NICK ADSL UK
October 12th, 2004, 01:39 PM
Microsoft Security Bulletin(s) for 10/12/2004
October 12, 2004
Today Microsoft released the following Security Bulletins.
Note: http://www.microsoft.com/technet/security/default.mspx
and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summaries:
October Summary
http://www.microsoft.com/technet/security/Bulletin/ms04-oct.mspx
Critical Bulletins:
MS04-032 – Security Update for Microsoft Windows (840987)
http://www.microsoft.com/technet/security/Bulletin/ms04-032.mspx
MS04-033 – Vulnerability in Microsoft Excel Could Allow Code Execution (886836)
http://www.microsoft.com/technet/security/Bulletin/ms04-033.mspx
MS04-034 – Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376)
http://www.microsoft.com/technet/security/Bulletin/ms04-034.mspx
MS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881)
http://www.microsoft.com/technet/security/Bulletin/ms04-035.mspx
MS04-036 - Vulnerability in NNTP Could Allow Code Execution (883935)
http://www.microsoft.com/technet/security/Bulletin/ms04-036.mspx
MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
http://www.microsoft.com/technet/security/Bulletin/ms04-037.mspx
MS04-038 - Cumulative Security Update for Internet Explorer (834707)
http://www.microsoft.com/technet/security/Bulletin/ms04-037.mspx
Important Bulletins:
MS04-029 – Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
http://www.microsoft.com/technet/security/Bulletin/ms04-029.mspx
MS04-030 – Bulletin Title Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)
http://www.microsoft.com/technet/security/Bulletin/ms04-030.mspx
MS04-031 – Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
http://www.microsoft.com/technet/security/Bulletin/ms04-031.mspx
Re-Released Bulletins:
MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
http://www.microsoft.com/technet/security/Bulletin/ms04-031.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety [1-866-727-2338] International customers should contact their local subsidiary.
--
October 12, 2004
Today Microsoft released the following Security Bulletins.
Note: http://www.microsoft.com/technet/security/default.mspx
and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summaries:
October Summary
http://www.microsoft.com/technet/security/Bulletin/ms04-oct.mspx
Critical Bulletins:
MS04-032 – Security Update for Microsoft Windows (840987)
http://www.microsoft.com/technet/security/Bulletin/ms04-032.mspx
MS04-033 – Vulnerability in Microsoft Excel Could Allow Code Execution (886836)
http://www.microsoft.com/technet/security/Bulletin/ms04-033.mspx
MS04-034 – Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376)
http://www.microsoft.com/technet/security/Bulletin/ms04-034.mspx
MS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881)
http://www.microsoft.com/technet/security/Bulletin/ms04-035.mspx
MS04-036 - Vulnerability in NNTP Could Allow Code Execution (883935)
http://www.microsoft.com/technet/security/Bulletin/ms04-036.mspx
MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
http://www.microsoft.com/technet/security/Bulletin/ms04-037.mspx
MS04-038 - Cumulative Security Update for Internet Explorer (834707)
http://www.microsoft.com/technet/security/Bulletin/ms04-037.mspx
Important Bulletins:
MS04-029 – Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
http://www.microsoft.com/technet/security/Bulletin/ms04-029.mspx
MS04-030 – Bulletin Title Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)
http://www.microsoft.com/technet/security/Bulletin/ms04-030.mspx
MS04-031 – Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
http://www.microsoft.com/technet/security/Bulletin/ms04-031.mspx
Re-Released Bulletins:
MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
http://www.microsoft.com/technet/security/Bulletin/ms04-031.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety [1-866-727-2338] International customers should contact their local subsidiary.
--