MS05-018 is not categorized as virus, worm, Trojan or backdoor. It is a set of four vulnerabilities, whose aggregate severity is considered as important. Below you can find the name of the vulnerability, its type and the vulnerable operating systems:
- Font vulnerability: privilege elevation. Windows 2003/XP/2000/Me/98.
- Windows Kernel vulnerability: privilege elevation. Windows 2003/XP/2000.
- Object Management vulnerability: Denial of Service (DoS). Windows 2003/XP/2000/Me/98.
- CSRSS vulnerability: privilege elevation. Windows 2003/XP/2000.
Privilege elevation allows hackers to gain unauthorized privileges on a computer or network. If exploited succesfully, these vulnerabilities allow attackers to take complete control of an affected system.
Denial of Service attacks prevent legitimate users from using a network resource or a computer. The computer would stop responding and then automatically restart.
In order to exploit these vulnerabilities, an attacker would have to log on locally to the computer and then run a specially designed application.
If you have any of the vulnerable programs installed on your computer, it is recommendable to download and apply the security patch for these vulnerabilities. Click here to access the web page for downloading the patch.
Though these vulnerabilities also affect Windows Me/98 computers, as they are not rated as critical, Microsoft has released no security patch for these systems, due to the end of support cycle for these operating systems.