US-CERT Technical Cyber Security Alert TA05-102A — Multiple Vulnerabilities in Microsoft Windows Components


Microsoft has released a Security Bulletin Summary for April, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Exploitation of some vulnerabilities can result in the remote execution of arbitrary code by a remote attacker. Details of the vulnerabilities and their impacts are provided below.

I. Description

The list below provides a mapping between Microsoft’s Security Bulletins and the related US-CERT Vulnerability Notes. More information related to the vulnerabilities is available in these documents.

Microsoft Security Bulletin MS05-020: Cumulative Security Update for Internet Explorer (890923)

VU#774338 Microsoft Internet Explorer DHTML objects contain a race condition

VU#756122 Microsoft Internet Explorer URL validation routine contains a buffer overflow

VU#222050 Microsoft Internet Explorer Content Advisor contains a buffer overflow

Microsoft Security Bulletin MS05-02: Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)

VU#275193 Microsoft Exchange Server contains unchecked buffer in SMTP extended verb handling

Microsoft Security Bulletin MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)

VU#633446 Microsoft MSN Messenger GIF processing buffer overflow

Microsoft Security Bulletin MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

VU#233754 Microsoft Windows does not adequately validate IP packets

II. Impact

Exploitation of these vulnerabilities may permit a remote attacker to execute arbitrary code on a vulnerable Windows system, or cause a denial-of-service condition.

III. Solution

Apply a patch.

Microsoft has provided the patches for these vulnerabilities in the Security Bulletins and on Windows Update.


good news/bad news… and since there’s nobody to choose which comes first, you get my choice, and i’m not sure which is which.

we’ve had two offers on our house, and despite that, we continue to have to let total strangers walk around and “preview” the house, because the offers are not finalised yet: one of them was an investor who had bunches of money he was willing to throw at us with no contingencies or prerequisites, but he suddenly developed some “family emergency” or something like that, which made him have to leave for europe, so he withdrew the offer. the other one is from a family who is buying their first house, and their offer comes with some things that make us question whether they are actually going to get what they are asking for, and may end up not going through at all because they may want us to spend money to fix things – which is why we’re selling in the first place: we don’t have enough money to pay the mortgage, let alone fix things that they may want to have fixed before they’ll actually give us money.

however, the owner of the house we want to buy wants to sell to us, and has basically said that she’s ready to move at the end of april, so we’d be able to move in around the 1st of may… except that when the people who finance our mortgage, who have already approved a new mortgage based solely on moe’s income, found out that the “house” is actually a “glorified trailer”, they changed their minds and now say that they won’t lend us money unless we put up 30% of the cost of the “trailer” as a down payment. apparently the house is a “single-wide”, which are the most frequently defaulted-on mortgages of any out there, and despite the fact that we have great credit, they say that a “single-wide” is more like a car (or, more specifically, a trailer) than a house, and they’re afraid we’ll move it somewhere else (as if)… so they’re willing to loan us money to buy the “single-wide” if we’re willing to put down 30% to start with, but not at all if it is to be a “no down payment” mortgage, which is what we can afford… and if we recind our offer at this point, we’ll lose our earnest money, which we can’t afford to do.


the whole thing has put enough stress on moe that i’m starting to worry about her, along with all of the other things i’ve got to worry about. 8P

oh, yeah… the moisture festival is done for another year. i’m told that we won’t have to wait until next year to “get moist” again, but nothing apart from that.

apparently kids in japan play a game called kancho, which involves “kids clasping their hands together, sticking out their first fingers, and shoving them up your butt”… here’s a link to the whole story for the morbidly curious, as well as a link to the JET Programme, for those who want to go and find out for themselves whether it’s really true or not.

Leftist Hatred Behind Pie-Throwing Thugs… “Pie-throwing thugs attacking conservative speakers on college campuses are motivated by left-wing hatred…” or they could just be getting totally fed up with doing things according to the rules and getting shot down, overridden, and out-“voted” at every attempt. hrmph!


oh, all right, i’ll update my journal, in spite of the fact that the same things are going on now that were going on a week ago (stress over not having a job, stress about moving to an as-yet-unknown place, stress about my car’s deteriorating condition, moisture festival performances, etc.), if for no other reason than to get the mass of links off of my desktop.

the moisture festival is in the middle of it’s second week of performances, and everything is going amazingly well, although as disorganised as ever. apparently hobbit wrote to someone at the moisture festival back in february, but nobody responded. oh well, better luck next time, ‘eh? there’s a review of the moisture festival, and a whole bunch of pictures taken at the moisture festival by john cornicello, who is the fremont philharmonic’s keyboard player, but there’s only one of me. we’ll have to fix that…

salamandir at the moisture festival, 050406
please note, what you can see of the hat was given to me by
now that i’ve got the photo on a server which doesn’t prevent me from linking to graphics of my own face… grumble, grumble…

through not very much poking around i found my father’s web site. the last time i talked to him, i called to ask for a copy of my birth certificate, about a month ago. he said he would send it to me, and then hung up with no further comment. that was the first time i spoke to him since my injury, almost 2 years ago, and i’ve not been in contact with him and the rest of my "family-of-origin" for maybe 3 years before that. i wish i could have expected more from him, but he’s been that way for close to 20 years, so i don’t know why i should expect anything else from him. he sent me a certified letter with the original of my birth certificate (!), but it was addressed to my old name, which i haven’t used for more than 20 years.

along the same lines, i found another species of salamander on the web, Aneides flavipunctatus, whose name i like almost as much as Ambystoma tigrinum (the Tiger salamander, which is a "Mole salamander" according to the family name, but which isn’t listed at

turning the corner, there’s an article i rather liked about the "chaliban" – the "christian" taliban which is slowly and insidiously taking over this country – which has been hypocritical enough to allow the government to pull the plug on a 6-month-old baby with a fatal form of dwarfism (over his mother’s objections), and hypocritical enough to allow tom delay to pull the plug on his own terminally-ill father, but hypocritial enough to rush in and repeatedly try to deny michael schiavo’s attempts to pull the plug on his brain-damaged, used-to-be human wife, terri… similarly, there is now evidence that a good deal of the information that "we" used to "justify" going to war with iraq came from a drunken liardude… where’s my country?

more linky-links…

Pope Joan – myth, or what?
huitlacoche is a south american "delicacy" made from corn smutEDIT: the original article, with more pictures, can be seen at The Sneeze – not for the squeamish or weak of heart… don’t say i didn’t warn you… i mean it!
here are a number of articles by Swami Abhedananda about jesus and "churchianity", which i have bookmarked for future reference.
the robo-urinal, which is bizarre enough that they included a picture of it, to assuage any skepticism…

thanks to

reefer "madness" – or, more accurately, reefer sarcasm. they’re grasping at straws here…
DON’T SAY CLICK HERE, and other dangerous words that i’ve been warning people about for years now… but people still ask me to use it anyway, which really frustrates me…

well, we’re officially moving… soon… but we still don’t know where yet. there’s a 2 bedroom manufactured home (read "glorified trailer") near star lake, or one of those small lakes in auburn (i’m not sure exactly which lake it is) that we’ve made an offer on, but we haven’t heard anything yet. in spite of that, we put the house on the market yesterday and we’ve already got a bunch of calls. i’ve been busting ass cleaning up and doing yard work…

and doing moisture festival performances, which are going really well, in spite of the fact that they’re somewhat disorganised. everybody’s going on when they’re supposed to go on, but when they’re supposed to go on is sort of transitory, and doesn’t get decided upon until right before the show, and in some cases (like last night) they change the order halfway through the show… plus they claim (for example) that there are sound effects for the thunder/lightning/rain effect at the beginning of the show that are on mini-disc, but the sound person (who isn’t me, because i’m in the band, more on this later) doesn’t know anything about it, and doesn’t have a mini-disc player that they can plug into the board anyway… so minutes before the show, john and i are running around trying to find hacki’s son myron to see if he has a mini-disc player (which he doesn’t), and yelling across a crowded performance hall to the sound person telling her that i will do the sound effects "manually" with a thunder drum and a metal sheet… and then, when it came time to do it, they skipped over that part without telling me, so i was all set and they began the next number and i was standing there holding my "props" looking like a fool… and it wasn’t even april fool’s day! i said earlier that i would also be running lights and sound, but this won’t be possible because i’m in the band, which has got to be available during every performance, at a moment’s notice, to go on and "cover", in case something goes wrong… plus it is a big enough performance this year (!) that sound and lights are actually two positions and the sound person, by necessity, can’t run lights as well.

anyway, for those of you in the boston area, MIT is giving a day-long workshop called regarding evil that i’d really like to attend if it weren’t on the wrong side of the country, and along the same lines, now that there’s more than one of us saying things like this, perhaps there’s a slight bit greater a probability that we won’t blow ourselves up before we can actually save the planet, Death was arrested and charged with theft from a cemetary in (where else) san francisco (i’ll let you figure that one out), and now there is further proof that people are Tinites whether they like it or not!

