Microsoft Security Bulletins

Hardware, Software, Internet, etc.

Moderators: Big-O Ryan, Big-O Mark, Matt, jester22c

fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Microsoft Security Bulletins

Post by fuuucckkers »

Just thought you all might like to know, in recent events with that new Microsoft SQL Worm... I have recieved about 4 security updates via email from Microsoft themself.

If you'd like to subscribe to their Security Update mailing list, go here:
I'ts the same security updates you will recieve via MS Update, you just hear about it first through this mailing list.
http://www.microsoft.com/technet/treevi ... notify.asp

If you want anything Microsoft Security related, go here:
http://www.microsoft.com/security

======================

Title: Cumulative Patch for Microsoft Content Management Server
Date: 22 January 2003
Software: Microsoft Content Management Server 2001
Impact: Information Disclosure
Max Risk: Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-002.asp
http://www.microsoft.com/security/secur ... 03-002.asp

-----------------

Title: Unchecked Buffer in Locator Service Could Lead to Code Execution
Date: 22 January, 2003
Software: Microsoft Windows NT 4.0, Windows 2000, and Windows XP
Impact: Run code of the attacker's choice
Max Risk: Critical
Bulletin: MS03-001

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-001.asp
http://www.microsoft.com/security/secur ... 03-001.asp

----------------


Title: Flaw in SMB Signing Could Enable Group Policy to be Modified
Released: 11 December 2002
Revised: 22 January 2003 (version 2.0)
Software: Microsoft Windows 2000 / Microsoft Windows XP
Impact: Modify group policy.
Max Risk: Moderate
Bulletin: MS02-070

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/securi ... 02-070.asp.


----------------------

Title: Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure
Date: 22 January 2002
Software: Microsoft Outlook 2002
Impact: Information Disclosure
Max Risk: Moderate
Bulletin: MS03-003

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-003.asp
http://www.microsoft.com/security/secur ... 03-003.asp
User avatar
Matt
Moderator
Moderator
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA
Contact:

Post by Matt »

Because this is such an important issue...I'm going to make it a sticky. It never hurts to be extra safe when it comes to securing your computer.
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

KooLTaB101 wrote:Because this is such an important issue...I'm going to make it a sticky. It never hurts to be extra safe when it comes to securing your computer.
True.. thanks dude. I should've done that myself. :D
User avatar
Matt
Moderator
Moderator
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA
Contact:

Post by Matt »

xWastedMindx wrote:True.. thanks dude. I should've done that myself. :D
Actually, I don't think you could have because you need to be a mod in the forum you post in to make anything a sticky or announcement.
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

KooLTaB101 wrote:
xWastedMindx wrote:True.. thanks dude. I should've done that myself. :D
Actually, I don't think you could have because you need to be a mod in the forum you post in to make anything a sticky or announcement.
I said I should have.. heh. If I was able to, I would have :wink:
User avatar
Matt
Moderator
Moderator
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA
Contact:

Post by Matt »

OH...gotcha.

Anyway...has anyone else but me had trouble signing up for a subscription to the Microsoft Secturity Mail List?
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

KooLTaB101 wrote:OH...gotcha.

Anyway...has anyone else but me had trouble signing up for a subscription to the Microsoft Secturity Mail List?
We apologize;
The Server was not able to process your request, or is temporarily busy.

You can use the Retry button to attempt the operation again or if the issue persists, please check back at a later time.

$100 says that their running MS SQL along side those ASP pages their hosting. Their probably infected with the new SQL worm alongside everyone else. :roll: :)
User avatar
Anthony
Moderator
Moderator
Posts: 1532
Joined: Thu Sep 12, 2002 5:10 am
Location: Rochester, New York
Contact:

Post by Anthony »

But there is a patch issued by them, and if they did not apply the patch.... :roll:
Image
PhaseDMA - Check it out
My AIM+ FAQ
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

aclauser wrote:But there is a patch issued by them, and if they did not apply the patch.... :roll:
Yeah they have the patch issued.. but the worm probably caught their servers offguard before they knew about it. So their infected, and now trying to get rid of it ..with this so called patch! :|
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

*sigh* ... more security updates from Micro$oft...

These came to my email yesterday, February 6, 2003.
======================

Title: Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation
Date: 05 February 2003
Software: Microsoft Windows XP
Impact: Privilege elevation
Max Risk: Important
Bulletin: MS03-005

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-005.asp
http://www.microsoft.com/security/secur ... 03-005.asp

------------------------------

Title: Cumulative Patch for Internet Explorer
Date: 05 February 2003
Software: Microsoft Internet Explorer
Impact: Allow an attacker to execute commands on a user's system.
Max Risk: Critical
Bulletin: MS03-004

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-004.asp
http://www.microsoft.com/security/secur ... 03-004.asp
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

Wow.. not more than 2 days after Microsoft's weekly Thursday security updates..they release another.

Here's 1 more to add.

Title: Flaw in Windows WM_TIMER Message Handling Could Enable
Privilege Elevation

Released: 11 December 2002
Revised: 07 February 2003 (version 2.0)
Software: Microsoft Windows NT 4.0, Microsoft Windows NT 4.0, Terminal Server Edition, Microsoft Windows 2000, Microsoft Windows XP
Impact: Privilege elevation
Max Risk: Important
Bulletin: MS02-071

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/securi ... 02-071.asp
http://www.microsoft.com/security/secur ... 02-071.asp
User avatar
Matt
Moderator
Moderator
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA
Contact:

Post by Matt »

Title: Cumulative Patch for Internet Explorer (810847)
Released: 5 February 2003
Revised: 12 February 2003(version 2.0)
Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Impact: Allow an attacker to execute commands on a user's
system.
Max Risk: Critical
Bulletin: MS03-004

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/securi ... 03-004.asp
http://www.microsoft.com/security/secur ... 03-004.asp
- ----------------------------------------------------------------------
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:

Post by fuuucckkers »

As if it wasnt enough having to download the patch last week, now they have a revised patch of the same thing..cause they didnt get it right the first time?!

Stupid M$ :evil:
User avatar
Matt
Moderator
Moderator
Posts: 411
Joined: Sat Aug 10, 2002 11:23 am
Location: USA
Contact:

Post by Matt »

For those Windows ME people out there:

------------------------------------------------------------------
Title: Flaw in Windows Me Help and Support Center Could Enable Code Execution (812709)
Date: 26 February, 2003
Software: Microsoft Windows Me
Impact: Run Code of Attacker's Choice
Max Risk: Critical
Bulletin: MS03-006

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/securi ... 03-006.asp
http://www.microsoft.com/security/secur ... 03-006.asp
-Matt
Timelessblur wrote:I only know 4 langueges. Engish, Band Engish, Really bad Engish and Timelessblurain
BigHead
Fanatic
Fanatic
Posts: 127
Joined: Thu Nov 14, 2002 8:25 pm
Location: somewere in the USA
Contact:

Post by BigHead »

- -----------------------------------------------------------------
Title: Unchecked buffer in Windows component could cause web
server compromise (815021)
Date: 17 March, 2003
Software: Microsoft Windows 2000
Impact: Run Code of Attacker's Choice
Max Risk: Critical
Bulletin: MS03-007

Microsoft encourages customers to review the Security Bulletins
at:
http://www.microsoft.com/technet/securi ... 03-007.asp
http://www.microsoft.com/security/secur ... 03-007.asp
- -----------------------------------------------------------------
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest