 2536276 (Itanium) Windows 7: 2536276, 2536276 (64-bit) 2008 R2: 2536276 (64-bit) 2008 R2: 2536276 (Itanium)	11-043
MHTML Mime-formatted information disclosure (MS11-037)	Fixes an information disclosure vulnerability in the way that MHTML protocol handler interprets MIME-formatted requests. (CVE 2011-1894)	XP 2544893, 2544893 (64-bit) 2003 2544893, 2544893 (64-bit) Vista 2544893, 2544893 (64-bit) 2008 2544893, 2544893 (64-bit) Windows 7 2544893, 2544893 (64-bit) 2008 R2 2544893 (64-bit)	11-037
Windows OLE Automation Underflow vulnerability (MS11-038)	Fixes a remote code execution vulnerability in OLE Automation. (CVE 2011-0658)	XP 2476490, 2476490 (64-bit) 2003 2476490, 2476490 (64-bit) Vista 2476490, 2476490 (64-bit) 2008 2476490, 2476490 (64-bit) Windows 7 2476490, 2476490 (64-bit) 2008 R2 2476490 (64-bit)	11-038
Windows CSRSS Privilege Escalation Vulnerability	Fixes a local privilege escalation vulnerability in the Windows Client/Server Run-time Subsystem (CSRSS). Authenticated users may be able to execute code under the context of other users. (CVE 2011-1967)	XP 2567680, 2567680 (64-bit) 2003 2567680, 2567680 (64-bit) Vista 2567680, 2567680 (64-bit) 2008 2567680, 2567680 (64-bit) Windows 7 2567680, 2567680 (64-bit) 2008 R2 2567680 (64-bit)	11-063
Elevation of Privilege Vulnerabilities in Windows (MS11-062)	Fixes a vulnerability in Remote Access Service NDISTAPI driver. (CVE 2011-1974)	XP 2566454, 2566454 (64-bit) 2003 2566454, 2566454 (64-bit)	11-062
Microsoft Remote Desktop Protocol Denial of Service Vulnerability (MS11-065)	If the Remote Desktop Protocol is enabled but not patched, a maliciously-crafted sequence of RDP packets sent by a remote, unauthenticated attacker could cause a denial of service and possibly restart the target system. (CVE 2011-1968)	XP 32-bit SP3 2570222 XP 64-bit SP2 2570222 2003 32-bit SP2 2570222 2003 64-bit SP2 2570222 2003 Itanium SP2 2570222	11-065
Microsoft Active Accessibility Insecure Library Loading Vulnerability	A remote code execution vulnerability exists in the way that the Microsoft Active Accessibility component handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. (CVE 2011-1247)	Windows XP: 2564958 (32-bit), 2564958 (64-bit) Windows Server 2003: 2564958 (32-bit), 2564958 (64-bit) Windows Vista: 2564958 (32-bit), 2564958 (64-bit) Windows Server 2008: 2564958 (32-bit), 2564958 (64-bit) Windows 7: 2564958 (32-bit), 2564958 (64-bit) 2008 R2: 2564958 (64-bit)	11-075
Windows Media Center Remote Code Execution Vulnerability	A remote code execution vulnerability exists in the way that Windows Media Center handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE 2011-2009)	Windows Vista: 2579692 (32-bit), 2579692 (64-bit)	11-076
Microsoft Data Access Component Insecure Library Loading Vulnerability	A remote code execution vulnerability exists in the way that the Windows Data Access Tracing component handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. (CVE 2011-1975)	Windows 7: 2560656 (32-bit), 2560656 (64-bit) 2008 R2: 2560656 (64-bit)	11-059
Windows Kernel Metadata Parsing DOS Vulnerability	A denial of service vulnerability exists in Windows due to the way the kernel parses file meta-data when browsing to a folder. An attacker who successfully exploited this vulnerability could cause the affected system to crash. (CVE 2011-1971)	Vista: 2556532 (32-bit), 2556532 (64-bit) 2008: 2556532 (32-bit), 2556532 (64-bit) Windows 7: 2556532 (32-bit), 2556532 (64-bit) 2008 R2: 2556532 (64-bit)	11-068 (superseded by MS11-098 on 32-bit versions of Windows Vista, Windows Server 2008, and Windows 7)
Windows Kernel Exception Handler Vulnerability	A privilege elevation vulnerability exists in Windows due to the kernel's failure to initialize some objects in memory. An attacker would have to log on locally to an affected system and run a specially crafted application designed to exploit the vulnerability. The vulnerability could not be exploited remotely or by anonymous users. (CVE 2011-2018)	XP: 2633171 (32-bit) 2003: 2633171 (32-bit) Vista: 2633171 (32-bit) 2008: 2633171 (32-bit) Windows 7: 2633171 (32-bit)	11-098
Windows IME Library Injection Vulnerability	An insecure library loading vulnerability exists in several Windows components. An attacker may exploit this vulnerability by placing a malicious library file (DLL) in the same folder as documents with the following extensions: .txt, .rft, .doc. (CVE 2011-1991)	XP: 2570947 (32-bit), 2570947 (64-bit) 2003: 2570947 (32-bit), 2570947 (64-bit) Vista: 2570947 (32-bit), 2570947 (64-bit) 2008: 2570947 (32-bit), 2570947 (64-bit) Windows 7: 2570947 (32-bit), 2570947 (64-bit) 2008 R2: 2570947 (64-bit)	11-071
Forefront Unified Access Gateway Cross-Site Scripting and Java Applet	Fixes several cross-site scripting vulnerabilities and one client browser JAVA applet vulnerability in Forefront Unified Access Gateway (UAG). The XSS vulnerabilities may be triggered if an attacker is able to entice their victim into clicking a specially crafted link. A successful attack would result in the attacker making requests to the UAG server in the context of the victim's logged in session. The JAVA applet vulnerability may allow an attacker to compromise an end-user's work station if they can convince the user view a page containing malicious content. (CVE 2011-1895) (CVE 2011-1896) (CVE 2011-1897) (CVE 2011-1969) (CVE 2011-2012)	UAG 2010: 2522482, 2522483 (Update1), 2522484 (Update2), 2522485 (SP1)	11-079
Windows Active Directory LDAPS Authentication Bypass	Fixes a vulnerability in Windows Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could allow privilege elevation if (a) Active Directory is configured to use LDAP over SSL (LDAPS) and (b) an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. (CVE 2011-2014)	XP: ADAM: 2616310, 2616310 (64-bit) 2003: AD: 2601626, 2601626 (64-bit); ADAM: 2616310, 2616310 (64-bit) Vista: AD LDS: 2601626, 2601626 (64-bit) 2008: AD & AD LDS: 2601626, 2601626 (64-bit) 7: AD LDS: 2601626, 2601626 (64-bit) 2008 R2: AD & AD LDS: 2601626	11-086
Vulnerability in Windows Kernel-Mode Drivers Could cause a Denial of Service	Fixes a vulnerability in Windows Kernel-Mode Drivers that could cause a denial of service when opening specially crafted true types fonts. (CVE 2011-2004)	KB2617657 Win 7: 32-bit, 64-bit 2008 R2: 64-bit, Itanium	11-084
Windows TCP/IP Elevation of Privilege and Firewall Bypass Vulnerabilities (MS12-032)	Fixes two vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. (CVE 2012-0174 CVE 2012-0179) Also fixes two denial of service vulnerabilities in windows TCP/IP stack. (CVE 2011-1871 CVE 2011-1965) Also fixes a remote code execution vulnerability in Windows TCP/IP stack. (CVE 2011-2013 )	Windows Vista:KB2688338 Windows Vista x64 Edition:KB2688338 Windows Server 2008:KB2688338 Windows Server 2008 x64:KB2688338 Windows 7:KB2688338 Windows 7 for x64-based Systems:KB2688338 Windows Server 2008 R2 for x64-based Systems:KB2688338	11-064 11-083 12-032
Microsoft Windows Mail Insecure Library Loading Vulnerability	A vulnerability in Microsoft Windows Mail and Windows Meeting Space could permit remote code execution using a malicious DLL library. (CVE 2011-2016)	KB2620704 Vista SP2: 32-bit, 64-bit 2008 SP2: 32-bit, 64-bit, Itanium Windows 7 & SP1: 32-bit, 64-bit 2008 R2 & SP1: 64-bit, Itanium	11-085
Multiple ActiveX Control vulnerabilities	Fixes multiple vulnerabilities in the Microsoft Time ActiveX Control that could allow an attacker to gain the same privileges as the logged on user. (CVE 2011-3397)	KB2618451 XP: 32-bit, 64-bit 2003: 32-bit, 64-bit, Itanium Vista: 32-bit, 64-bit 2008: 32-bit, 64-bit, Itanium Win 7: 32-bit, 64-bit 2008 R2: 64-bit, Itanium	11-090
Windows TrueType font parsing vulnerability	Fixes a vulnerability in Windows Kernel-Mode Drivers that could allow privilege elevation and this vulnerability could allow an attacker to run arbitrary code in kernel mode, then install programs; view, change, or delete data; or create new accounts with full administrative rights. (CVE 2011-3402)	KB2639417 XP: 32-bit, 64-bit 2003: 32-bit, 64-bit Vista: 32-bit, 64-bit 2008: 32-bit, 64-bit Win 7: 32-bit, 64-bit 2008 R2: 64-bit	11-087
Active Directory and ADAM buffer overflow	Fixes a privilege elevation vulnerability which could allow command execution by an attacker who has credentials to an Active Directory domain. (CVE 2011-3406)	XP: 2626416 2003: 2621146 (Active Directory) 2003: 2626416 (ADAM) Vista: 2621146 2008: 2621146 7: 2621146 2008 R2: 2621146	11-095
Windows Media Player DVR-MS File Parsing Vulnerability	Fixes an error in the DirectShow library of Windows Media Center and Media Player where DVR-MS files (with the dvr-ms extension) are improperly parsed. An attacker could leverage this bug to corrupt memory and gain control of execution over the target system. (CVE 2011-3401)	XP 2619339 Vista 2619339 7 2619339	11-092
Object Linking and Embedding (OLE) Vulnerability	Fixes an error in the handling of OLE objects in compound documents. An attacker could leverage this bug to corrupt memory and gain control of execution over the target system. (CVE 2011-3400)	XP 2624667 2003 2624667	11-093
Windows Kernel Security Feature Bypass Vulnerability	Fixes a vulnerability in Microsoft Windows. The vulnerability could allow an attacker to bypass the SafeSEH security feature in a software application. An attacker could then use other vulnerabilities to leverage the structured exception handler to run arbitrary code. (CVE 2012-0001)	Windows Server 2003:KB2644615 Windows Vista:KB2644615 Windows Server 2008:KB2644615 Windows 7:KB2644615	12-001
Microsoft Office ClickOnce Vulnerability	A remote code execution vulnerability exists in the Microsoft Office ClickOnce embedded application feature due to the way Windows validates package contents. (CVE 2012-0013)	XP: 2584146 (32-bit), 2584146 (64-bit) 2003: 2584146 (32-bit), 2584146 (64-bit) Vista: 2584146 (32-bit), 2584146 (64-bit) 2008: 2584146 (32-bit), 2584146 (64-bit) Windows 7: 2584146 (32-bit), 2584146 (64-bit) 2008 R2: 2584146 (64-bit)	12-005
Windows CSRSS Privilege Escalation Vulnerability	Fixes a local privilege escalation vulnerability in the Windows Client/Server Run-time Subsystem (CSRSS). Authenticated users may be able to execute code under the context of other users. (CVE 2012-0005)	XP 2646524 2003 2646524 Vista 2646524 2008 2646524	12-003
Windows Object Packager Insecure Executable Launching Vulnerability	Fixes a vulnerability in the way that Windows registers and uses the Windows Object Packager that could allow remote code execution if a user opens a legitimate file with an embedded packaged object that is located in the same network directory as a specially crafted executable file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. (CVE 2012-0009)	XP: KB2598479 (32-bit), 2603381 (64-bit) 2003: 2603381 (32-bit), 2603381 (64-bit)	12-002
Windows Multimedia Library MIDI Vulnerability	Fixes a vulnerability in the way that Windows Multimedia Library parses MIDI files. Windows Multimedia Library is used by applications such as Windows Media Player to work with audio and video. An attacker who convinces a user to open a specially crafted MIDI file could run arbitrary code in the context of the current user. (CVE 2012-0003)	XP: 2628259 (Windows XP Media Center Edition 2005), 2598479 (32-bit), 2598479 (64-bit) 2003: 2598479 (32-bit), 2598479 (64-bit) Vista: 2598479 (32-bit), 2598479 (64-bit) 2008: 2598479 (32-bit), 2598479 (64-bit)	12-004
Windows DirectShow media file parsing vulnerability	Fixes a vulnerability in the way that Windows DirectShow (a component of Windows DirectX) handles media files. An attacker who convinces a user to open a specially crafted media file could run arbitrary code in the context of the current user. (CVE 2012-0004)	XP: 2631813 (32-bit), 2631813 (64-bit) 2003: 2631813 (32-bit), 2631813 (64-bit) Vista: 2631813 (32-bit), 2631813 (64-bit), 2628642 (32-bit), 2628642 (64-bit) 2008: 263183 (32-bit), 2603381 (64-bit) 7: 263183 (32-bit), 263183 (64-bit) 2008R2: 263183	12-004
SSL and TLS Protocols Vulnerable Implementation	A vulnerability exists within the SSL 3.0 and TLS 1.0 protocols through which an attacker who has access to an active (encrypted) SSL connection — a “man-in-the-middle” attack — may be able to break the encryption and read the content being transmitted. No actual exploit was known until 2011, when an exploit tool named “BEAST” demonstrated a block-wise chosen-plaintext attack using vulnerable Web browsers and a crafted Web site. SSL 3.0 and TLS 1.0, using CBC mode, are vulnerable. TLS 1.1 and 1.2, and all encryption methods which do not use CBC mode, are unaffected by this vulnerability. (CVE 2011-3389)	XP 32-bit SP3 2585542 XP 64-bit SP2 2585542, 2638806 2003 32-bit SP2 2585542, 2638806 2003 64-bit SP2 2585542, 2638806 2003 Itanium SP2 2585542, 2638806 Vista 32-bit SP2 2585542 Vista 64-bit SP2 2585542 2008 32-bit SP2 2585542 2008 64-bit SP2 2585542 2008 Itanium SP2 2585542 W7 32-bit to SP1 2585542 W7 64-bit to SP1 2585542 2008 R2 64-bit to SP1 2585542 2008 R2 Itanium to SP1 2585542	12-006
MS Windows Kernel-Mode Drivers Remote Code Execution Vulnerability	Two vulnerabilities exist in kernel-mode drivers which, if exploited, could give an attacker the ability to execute arbitrary program code on the vulnerable computer. (CVE 2011-5046, CVE 2012-0154)	KB2660465 XP: 32-bit, 64-bit 2003: 32-bit, 64-bit, Itanium Vista: 32-bit, 64-bit 2008: 32-bit, 64-bit, Itanium W7: 32-bit, 64-bit 2008 R2: 64-bit, Itanium	12-008
MS Windows Kernel-Mode Drivers Remote Code Execution Vulnerability	A vulnerability exists in kernel-mode drivers which, if exploited, could give an attacker the ability to execute arbitrary program code on the vulnerable computer. (CVE 2012-0157)	KB2641653 XP: 32-bit, 64-bit 2003: 32-bit, 64-bit Vista: 32-bit, 64-bit 2008: 32-bit, 64-bit 2008 R2: 64-bit W7: 32-bit, 64-bit	12-018
MS Remote Desktop Could Allow Remote Code Execution Vulnerabilities	Fixed Remote Code Execution Vulnerabilities in the Remote Desktop Protocol. If exploited, an attacker could run arbitrary code on the target system, then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE 2012-0002, CVE 2012-0152)	KB2621440 and KB2621402 XP: 32-bit, 64-bit 2003: 32-bit, 64-bit, Itanium Vista: 32-bit, 64-bit 2008: 32-bit, 64-bit, Itanium 2008 R2: 64-bit(1), 64-bit(2), Itanium(1), Itanium(2) W7: 32-bit(1), 32-bit(2), 64-bit(1), 64-bit(2)	12-020
Windows C Run-Time Library remote code execution vulnerability	Fixes a remote code vulnerability in the way that the msvcrt.dll calculates the size of a buffer in memory, allowing data to be copied into memory that has not been properly allocated. This vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. An attacker who successfully exploits the vulnerability could gain the same user rights as the local user. (CVE 2012-0150)	Vista: 2654428 (32-bit), 2654428 (64-bit) 2008: 2654428 (32-bit), 2654428 (64-bit) Windows 7: 2654428 (32-bit), 2654428 (64-bit) 2008 R2: 2654428 (64-bit)	12-013
Windows Color Control Panel Insecure Library Loading vulnerability	Fixes a vulnerability in Windows Server 2008 and 2008 R2 that could allow remote code execution. The vulnerability is caused in the way that the Color Control Panel handles the loading of DLL files when a user opens a legitimate file (example, .icm or .icc) which is in the same directory as the specially crafted dll file. An attacker could run arbitrary code in the context of the current user. CVE 2010-5082	2008: 2643719, 2643719 (64-bit) 2008R2: 2643719	12-012
Vulnerability in Indeo Codec	A vulnerability exists in the Indeo codec for Windows XP SP3. The vulnerability could allow remote code execution if a user opens a legitimate file from a directory which also contains a specially-crafted dll file. If successful, the attacker could then run arbitrary code as the logged-on user. The higher the privilege level of the logged-on user, the more damage could be done. (CVE 2010-3138)	XP 32-bit SP3 2661637	12-014
Microsoft Windows DirectWrite Denial of Service Vulnerability	Fixes a vulnerability in Windows DirectWrite. In an Instant Messenger-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client. CVE 2012-0156	Windows Vista:KB2665364 Windows Server 2008:KB2665364 Windows 7:KB2665364	12-019
MS Forefront Unified Access Gateway 2010 information disclosure vulnerability	Two information disclosure vulnerabilities exist in Unified Access Gateway (UAG) 2010 SP1: A spoofing vulnerability could allow an outside attacker to acquire authentication cookies and credentials for an internal UAG user, and an access vulnerability could allow an unauthenticated attacker on the (external) Internet to acquire confidential content from a UAG server's (internal) default Web page. (CVE 2012-0146, CVE 2012-0147)	UAG 2010 SP1: KB2649261 SP1 Update 1: KB2649262	12-026
Windows Authenticode Signature Verification function bypass	The WinVerifyTrust function improperly validates the signature of an executable file, allowing for the potential execution of untrusted code. CVE 2012-0151	XP:KB2653956 2003:KB2653956 Vista:KB2653956 W7:KB2653956 2008:KB2653956 2008 R2:KB2653956	12-024
Privilege Vulnerability fixed by MS12-033	MS12-033 fixed a Plug and Play (PnP) Configuration Manager Vulnerability in Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. CVE 2012-0178	Vista 32 bit SP2:KB2690533, Vista 64 bit SP2:KB2690533 W7 32 bit:KB2690533, W7 32 bit SP1:KB2690533, W7 64 bit:KB2690533, W7 64 bit SP1:KB2690533, 2008 32 bit SP2:KB2690533, 2008 64 bit SP2:KB2690533, 2008 Itanium SP2:KB2690533, 2008 R2 64 bit:KB2690533, 2008 R2 64 bit SP1:KB2690533, 2008 R2 Itanium:KB2690533, 2008 R2 Itanium SP1:KB2690533	12-033
Multiple vulnerabilities fixed by MS12-034	MS12-034 fixed multiple vulnerabilities in Windows, Office, GDI+, .NET, and Silverlight. (CVE 2011-3402 CVE 2012-0159 CVE 2012-0165 CVE 2012-0167 CVE 2012-0180 CVE 2012-0181 CVE 2012-1848)	MS12-034	12-034