Microsoft Windows Cursor and Icon format handling vulnerability

Description

Microsoft Windows contains a vulnerability that may allow remote attackers to execute arbitrary code. The vulnerability is due to cursor, animated cursor, and icon formats being handled in an insecure manner. Remote attackers can exploit this vulnerability using malicious cursor or icon files to execute arbitrary code. This vulnerability is known to be associated with the following trojan(s) or virus(es): Win32.MS05-002!exploit.

Back to top

Recommendations

-------------------------------------------------------------------------------
For: Microsoft Windows XP Home Edition SP1 x86 32 EN, Microsoft Windows XP Professional SP1 x86 32 DE, Microsoft Windows XP Professional SP1 x86 32 EN, Microsoft Windows XP Professional SP1 x86 32 ES, Microsoft Windows XP Professional SP1 x86 32 FR, Microsoft Windows XP Professional SP1 x86 32 IT
Apply: WindowsXP-KB891711-x86

Apply the patch provided by the vendor:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8850954D-57D9-4D23-9AA1-1CCF6085A057

Vendor advisory:

MS05-002
If you have: Microsoft Windows XP Home Edition x86 32 FR, Microsoft Windows XP Professional SP1 x86 32 FR, Microsoft Windows XP Professional x86 32 FR

Download:
http://download.microsoft.com/download/a/a/6/aa6be7c3-e89c-4675-8dd7-563419c708f1/WindowsXP-KB891711-x86-FRA.exe

If you have: Microsoft Windows XP Home Edition x86 32 DE, Microsoft Windows XP Professional SP1 x86 32 DE, Microsoft Windows XP Professional x86 32 DE

Download:
http://download.microsoft.com/download/8/2/c/82cab6b2-60bf-4d5a-903d-85b366f62ac2/WindowsXP-KB891711-x86-DEU.exe

If you have: Microsoft Windows XP Home Edition x86 32 IT, Microsoft Windows XP Professional SP1 x86 32 IT, Microsoft Windows XP Professional x86 32 IT

Download:
http://download.microsoft.com/download/3/e/c/3ec21056-8024-4177-90dd-7c2cb3e33be8/WindowsXP-KB891711-x86-ITA.exe

If you have: Microsoft Windows XP Home Edition x86 32 ES, Microsoft Windows XP Professional SP1 x86 32 ES, Microsoft Windows XP Professional x86 32 ES

Download:
http://download.microsoft.com/download/c/6/8/c688b134-c66e-445b-9352-c3e3a10e9589/WindowsXP-KB891711-x86-ESN.exe

If you have: Microsoft Windows XP Home Edition SP1 x86 32 EN, Microsoft Windows XP Home Edition x86 32 EN, Microsoft Windows XP Professional SP1 x86 32 EN, Microsoft Windows XP Professional x86 32 EN

Download:
http://download.microsoft.com/download/d/2/b/d2b2a03d-e617-4bff-aeeb-e3d45110b7d6/WindowsXP-KB891711-x86-ENU.exe

-------------------------------------------------------------------------------
For: Microsoft Windows XP Home Edition SP1 x86 32 EN, Microsoft Windows XP Professional SP1 x86 32 DE, Microsoft Windows XP Professional SP1 x86 32 EN, Microsoft Windows XP Professional SP1 x86 32 ES, Microsoft Windows XP Professional SP1 x86 32 FR, Microsoft Windows XP Professional SP1 x86 32 IT
Apply: WindowsXP-KB896424-x86
If you have: Microsoft Windows XP Home Edition SP2 x86 32 IT, Microsoft Windows XP Professional SP1 x86 32 IT, Microsoft Windows XP Professional SP2 x86 32 IT

Download:
http://download.microsoft.com/download/2/b/c/2bc94d7c-059e-479c-809a-c9c2ae2895cf/WindowsXP-KB896424-x86-ITA.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 FR, Microsoft Windows XP Professional SP1 x86 32 FR, Microsoft Windows XP Professional SP2 x86 32 FR

Download:
http://download.microsoft.com/download/5/7/c/57c01a8b-1510-47e7-aa56-d5fddd9168c5/WindowsXP-KB896424-x86-FRA.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 ES, Microsoft Windows XP Professional SP1 x86 32 ES, Microsoft Windows XP Professional SP2 x86 32 ES

Download:
http://download.microsoft.com/download/b/a/f/bafccfe7-44c2-483f-8b77-61d5c8cbda37/WindowsXP-KB896424-x86-ESN.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 DE, Microsoft Windows XP Professional SP1 x86 32 DE, Microsoft Windows XP Professional SP2 x86 32 DE

Download:
http://download.microsoft.com/download/f/0/0/f005210e-853a-4dc1-803f-8fd49721d7e5/WindowsXP-KB896424-x86-DEU.exe

If you have: Microsoft Windows XP Home Edition SP1 x86 32 EN, Microsoft Windows XP Home Edition SP2 x86 32 EN, Microsoft Windows XP Professional SP1 x86 32 EN, Microsoft Windows XP Professional SP2 x86 32 EN

Download:
http://download.microsoft.com/download/1/7/f/17f74fcb-5a29-492e-baf5-503357aeaf2b/WindowsXP-KB896424-x86-ENU.exe

-------------------------------------------------------------------------------
For: Microsoft Windows 2000 Advanced Server SP4 x86 32 EN, Microsoft Windows 2000 Professional SP4 x86 32 EN, Microsoft Windows 2000 Server SP4 x86 32 EN
Apply: Windows2000-KB891861-x86

-------------------------------------------------------------------------------
For: Microsoft Windows NT Server 4.0 Enterprise Edition SP6a x86 32 EN, Microsoft Windows NT Server 4.0 SP6a x86 32 EN
Apply: WindowsNT4Server-KB891711-x86-ENU

Apply the patch provided by the vendor:

http://www.microsoft.com/downloads/details.aspx?FamilyId=4604400A-287E-48CC-91B1-BEE44EEA588C

Vendor advisory:

MS05-002

Download:
http://download.microsoft.com/download/2/e/4/2e4d50d5-854c-48c3-a928-80c5ddc958e4/WindowsNT4Server-KB891711-x86-ENU.exe

-------------------------------------------------------------------------------
For: Microsoft Windows 2000 Advanced Server SP3 x86 32 EN, Microsoft Windows 2000 Professional SP3 x86 32 EN, Microsoft Windows 2000 Server SP3 x86 32 EN
Apply: Windows2000-KB891711-x86

Apply the patch provided by the vendor:

http://www.microsoft.com/downloads/details.aspx?FamilyId=722C6C65-3F6C-4029-8EB7-D4612A785E78

Vendor advisory:

MS05-002
If you have: Microsoft Windows 2000 Advanced Server SP3 x86 32 DE, Microsoft Windows 2000 Advanced Server SP4 x86 32 DE, Microsoft Windows 2000 Professional SP3 x86 32 DE, Microsoft Windows 2000 Professional SP4 x86 32 DE, Microsoft Windows 2000 Server SP3 x86 32 DE, Microsoft Windows 2000 Server SP4 x86 32 DE

Download:
http://download.microsoft.com/download/f/6/a/f6af7faa-b060-40bd-ab46-02fc5cc6a7ea/Windows2000-KB891711-x86-DEU.EXE

If you have: Microsoft Windows 2000 Advanced Server SP3 x86 32 IT, Microsoft Windows 2000 Advanced Server SP4 x86 32 IT, Microsoft Windows 2000 Professional SP3 x86 32 IT, Microsoft Windows 2000 Professional SP4 x86 32 IT, Microsoft Windows 2000 Server SP3 x86 32 IT, Microsoft Windows 2000 Server SP4 x86 32 IT

Download:
http://download.microsoft.com/download/a/a/0/aa03833e-bd53-4a3b-ad45-561dd2a7ac84/Windows2000-KB891711-x86-ITA.EXE

If you have: Microsoft Windows 2000 Advanced Server SP3 x86 32 EN, Microsoft Windows 2000 Advanced Server SP4 x86 32 EN, Microsoft Windows 2000 Professional SP3 x86 32 EN, Microsoft Windows 2000 Professional SP4 x86 32 EN, Microsoft Windows 2000 Server SP3 x86 32 EN, Microsoft Windows 2000 Server SP4 x86 32 EN

Download:
http://download.microsoft.com/download/7/e/f/7ef6135d-b54e-4fb6-9a2a-233a325d0f8e/Windows2000-KB891711-x86-ENU.EXE

If you have: Microsoft Windows 2000 Advanced Server SP3 x86 32 FR, Microsoft Windows 2000 Advanced Server SP4 x86 32 FR, Microsoft Windows 2000 Professional SP3 x86 32 FR, Microsoft Windows 2000 Professional SP4 x86 32 FR, Microsoft Windows 2000 Server SP3 x86 32 FR, Microsoft Windows 2000 Server SP4 x86 32 FR

Download:
http://download.microsoft.com/download/4/1/2/41238507-cd2e-4d10-903e-371207439798/Windows2000-KB891711-x86-FRA.EXE

If you have: Microsoft Windows 2000 Advanced Server SP3 x86 32 ES, Microsoft Windows 2000 Advanced Server SP4 x86 32 ES, Microsoft Windows 2000 Professional SP3 x86 32 ES, Microsoft Windows 2000 Professional SP4 x86 32 ES, Microsoft Windows 2000 Server SP3 x86 32 ES, Microsoft Windows 2000 Server SP4 x86 32 ES

Download:
http://download.microsoft.com/download/d/2/2/d22e8239-ec3b-462b-bb6d-f0e276bf409b/Windows2000-KB891711-x86-ESN.EXE

-------------------------------------------------------------------------------
For: Microsoft Windows 2000 Advanced Server SP4 x86 32 EN, Microsoft Windows 2000 Professional SP4 x86 32 EN, Microsoft Windows 2000 Server SP4 x86 32 EN
Apply: Windows2000-KB891861-v2-x86
If you have: Microsoft Windows 2000 Advanced Server SP4 x86 32 IT, Microsoft Windows 2000 Professional SP4 x86 32 IT, Microsoft Windows 2000 Server SP4 x86 32 IT

Download:
http://download.microsoft.com/download/b/a/0/ba069a77-1a63-4a2f-82a1-fed8ef05b94c/Windows2000-KB891861-v2-x86-ITA.EXE

If you have: Microsoft Windows 2000 Advanced Server SP4 x86 32 DE, Microsoft Windows 2000 Professional SP4 x86 32 DE, Microsoft Windows 2000 Server SP4 x86 32 DE

Download:
http://download.microsoft.com/download/6/a/3/6a358d3e-f38d-4376-a2bc-3dbf5a1411a9/Windows2000-KB891861-v2-x86-DEU.EXE

If you have: Microsoft Windows 2000 Advanced Server SP4 x86 32 FR, Microsoft Windows 2000 Professional SP4 x86 32 FR, Microsoft Windows 2000 Server SP4 x86 32 FR

Download:
http://download.microsoft.com/download/d/e/f/def6eb0a-fc08-4cb8-a00d-7c4442ce4629/Windows2000-KB891861-v2-x86-FRA.EXE

If you have: Microsoft Windows 2000 Advanced Server SP4 x86 32 ES, Microsoft Windows 2000 Professional SP4 x86 32 ES, Microsoft Windows 2000 Server SP4 x86 32 ES

Download:
http://download.microsoft.com/download/c/d/b/cdbf9256-d5da-4521-8ab8-6cfd94b44d1e/Windows2000-KB891861-v2-x86-ESN.EXE

If you have: Microsoft Windows 2000 Advanced Server SP4 x86 32 EN, Microsoft Windows 2000 Professional SP4 x86 32 EN, Microsoft Windows 2000 Server SP4 x86 32 EN

Download:
http://download.microsoft.com/download/2/7/b/27b1d1a3-0299-4336-b88a-22b9f09817e2/Windows2000-KB891861-v2-x86-ENU.EXE

-------------------------------------------------------------------------------
For: Microsoft Windows NT Server Terminal Server Edition SP6 x86 32 EN, Microsoft Windows Server 2003 Enterprise Edition 64-Bit Edition IA64 64 EN, Microsoft Windows XP 64-Bit Edition SP1 x86 64 EN

Apply the patches provided by the vendor:

Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=94A0B521-4C39-4D15-AA80-068C30476E6F

Microsoft Windows XP 64-Bit Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=2325700F-7931-4B0C-A978-BCFF469B8061

Microsoft Windows XP 64-Bit Edition Version 2003 :

http://www.microsoft.com/downloads/details.aspx?FamilyId=16A52196-0BD0-4355-9F29-2B26CB0961AF

Microsoft Windows Server 2003 64-Bit Edition :

http://www.microsoft.com/downloads/details.aspx?FamilyId=16A52196-0BD0-4355-9F29-2B26CB0961AF

Vendor advisory:

MS05-002

Back to top

Affected Technologies

Microsoft: Microsoft Windows 2000 Advanced Server SP3 x86 32 EN
Microsoft: Microsoft Windows 2000 Advanced Server SP4 x86 32 EN
Microsoft: Microsoft Windows 2000 Professional SP3 x86 32 EN
Microsoft: Microsoft Windows 2000 Professional SP4 x86 32 EN
Microsoft: Microsoft Windows 2000 Server SP3 x86 32 EN
Microsoft: Microsoft Windows 2000 Server SP4 x86 32 EN
Microsoft: Microsoft Windows NT Server Terminal Server Edition SP6 x86 32 EN
Microsoft: Microsoft Windows Server 2003 Enterprise Edition 64-Bit Edition IA64 64 EN
Microsoft: Microsoft Windows XP Home Edition SP1 x86 32 EN
Microsoft: Microsoft Windows XP Professional SP1 x86 32 DE
Microsoft: Microsoft Windows XP Professional SP1 x86 32 EN
Microsoft: Microsoft Windows XP Professional SP1 x86 32 ES
Microsoft: Microsoft Windows XP Professional SP1 x86 32 FR
Microsoft: Microsoft Windows XP Professional SP1 x86 32 IT
Microsoft: Windows NT Server 4.0 Enterprise Edition SP6a
Microsoft: Windows NT Server 4.0 SP6a
Microsoft: Windows XP 64-bit Edition SP1

Back to top

References

CA Antivirus: MS05-002!exploit
Microsoft: MS05-002
Mitre CVE: CAN-2004-1049

Back to top

Vulnerability Detail