The first update, Microsoft Security Bulletin MS05-001, resolves a vulnerability that exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system. If a user has logged into the server with administrative privileges, an attacker who has successfully exploited this vulnerability could basically take control of the server. (However, running Internet Explorer 6 using Windows Server 2003's enhanced security mitigates this problem.)
You can download the patch for this vulnerability from Microsoft's Web site:
The second update, Microsoft Security Bulletin MS05-002, resolves several vulnerabilities, one of which critically affects Windows Server 2003 systems. Again, an attacker who has exploited this vulnerability could take complete control of an affected system.
You can also download the patch for this vulnerability from Microsoft's Web site:
Stay on top of the latest WS2K3 tips and tricks with our free Windows Server 2003 newsletter, delivered each Wednesday. Automatically sign up today!