So is ms05-037 the fix?

Techweb has an article (which they repeat on their SecurityPipeline website) regarding Trojan.Jevproxy. They say that this is a trojan horse exploiting a still unpatched vulnerability in Microsoft Windows.
However MS05-036, Microsoft’s security bulletin for this vulnerability says in the executive summary, “this is the fix.”
Who is right?