Home  |  Discuss  |  Donate  |  Contact  |  About 

Microsoft Security Bulletins

Hardware, Software, Internet, etc.

Moderators: Big-O Ryan, Big-O Mark, Matt, jester22c

Microsoft Security Bulletins

Postby fuuucckkers » Sat Jan 25, 2003 11:00 am

Just thought you all might like to know, in recent events with that new Microsoft SQL Worm... I have recieved about 4 security updates via email from Microsoft themself.

If you'd like to subscribe to their Security Update mailing list, go here:
I'ts the same security updates you will recieve via MS Update, you just hear about it first through this mailing list.
http://www.microsoft.com/technet/treevi ... notify.asp

If you want anything Microsoft Security related, go here:
http://www.microsoft.com/security

======================

Title: Cumulative Patch for Microsoft Content Management Server
Date: 22 January 2003
Software: Microsoft Content Management Server 2001
Impact: Information Disclosure
Max Risk: Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-002.asp
http://www.microsoft.com/security/secur ... 03-002.asp

-----------------

Title: Unchecked Buffer in Locator Service Could Lead to Code Execution
Date: 22 January, 2003
Software: Microsoft Windows NT 4.0, Windows 2000, and Windows XP
Impact: Run code of the attacker's choice
Max Risk: Critical
Bulletin: MS03-001

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-001.asp
http://www.microsoft.com/security/secur ... 03-001.asp

----------------


Title: Flaw in SMB Signing Could Enable Group Policy to be Modified
Released: 11 December 2002
Revised: 22 January 2003 (version 2.0)
Software: Microsoft Windows 2000 / Microsoft Windows XP
Impact: Modify group policy.
Max Risk: Moderate
Bulletin: MS02-070

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/securi ... 02-070.asp.


----------------------

Title: Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure
Date: 22 January 2002
Software: Microsoft Outlook 2002
Impact: Information Disclosure
Max Risk: Moderate
Bulletin: MS03-003

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-003.asp
http://www.microsoft.com/security/secur ... 03-003.asp
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby Matt » Sat Jan 25, 2003 11:03 am

Because this is such an important issue...I'm going to make it a sticky. It never hurts to be extra safe when it comes to securing your computer.
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
User avatar
Matt
Moderator
Moderator
 
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA

Postby fuuucckkers » Sat Jan 25, 2003 11:13 am

KooLTaB101 wrote:Because this is such an important issue...I'm going to make it a sticky. It never hurts to be extra safe when it comes to securing your computer.


True.. thanks dude. I should've done that myself. :D
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby Matt » Sat Jan 25, 2003 11:45 am

xWastedMindx wrote:True.. thanks dude. I should've done that myself. :D


Actually, I don't think you could have because you need to be a mod in the forum you post in to make anything a sticky or announcement.
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
User avatar
Matt
Moderator
Moderator
 
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA

Postby fuuucckkers » Sat Jan 25, 2003 12:01 pm

KooLTaB101 wrote:
xWastedMindx wrote:True.. thanks dude. I should've done that myself. :D


Actually, I don't think you could have because you need to be a mod in the forum you post in to make anything a sticky or announcement.


I said I should have.. heh. If I was able to, I would have :wink:
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby Matt » Sat Jan 25, 2003 12:04 pm

OH...gotcha.

Anyway...has anyone else but me had trouble signing up for a subscription to the Microsoft Secturity Mail List?
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
User avatar
Matt
Moderator
Moderator
 
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA

Postby fuuucckkers » Sat Jan 25, 2003 12:08 pm

KooLTaB101 wrote:OH...gotcha.

Anyway...has anyone else but me had trouble signing up for a subscription to the Microsoft Secturity Mail List?



We apologize;
The Server was not able to process your request, or is temporarily busy.

You can use the Retry button to attempt the operation again or if the issue persists, please check back at a later time.



$100 says that their running MS SQL along side those ASP pages their hosting. Their probably infected with the new SQL worm alongside everyone else. :roll: :)
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby Anthony » Sat Jan 25, 2003 12:27 pm

But there is a patch issued by them, and if they did not apply the patch.... :roll:
Image
PhaseDMA - Check it out
My AIM+ FAQ
User avatar
Anthony
Moderator
Moderator
 
Posts: 1532
Joined: Thu Sep 12, 2002 5:10 am
Location: Rochester, New York

Postby fuuucckkers » Sat Jan 25, 2003 12:30 pm

aclauser wrote:But there is a patch issued by them, and if they did not apply the patch.... :roll:


Yeah they have the patch issued.. but the worm probably caught their servers offguard before they knew about it. So their infected, and now trying to get rid of it ..with this so called patch! :|
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby fuuucckkers » Fri Feb 07, 2003 10:24 am

*sigh* ... more security updates from Micro$oft...

These came to my email yesterday, February 6, 2003.
======================

Title: Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation
Date: 05 February 2003
Software: Microsoft Windows XP
Impact: Privilege elevation
Max Risk: Important
Bulletin: MS03-005

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-005.asp
http://www.microsoft.com/security/secur ... 03-005.asp

------------------------------

Title: Cumulative Patch for Internet Explorer
Date: 05 February 2003
Software: Microsoft Internet Explorer
Impact: Allow an attacker to execute commands on a user's system.
Max Risk: Critical
Bulletin: MS03-004

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-004.asp
http://www.microsoft.com/security/secur ... 03-004.asp
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby fuuucckkers » Sat Feb 08, 2003 4:43 pm

Wow.. not more than 2 days after Microsoft's weekly Thursday security updates..they release another.

Here's 1 more to add.

Title: Flaw in Windows WM_TIMER Message Handling Could Enable
Privilege Elevation

Released: 11 December 2002
Revised: 07 February 2003 (version 2.0)
Software: Microsoft Windows NT 4.0, Microsoft Windows NT 4.0, Terminal Server Edition, Microsoft Windows 2000, Microsoft Windows XP
Impact: Privilege elevation
Max Risk: Important
Bulletin: MS02-071

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/securi ... 02-071.asp
http://www.microsoft.com/security/secur ... 02-071.asp
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby Matt » Thu Feb 13, 2003 6:55 am

Title: Cumulative Patch for Internet Explorer (810847)
Released: 5 February 2003
Revised: 12 February 2003(version 2.0)
Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Impact: Allow an attacker to execute commands on a user's
system.
Max Risk: Critical
Bulletin: MS03-004

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/securi ... 03-004.asp
http://www.microsoft.com/security/secur ... 03-004.asp
- ----------------------------------------------------------------------
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
User avatar
Matt
Moderator
Moderator
 
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA

Postby fuuucckkers » Thu Feb 13, 2003 7:02 am

As if it wasnt enough having to download the patch last week, now they have a revised patch of the same thing..cause they didnt get it right the first time?!

Stupid M$ :evil:
fuuucckkers
Moderator
Moderator
 
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm

Postby Matt » Thu Feb 27, 2003 7:02 am

For those Windows ME people out there:

------------------------------------------------------------------
Title: Flaw in Windows Me Help and Support Center Could Enable Code Execution (812709)
Date: 26 February, 2003
Software: Microsoft Windows Me
Impact: Run Code of Attacker's Choice
Max Risk: Critical
Bulletin: MS03-006

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-006.asp
http://www.microsoft.com/security/secur ... 03-006.asp
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
User avatar
Matt
Moderator
Moderator
 
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA

Postby BigHead » Mon Mar 17, 2003 4:47 pm

- -----------------------------------------------------------------
Title: Unchecked buffer in Windows component could cause web
server compromise (815021)
Date: 17 March, 2003
Software: Microsoft Windows 2000
Impact: Run Code of Attacker's Choice
Max Risk: Critical
Bulletin: MS03-007

Microsoft encourages customers to review the Security Bulletins
at:
http://www.microsoft.com/technet/securi ... 03-007.asp
http://www.microsoft.com/security/secur ... 03-007.asp
- -----------------------------------------------------------------
BigHead
Fanatic
Fanatic
 
Posts: 127
Joined: Thu Nov 14, 2002 8:25 pm
Location: somewere in the USA

Next

Return to Totally Off-Topic Computers

Who is online

Users browsing this forum: No registered users and 1 guest

cron