Microsoft Security Bulletin MS04-011 [Revision updated on the [28-4-04]

Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732)

Issued: April 13, 2004
Updated: April 28, 2004
Version: 1.2

Summary
Who should read this document: Customers who use Microsoft® Windows®

Impact of vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately.

Security Update Replacement: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

Caveats: The security update for Windows NT Server 4.0 Terminal Server Edition Service Pack 6 requires, as a prerequisite, the Windows NT Server 4.0 Terminal Server Edition Security Rollup Package (SRP). To download the SRP, visit the following Web site. You must install the SRP before you install the security update that is provided in this security bulletin. If you are not using Windows NT Server 4.0 Terminal Server Edition Service Pack 6 you do not need to install the SRP.

Microsoft Knowledge Base Article 835732 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 835732.

Tested Software and Security Update Download Locations:

Affected Software:

• Microsoft Windows NT® Workstation 4.0 Service Pack 6a – Download the update

• Microsoft Windows NT Server 4.0 Service Pack 6a – Download the update

• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 – Download the update

• Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4 – Download the update

• Microsoft Windows XP and Microsoft Windows XP Service Pack 1 – Download the update

• Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update

• Microsoft Windows XP 64-Bit Edition Version 2003 – Download the update

• Microsoft Windows Server™ 2003 – Download the update

• Microsoft Windows Server 2003 64-Bit Edition – Download the update

• Microsoft NetMeeting

• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.


The software that is listed above has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site.

Please note this is a revision update and for further info please see the link below. As this is an important update regarding the following
Alert: [02-May-2004]
Worm.Win32.Sasser.a, Worm.Win32.Sasser.b spreading since May 01. These worms exploit the Local Security Authority Subsystem Service (LSASS) issue fixed in Microsoft Security Update MS04-011 on April 13, 2004. More information is available from Microsoft.

Revisions:

• V1.0 April 13, 2004: Bulletin published

• V1.1 April 21, 2004: Bulletin updated to reflect updated information in the Update Replacement Section. Bulletin has also been updated to reflect the change in the MBSA detection behavior as described in the updated FAQ section. The bulletin also contains revisions to the workaround section for the Utility Manager Vulnerability (CAN-2003-090.

• V1.2 April 28, 2004: Updated Caveats section to reflect the availability of a revised Microsoft Knowledge Base Article 835732. It documents the currently known issues that customers may experience when installing this security update. The article also documents recommended solutions for these issues.

http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx