It's Patch Tuesday

Six security updates today:

Security Bulletin MS04-040 - Critical - HTMP Elements Vulnerability - does not affect XP SP2, 64-bit, or Win 2003 systems - may interfere with WMV HD DVD playback in Windows Media Player

Security Bulletin MS04-041 - Important - Remote Code Execution - affects all versions of Windows - Includes "Table conversion vulnerability" and "Font conversion vulnerability", both allowing a website to execute the Microsoft Word for Windows 6.0 Converter - affects only those with administrator privileges.

Security Bulletin MS04-042 - Important - Remote Code Execution and Denial of Service - affects NT 4.0 SP6 - Includes "Logging Vulnerability" and "DHCP Request Vulnerability" - allows an attacker to send DHCP messages to create DOS attacks.

Security Bulletin MS04-043 - Important - HyperTerminal Vulnerability - affects all versions of Windows, except 98 & Me - Allows an attacker to use a HyperTerminal buffer overrun, exploited through TelNet, to control a system.

Security Bulletin MS04-044 - Important - Windows Kernel Vulnerability and LSASS Vulnerability - affects all versions of Windows, except 98 & Me - a logged on user could take advantage of the Windows Kernel to elevate priveleges and take undue control of the system - may cause NT 4.0 systems with hard disks larger than 7.8 gigabytes to fail, and Veritas Backups to fail.

Security Bulletin MS04-045 - Important - Name Validation Vulnerability and Association Context Vulnerability - Affects NT 4.0 and Win 2000 / 2003 - an attacker can construct a malicious network packet to completely control a system or force a system to restart after a denial of service attack.