1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Microsoft Issues Seven Software Patches !

Discussion in 'Earlier Versions of Windows' started by Wet Chicken, Oct 16, 2003.

Thread Status:
Not open for further replies.
  1. Wet Chicken

    Wet Chicken Thread Starter

    Joined:
    Sep 11, 2000
    Messages:
    10,674
    Today Microsoft issued seven software patches to address recently discovered vulnerabilities, five of which it rates as 'critical' ! These vulnerabilities can lead to a range of problems, including providing hackers with the opportunity to mount a denial of service attack, to run arbitrary code on a targeted machine, or to take over a compromised machine altogether.

    The five critical vulnerabilities are:
    • MS03-041: Vulnerability in authenticode verification could allow remote code execution
    • MS03-042: Buffer overflow in Windows Troubleshooter ActiveX control code
    • MS03-043: Buffer overrun in Messenger service could allow code execution
    • MS03-044: Buffer overrun in Windows Help and Support Center could lead to system compromise
    • MS03-045: Buffer overrun in the ListBox and in the ComboBox control could allow code execution
    The buffer overrun in Messenger is particularly dangerous and widespread, and similar flaws have led to internet worms such as Blaster, Nachi and SQL Slammer.

    The vulnerability can be triggered via UDP, leaving open the possibility of extremely rapid worm propagation.

    Further information on all the vulnerabilites, and the patches needed for them, can be found HERE.


    Also, a vulnerability has been reported in Microsoft Word, which potentially can be exploited by malicious people to crash a user's Word application.

    The vulnerability is caused due to a boundary error when handling macro names. This can be exploited to cause a buffer overflow by tricking a user into opening a Word document containing a macro with an overly long macro name (549 characters or longer).

    Successful exploitation crashes the user's Word. Execution of arbitrary code has not been proven but it can't be ruled out completely.

    Hope this information helps ;)
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/172504

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice