Results 1 to 3 of 3

Thread: October MS updates

  1. #1
    Senior Member
    Join Date
    Oct 2001
    Posts
    748

    October MS updates

    10 in all this month-

    We recognize that many customers have been facing challenges in deploying MS04-028. In response to this, we are also today releasing a tool that you can use to assist with the detection and deployment of MS04-028. Also, we would like to note that ALL of this month’s updates can be detected using MBSA. And, all Windows updates can by deployed automatically using SUS (with the exception of one update for Exchange 2003 when running on Windows 2000), and SMS.

    Some customers have raised concerns about the number of updates being released today. Please be assured that in releasing these updates, we have taken these concerns into account. However, with that in mind, we believe that releasing these security updates today as part of our monthly release process is the right approach to help protect all customers based on customer feedback.

    Important MS04-029 Microsoft Windows Information Disclosure and Denial of Service
    Important MS04-030 Microsoft Windows Denial of Service
    Important MS04-031 Microsoft Windows Remote Code Execution
    Critical MS04-032 Microsoft Windows Remote Code Execution
    Critical MS04-033 Microsoft Office Code Execution
    Critical MS04-034 Microsoft Windows Remote Code Execution
    Critical MS04-035 Microsoft Windows, Microsoft Exchange Remote Code Execution
    Critical MS04-036 Microsoft Windows, Microsoft Exchange Remote Code Execution
    Critical MS04-037 Microsoft Windows Remote Code Execution
    Critical MS04-038 Microsoft Windows Remote Code Execution

    Summaries for these new bulletins may be found at the following pages:
    - http://www.microsoft.com/technet/sec.../ms04-oct.mspx

    Re-issued Updates
    In addition, Microsoft is re-releasing updates for Microsoft Office XP.

    Critical MS04-028 Microsoft Office XP, Project 2002, Visio 2002,Windows Journal Viewer Remote Code Execution

    This revised update is ONLY for customers running Office XP, Visio 2002 and Project 2002 on Windows XP Service Pack 2. This re-release does not affect any other products. This re-release also does not affect customers running Office XP, Visio 2002 and Project 2002 on platforms other than Windows XP Service Pack 2, including Windows XP SP1.

    This new update is for Windows Journal Viewer ONLY.

    Information on this re-released bulletin and these tools may be found at the following pages:
    - http://www.microsoft.com/technet/sec.../MS04-028.mspx

    Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.

    RESOURCES RELATED TO THIS ALERT

    - Note: Some Knowledge Base articles may take up to 24 hours to appear.

    - Microsoft Knowledge Base Article 885876 documents the issues around the original release of this security update for Office XP, Visio 2002 and Project 2002 on Windows XP Service Pack 2.

    http://support.microsoft.com/?kbid=885876

    - Microsoft Knowledge Base Article 886988 documents the MS04-028 Enterprise Scanning Tool.
    http://support.microsoft.com/?kbid=886988

    - Information about MS04-028 for ISVs and developers is available here:
    http://msdn.microsoft.com/security/d...10security.asp

    - Please visit http://www.microsoft.com/technet/security for the most current information on this alert.

    Microsoft will host a webcast tomorrow to address customer questions on these bulletins. For more information on this webcast please see below:

    - Information about Microsoft’s October Security Bulletins
    - Wednesday, October 13, 2004 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
    - http://msevents.microsoft.com/cui/We...&Culture=en-US

    The on-demand version of the webcast will be available 24 hours after the live webcast at:
    - http://msevents.microsoft.com/cui/We...&Culture=en-US



    **********************************************************************
    TECHNICAL DETAILS

    MS04-029
    Title: Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
    Maximum Severity Rating: Important

    Affected Software:
    - Microsoft Windows NT Server 4.0 Service Pack 6a
    - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

    Impact of Vulnerability: Information Disclosure and Denial of Service

    Restart required: In some cases, this update does not require a restart. The installer stops the needed services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-029.mspx

    **********************************************************************
    MS04-030
    Title: Vulnerability in WebDav XML Message Handler Could Lead to a Denial of Service (824151)
    Maximum Severity Rating: Important

    Affected Software:
    - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP, Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    - Microsoft Windows XP 64-Bit Edition Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server™ 2003
    - Microsoft Windows Server 2003 64-Bit Edition

    Affected Components:
    - Internet Information Server 5.0
    - Internet Information Services 5.1
    - Internet Information Server 6.0

    Impact of Vulnerability: Denial of Service

    Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-030.mspx

    **********************************************************************
    MS04-031
    Title: Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
    Maximum Severity Rating: Important

    Affected Software:
    - Microsoft Windows NT Server 4.0 Service Pack 6a
    - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server 2003
    - Microsoft Windows Server 2003 64-Bit Edition
    - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems.

    Impact of Vulnerability: Remote Code Execution

    Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-031.mspx

    **********************************************************************
    MS04-032
    Title: Security Update for Microsoft Windows (840987)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Windows NT Server 4.0 Service Pack 6a
    - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server™ 2003
    - Microsoft Windows Server 2003 64-Bit Edition
    - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems.

    Impact of Vulnerability: Remote Code Execution

    Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-032.mspx

    **********************************************************************
    MS04-033
    Title: Vulnerability in Microsoft Excel Could Allow Code Execution(886836)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Office 2000 Service Pack 3 Software: Excel 2000
    - Microsoft Office XP Software: Excel 2002
    - Microsoft Office 2001 for Mac: Microsoft Excel 2001 for Mac
    - Microsoft Office v. X for Mac: Microsoft Excel v. X for Mac

    Impact of Vulnerability: Code Execution

    Restart required: No

    Update can be uninstalled: No

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-033.mspx

    **********************************************************************
    MS04-034
    Title: Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server 2003
    - Microsoft Windows Server 2003 64-Bit Edition

    Impact of Vulnerability: Remote Code Execution

    Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-034.mspx

    **********************************************************************
    MS04-035
    Title: Vulnerability in SMTP Could Allow Remote Code Execution (885881)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server 2003
    - Microsoft Windows Server 2003 64-Bit Edition
    - Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 when installed on Microsoft Windows Server 2003 (uses the Windows 2003 SMTP component)

    - Microsoft Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4

    Affected Components:
    - Microsoft Windows XP 64-Bit Edition Version 2003 SMTP component
    - Microsoft Windows Server™ 2003 SMTP component
    - Microsoft Windows Server 2003 64-Bit Edition SMTP component
    - Microsoft Exchange Server 2003 Routing Engine component

    Impact of Vulnerability: Remote Code Execution

    Restart required: You must restart your system after you apply this security update.

    Update can be uninstalled:

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-035.mspx

    **********************************************************************
    MS04-036
    Title: Vulnerability in NNTP Could Allow Code Execution (883935)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Windows NT Server 4.0 Service Pack 6a
    - Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4
    - Microsoft Windows Server™ 2003
    - Microsoft Windows Server 2003 64-Bit Edition
    - Microsoft Exchange 2000 Server Service Pack 3 (Uses Windows 2000 NNTP Component)
    - Microsoft Exchange Server 2003 (Uses Windows 2000 or Windows Server 2003 NNTP Component)

    Affected Components:
    - Microsoft Windows NT Server 4.0 Service Pack 6a NNTP Component
    - Microsoft Windows 2000 Server Service Pack 3 NNTP Component and Microsoft Windows 2000 Server Service Pack 4 NNTP Component

    - Microsoft Windows Server™ 2003 NNTP Component
    - Microsoft Windows Server 2003 64-Bit Edition NNTP Component

    Impact of Vulnerability: Remote Code Execution

    Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-036.mspx

    **********************************************************************
    MS04-037
    Title: Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Windows NT Server 4.0 Service Pack 6a
    - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    - Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server 2003
    - Microsoft Windows Server 2003 64-Bit Edition
    - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems.

    Impact of Vulnerability: Remote Code Execution

    Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-037.mspx

    **********************************************************************
    MS04-038
    Title: Cumulative Security Update for Internet Explorer (834707)
    Maximum Severity Rating: Critical

    Affected Software:
    - Microsoft Windows NT Server 4.0 Service Pack 6a
    - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP, Microsoft Windows XP Service Pack 1, and Microsoft Windows XP Service Pack 2
    - Microsoft Windows XP 64-Bit Edition Service Pack 1
    - Microsoft Windows XP 64-Bit Edition Version 2003
    - Microsoft Windows Server 2003
    - Microsoft Windows Server 2003 64-Bit Edition
    - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems.

    Affected Components:
    - Internet Explorer 5.01 Service Pack 3
    - Internet Explorer 5.01 Service Pack 4
    - Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Me
    - Internet Explorer 6
    - Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, Microsoft Windows Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1

    - Internet Explorer 6 Service Pack 1 on Microsoft Windows NT Server 4.0 Service Pack 6a, Microsoft Windows NT Server 4.0 Terminal Service Edition Service Pack 6, Microsoft Windows 98, Microsoft Windows 98 SE, and Microsoft Windows Me

    - Internet Explorer 6 Service Pack 1 (64-Bit Edition)
    - Internet Explorer 6 for Windows Server 2003
    - Internet Explorer 6 for Windows Server 2003 (64-Bit Edition)
    - Internet Explorer 6 for Windows XP Service Pack 2

    Impact of Vulnerability: Remote Code Execution

    Restart required: You must restart your system after you apply this security update. You do not have to use an administrator logon after the computer restarts for any version of this update.

    Update can be uninstalled: Yes

    More information on this vulnerability is available at: http://www.microsoft.com/technet/sec.../MS04-038.mspx

    **********************************************************************
    MS04-028
    Title: Buffer Overrun in JPEG Processing Could Allow Code Execution (833987)

    Affected Software (Re-release only):
    - Microsoft Office XP Service Pack 3
    - Microsoft Word 2002
    - Microsoft Excel 2002
    - Microsoft Outlook 2002
    - Microsoft PowerPoint 2002
    - Microsoft Project 2002 (All Versions)
    - Microsoft Visio 2002 (All Versions)

    Affected Component (New release only):
    - Windows Journal Viewer

    Reason for Re-issue: After the release of the MS04-028 security bulletin, Microsoft was made aware of an issue affecting customers deploying the Office XP, Visio 2002, and Project 2002 updates on Windows XP Service Pack 2 based systems. This issue caused the security updates to appear to install correctly, when in fact they did not. This is an issue with the installer used in the security update. The updated versions of the affected files do successfully address this vulnerability. Although Windows XP Service Pack 2 already contains the security update addressing the vulnerability in the JPEG Parsing Engine that is supplied by the operating system, customers still need to successfully apply the security update for Office XP, Vision 2002, and Project 2002 in order to be protected from this vulnerability when using these applications. For more technical details on this issue, see Microsoft Knowledge Base Article 885876.

    More information on this re-issued bulletin is available at: http://www.microsoft.com/technet/sec.../MS04-028.mspx

    Information on Windows Journal Viewer: The Windows Journal Viewer makes it possible for users who do not have a system running Windows XP Tablet PC Edition to view files that were created in Windows Journal on a Tablet PC. The Windows Journal Viewer is vulnerable to the security vulnerability discussed in this bulletin. However, when used on Windows XP based systems, the Windows Journal Viewer uses the operating system supplied version of the affected component. When the Windows XP operating system update is applied on Windows XP and Windows XP Service Pack 1 based systems the Windows Journal Viewer is no longer vulnerable to this issue. Windows XP Service Pack 2 is not vulnerable to this issue, therefore the Windows Journal Viewer when used on Windows XP Service Pack 2 based systems is not vulnerable to this issue. We have now released a security update for Windows Journal Viewer that will help protect Windows 2000-based systems that may have installed the Windows Journal Viewer.

    Even if you have installed all of the previously available security updates on Windows 2000, if you have installed the Windows Journal Viewer, it is important that you also install this security update. Windows Update will offer this update only to Windows 2000-based systems that have installed the Windows Journal Viewer. If you are using Windows XP or have not installed the Windows Journal Viewer on Windows 2000, you do not need this security update. This program is not supported on Windows Server 2003. However, if it were installed on Windows Server 2003, it would also use the operating system version of the vulnerable component. If you are using this program on Windows Server 2003 make sure that you install the Windows Server 2003 security update.

    PLEASE VISIT http://www.microsoft.com/technet/security FOR THE MOST CURRENT INFORMATION ON THESE ALERTS.

  2. #2

    M$ October Patch Observations

    Some interesting observations I've made (at least I think their interesting)...

    * M$ re-released the GDI+ patch (re.; JPEG/JPG). I knew this would happen as the original didn't work!

    * Several of these patches replace previous patches. Granted this isn't new but and I'm not trying to bash M$ but wonder why they didn't get it _right_ the first time...or is there another reason why these are fixes to prior fixes?
    - MS04-029: Replaces MS98-014, MS01-048, MS03-026, MS03-039, MS04-012
    - MS04-031: Replaces MS02-071, MS03-045
    - MS04-032: Replaces MS02-071, MS03-007, MS03-013, MS03-045
    - MS04-033: Replaces MS03-050
    - MS04-034: Replaces MS02-054
    - MS04-037: Replaces MS02-014, MS03-027, MS04-024
    - MS04-038: Replaces MS04-025

    * MS04-030 WebDAV patch will affect WebDAV behavior with XML:
    Caveats: This update contains a functionality change that may affect some applications. The affected applications issue valid WebDAV requests that have many XML attributes. For more information, see “Does this update contain any other changes to functionality?” under “Frequently asked questions (FAQ) related to this security update.”
    * XP SP2 not vulnerable to many of these issues --excellent sign, hurray M$!

    * NT 4 patches released. Yeah, I know they continue to support NT 4 for security patches only until the end of 2004 but they've been late and spotty in 2004 with NT 4 patches

    Just my 1.5 cents.
    Happy Patching!

  3. #3
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Heh, you poor guys. *Looks at update site for OS* Ohhh!!! A whole patch for Slackware!!! Wow! Bout time! I was getting bored.

    *Giggles*

    I'd lose a lot of weight being a Windows admin for servers. All that running back and forth....Heh I can picture it now:

    *gore, go patch the web server there are 4 new patches*

    OK

    *Oh you're back? Super! Now run back and install these new patches*

    What?!?!?!?!?!

    *Yea, there are 6 more while you were gone*

    DAMN IT!

    *You're back? Ahh good! You need too patch the File Server too, they just released 26 new patches for that*

    ...Bitch..

    rmdir C: *.* /y

    *You're back already??**

    Yes I am.

    *But the web server isn't working*

    Correct

    *Well get it back up*

    That's not my problem, you're the one with Viagra sites in the Web Cache

    *WHAT?!?!?!?!!?*

    I'm installing Slackware on the Web , and SUSE on the File Server.

    *Why?*

    Because I'm tired of having to get up to install patches when I can sit on my ass and play UT and install them on these two.

    *Will the other admin know how to use it?*

    The guy with the I Love NT shirt?

    *Yes*

    No, but he died yesterday, apparently a toaster had gotten in the shower he was in and killed him

    *You seem upset about it, you hated him though*

    Yes, Buahahahahaha

    *What?*

    Nothing! *BOOM*



    .... OK so I need a hobby.... Or... Heh, BBL!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •