All Critical Updates

edit by RR for those wishing to review the Critical Updates thread for 2003, here it is:

http://forums.techguy.org/t109391/s.html

Other MS related Security information can be found here:

Security and Privacy

Home Security Risk Assesment and Protection Steps

==============================================

Hiya

Maximum Severity Rating: Critical

Who should read this document: Customers who use Microsoft® Internet Security and Acceleration Server 2000

Affected Software:

Microsoft Internet Security and Acceleration Server 2000

Microsoft Small Business Server 2000 (which includes Microsoft Internet Security and Acceleration Server 2000)

Microsoft Small Business Server 2003 (which includes Microsoft Internet Security and Acceleration Server 2000)

Non Affected Software:

Microsoft Proxy Server 2.0


http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-001.asp

Regards

eddie

 

Hiya


Maximum Severity Rating: Moderate

Recommendation: System administrators should install this security update on all front-end servers that are running Outlook Web Access for Exchange Server 2003. Microsoft also recommends installing this security update on all other Exchange 2003 servers so that they will be protected if they are later designated as front end servers


Affected Software:

Microsoft Exchange Server 2003


Non Affected Software:

Microsoft Exchange 2000 Server
Microsoft Exchange Server 5.5


http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-002.asp

Regards

eddie

 

Hiya

Maximum Severity Rating: Important



Affected Software:

Microsoft Data Access Components 2.5 (included with Microsoft Windows 2000)
Microsoft Data Access Components 2.6 (included with Microsoft SQL Server 2000)
Microsoft Data Access Components 2.7 (included with Microsoft Windows XP)
Microsoft Data Access Components 2.8 (included with Microsoft Windows Server 2003)

Note The same update applies to all these versions of MDAC

Microsoft Data Access Components 2.8 (included with Windows Server 2003 64-Bit Edition)


http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-003.asp

Regards

eddie

 

Hiya

A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocol H.323. Voice over Internet Protocol (VoIP) and video conferencing equipment and software can use these protocols to communicate over a variety of computer networks.

Examples include

Voice over Internet Protocol (VoIP) devices and software
Video conferencing equipment and software
Session Initiation Protocol (SIP) devices and software
Media Gateway Control Protocol (MGCP) devices and software
Other networking equipment that may process H.323 traffic (e.g., routers and firewalls)


http://www.cert.org/advisories/CA-2004-01.html

Regards

eddie

 

Hiya

Maximum Severity Rating: Critical


Affected Software:

Microsoft Windows NT® Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition, Service Pack 6
Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4
Microsoft Windows XP, Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server® 2003
Microsoft Windows Server 2003, 64-Bit Edition


Affected Components:

Internet Explorer 6 Service Pack 1:
Internet Explorer 6 Service Pack 1 (64-Bit Edition):
Internet Explorer 6 for Windows Server 2003:
Internet Explorer 6 for Windows Server 2003 (64-Bit Edition):
Internet Explorer 6:
Internet Explorer 5.5 Service Pack 2:
Internet Explorer 5.01 Service Pack 4:
Internet Explorer 5.01 Service Pack 3:
Internet Explorer 5.01 Service Pack 2:


http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-004.asp

Regards

eddie

 

Hiya

The Application Intelligence (AI) component of Check Point Firewall-1 is an application proxy that scans traffic for application layer attacks once it has passed through the firewall at the network level. Earlier versions of Firewall-1 include the HTTP Security Server, which provides similar functionality.

Both the AI and HTTP Security Server features contain an HTTP parsing vulnerability that is triggered by sending an invalid HTTP request through the firewall. When Firewall-1 generates an error message in response to the invalid request, a portion of the input supplied by the attacker is included in the format string for a call to sprintf().


This vulnerability allows remote attackers to execute arbitrary code on affected firewalls with administrative privileges, typically "SYSTEM" or "root".

Systems Affected

Check Point Firewall-1 NG FCS
Check Point Firewall-1 NG FP1
Check Point Firewall-1 NG FP2
Check Point Firewall-1 NG FP3, HF2
Check Point Firewall-1 NG with Application Intelligence R54
Check Point Firewall-1 NG with Application Intelligence R55

http://www.us-cert.gov/cas/techalerts/TA04-036A.html

Regards

eddie

 

Hiya

Maximum Severity Rating: Important

A security vulnerability exists in Microsoft Virtual PC for Mac. The vulnerability exists because of the method by which Virtual PC for Mac creates a temporary file when you run Virtual PC for Mac. An attacker could exploit this vulnerability by inserting malicious code into the file which could cause the code to be run with system privileges. This could give the attacker complete control over the system.

To exploit this vulnerability, an attacker would have to already have a valid logon account on the local system, or the attacker would already have to have access to a valid logon account.


Microsoft Virtual PC for Mac version 6.0
Microsoft Virtual PC for Mac version 6.01
Microsoft Virtual PC for Mac version 6.02
Microsoft Virtual PC for Mac version 6.1


http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-005.asp

Regards

eddie

 

Hiya

Maximum Severity Rating: Important

A security vulnerability exists in the Windows Internet Naming Service (WINS). This vulnerability exists because of the method that WINS uses to validate the length of specially-crafted packets. On Windows Server 2003 this vulnerability could allow an attacker who sent a series of specially-crafted packets to a WINS server to cause the service to fail. Most likely, this could cause a denial of service, and the service would have to be manually restarted to restore functionality.

The possibility of a denial of service on Windows Server 2003 results from the presence of a security feature that is used in the development of Windows Server 2003. This security feature detects when an attempt is made to exploit a stack-based buffer overrun and reduces the chance that it can be easily exploited. This security feature can be forced to terminate the service to prevent malicious code execution. On Windows Server 2003, when an attempt is made to exploit the buffer overrun, the security feature reacts and terminates the service. This results in a denial of service condition of WINS. Because it is possible that methods may be found in the future to bypass this security feature, which could then enable code execution, customers should apply the update



Affected Software

Microsoft Windows NT® Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 Microsoft Windows 2000 Server Service Pack 2, Microsoft Windows 2000 Server Service Pack 3, Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server™ 2003
Microsoft Windows Server 2003 64-Bit Edition


Non Affected Software


Microsoft Windows NT® Workstation 4.0 Service Pack 6a
Microsoft Windows 2000 Professional Service Pack 2, Microsoft Windows 2000 Professional Service Pack 3, Microsoft Windows 2000 Professional Service Pack 4
Microsoft Windows XP, Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1



http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-006.asp

Regards

eddie

 

Hiya

Maximum Severity Rating: Critical

A security vulnerability exists in the Microsoft ASN.1 Library that could allow code execution on an affected system. The vulnerability is caused by an unchecked buffer in the Microsoft ASN.1 Library, which could result in a buffer overflow.

An attacker who successfully exploited this buffer overflow vulnerability could execute code with system privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges.

Abstract Syntax Notation 1 (ASN.1) is a data standard that is used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. More information about ASN.1 can be found in Microsoft Knowledge Base Article 252648.


Affected Software:


Microsoft Windows NT® Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft 2000 Windows Service Pack 4
Microsoft Windows XP, Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1
Microsoft Windows Server™ 2003
Microsoft Windows Server 2003 64-Bit Edition


Affected Components:

Microsoft ASN.1 Library

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-007.asp


Regards

eddie

 

Hiya

A vulnerability was discovered in the SMB (Server Message Block) protocol
parsing routines of the ISS Protocol Analysis Module (PAM) component found
in some ISS products. The flaw relates to incorrect parsing of the SMB
protocol, which may lead to a heap overflow condition.

Affected Versions:

RealSecure Network 7.0, XPU 20.15 through 22.9
Real Secure Server Sensor 7.0 XPU 20.16 through 22.9
Proventia A Series XPU 20.15 through 22.9
Proventia G Series XPU 22.3 through 22.9
Proventia M Series XPU 1.3 through 1.7
RealSecure Desktop 7.0 eba through ebh
RealSecure Desktop 3.6 ebr through ecb
RealSecure Guard 3.6 ebr through ecb
RealSecure Sentry 3.6 ebr through ecb
BlackICE PC Protection 3.6 cbr through ccb
BlackICE Server Protection 3.6 cbr through ccb


http://xforce.iss.net/xforce/alerts/id/165


eddie

 

Hiya

I was going to pop this in Software, at the top, but really most people use Winzip, so put it here.

The WinZip utility is a tool used to zip, unzip, and install software distributed in zip files for Microsoft Windows. WinZip version 8.1 and possibly earlier versions are vulnerable to a buffer overflow in the UUDeview package when decoding long strings. By sending a specially-crafted MIME archive file, an attacker can overflow a buffer and execute arbitrary code on the system with privileges of the user running WinZip.

Platforms Affected:

Microsoft Corporation Windows Any version
WinZip Computing, Inc. WinZip 8.1



http://xforce.iss.net/xforce/xfdb/15336

Regards

eddie

 

Hiya

Maximum Severity Rating: Critical

A security vulnerability exists within Outlook 2002 that could allow Internet Explorer to execute script code in the Local Machine zone on an affected system. The parsing of specially crafted mailto URLs by Outlook 2002 causes this vulnerability. To exploit this vulnerability, an attacker would have to host a malicious Web site that contained a Web page designed to exploit the vulnerability and then persuade a user to view the Web page.

The attacker could also create an HTML e-mail message designed to exploit the vulnerability and persuade the user to view the HTML e-mail message. After the user has visited the malicious Web site or viewed the malicious HTML e-mail message an attacker who successfully exploited this vulnerability could access files on a user's system or run arbitrary code on a user's system. This code would run in the security context of the currently logged-on user. Outlook 2002 is available as a separate product and is also included as part of Office XP.



Affected Software

• Microsoft Office XP Service Pack 2
• Microsoft Outlook 2002 Service Pack 2

Non Affected Software

Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003

http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx

Regards

eddie

 

Hiya

A vulnerability exists because of the way that Windows Media Station Service and Windows Media Monitor Service, components of Windows Media Services, handle TCP/IP connections. If a remote user were to send a specially-crafted sequence of TCP/IP packets to the listening port of either of these services, the service could stop responding to requests and no additional connections could be made. The service must be restarted to regain its functionality.


Affected Software

Microsoft Windows 2000 Server Service Pack 2, Microsoft Windows 2000 Server Service Pack 3, Microsoft Windows 2000 Server Service Pack 4

Non Affected Software

Microsoft Windows NT® Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Professional Service Pack 2, Microsoft Windows 2000 Professional Service Pack 3, Microsoft 2000 Professional Service Pack 4
Microsoft Windows XP, Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server™ 2003
Microsoft Windows Server 2003 64-Bit Edition

Affected Components:
Windows Media Services 4.1 (included with Microsoft Windows 2000 Server)


Non Affected Components:

Windows Media Services 9.0 Series (included with Microsoft Windows Server 2003)
Windows Media Services 4.1


http://www.microsoft.com/technet/security/bulletin/ms04-008.mspx

Regards

eddie

 

Hiya

Thought I'd put this here, as it may get 'swallowed up' in Networking

An unauthenticated, remote attacker could cause a denial of service in any application or system that uses a vulnerable OpenSSL SSL/TLS library


Systems Affected

Applications and systems that use the OpenSSL SSL/TLS library


http://www.us-cert.gov/cas/techalerts/TA04-078A.html

Regards

eddie

 

Hiya

F-Secure Anti-Virus is an antivirus program for Microsoft Windows and Linux-based operating systems. F-Secure Backweb versions 6.31 and earlier, included in multiple F-Secure Anti-Virus products, could allow a local attacker to gain elevated privileges on the system. A local attacker could exploit a vulnerability in the Backweb user interface to gain elevated privileges on the system.

Platforms Affected:

F-Secure Corporation: F-Secure Backweb 6.31 and earlier
kernel.org: Linux Any version
Microsoft Corporation: Windows Any version



http://xforce.iss.net/xforce/xfdb/15745

Regards

eddie