7 New security hotfixes announced
Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: 7 New security hotfixes announced

  1. #1
    Senior Member
    Join Date
    Oct 2001
    Posts
    748

    7 New security hotfixes announced

    ms03-41 q823182
    ms03-42 q826232
    ms03-43 q828035
    ms03-44 q825119
    ms03-45 q824141
    ms03-46 q829436
    ms03-47 q828489

    Several of them are critical and lead to remote code execution. Looks like a fun weekend of patching systems.

  2. #2
    oldie ric-o's Avatar
    Join Date
    Nov 2002
    Posts
    487

    Unhappy

    One word: CRAP! And it's a sunny day outside...not that I get much time outside.

    Thanks mo!

  3. #3
    Senior Member
    Join Date
    Oct 2003
    Posts
    107
    lol ...... well 10x for the heads up...... let me find that site

  4. #4

  5. #5
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    What happened to once a month? Are these guys ashamed? I have not seen anything other than what links you guys have posted. Not even an email. Oh well, I guess I should lower my expectations.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  6. #6
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Fraggin- I don't think the once a month thing has officially started yet. The reason I was able to post these before the notices went out is that because I know people at MS who let me know this morning that these fixes were being released.

    If you are on any of the MS mailing lists you should be getting the emails soon. It looks like they started releasing them about an hour ago.

  7. #7
    Member Chief1's Avatar
    Join Date
    Aug 2003
    Posts
    36
    Thank god for SUS.

  8. #8
    Senior Member
    Join Date
    Jul 2002
    Posts
    106
    good to know someone on the inside.

    thx mo!
    just making some minor adjustments to your system....

  9. #9
    Banned
    Join Date
    May 2003
    Posts
    1,004
    People always ask me why I never patch my personal windows systems, well here is a fine example of seven new patches that I won't be applying.

    Why I am not installing any of these.:

    MS03-041:
    A properly configured system according to Microsoft's TFM should only allowed trsuted sites to execute ActiveX. I have included this and have gone above and beyond by configuring internet client software to run as the user CLIENT_NET which is a member of GUESTS. Even trusted code execution will be limited to this user's powers and not be able to make any non-password prompted changes to the user's environment.

    MS03-042:
    Same as above

    MS03-043:
    The TFM indicates the Messsenger service should be disabled unless it is remotely filtered (so for LAN use only).

    MS03-044:
    The TFM suggests the disabling of the HCP protocol and users are to be directed to the local administration for support.

    MS03-045:
    The utility manager should not be used by normal users and should be disabled, this is covered indirectly in the TFM as well.

    MS03-046:
    The Exchange TFM discusses the value of filtering SMTP protocol extensions. IAS fills this role very nicely.

    MS03-047:
    I use exchange server 2000.

    I really love how Microsoft lists the proper configuration as a work around as to not make people that failed to apply the proper configuration in the first place feel stupid. And people say they are evil.

    catch

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Mohaugh-
    Thanks for the heads up. My director has already asked me how I've found out so soon. I told him it came from the inside. Thanks.
    It is good to know someone at M$. I used to have a buddy there who would buy things for me at their campus store for a good rate.
    So, the once a month thing is not official yet, eh? Will it be after they revamp Automatic update, or is it just wishful thinking?
    BTW, does anyone know someone that works for the last stage of delirium? These guys must have talent.

    Mohaugh-
    Thanks for the heads up. My director has already asked me how I've found out so soon. I told him it came from the inside. Thanks.
    It is good to know someone at M$. I used to have a buddy there who would buy things for me at their campus store for a good rate.
    So, the once a month thing is not official yet, eh? Will it be after they revamp Automatic update, or is it just wishful thinking?
    BTW, does anyone know someone that works for the last stage of delirium? These guys must have talent.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •