MS05-032: Vulnerability in Microsoft agent could allow spoofing

Technical updates

• Microsoft updated this bulletin on August 9, 2005 to advise customers that a revised version of the security update is available for the following systems:
  • Microsoft Windows Server 2003 for Itanium-based Systems
  • Microsoft Windows Server 2003 with Service Pack 1 (SP1) for Itanium-based Systems
  • Microsoft Windows Server 2003 x64 Edition
  • Microsoft Windows XP Professional x64 Edition
• The original security update successfully addressed the vulnerabilities that are described in this security bulletin for non-64-bit systems. No additional action is required for non-64-bit customers. However, on 64-bit systems, the kill bit that is documented in the “Does this update contain any security-related changes to functionality?” FAQ is not correctly enabled when you use a 32-bit version of Microsoft Internet Explorer. The kill bit is correctly enabled for 64-bit versions of Internet Explorer. We recommend that you install the revised security update even if you have installed the earlier version. The revised security update will be available through Windows Update and through Software Update Services (SUS) as appropriate. The revised security update will be recommended by the Microsoft Baseline Security Analyzer (MBSA). You do not have to uninstall the prior security update before you install the revised security update.