Today Microsoft released the following Security Bulletins. 13-4-04]

Discussion in 'other security issues & news' started by NICK ADSL UK, Apr 13, 2004.

Thread Status:
Not open for further replies.

    NICK ADSL UK Administrator

    May 13, 2003
    Today Microsoft released the following Security Bulletins.
    Posted originally by Jerry Bryant - Microsoft IT Communities
    Note: and are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summaries:


    Critical Bulletins:

    MS04-011 - Security Update for Microsoft Windows (835732)

    MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)

    MS04-013 - Cumulative Security Update for Outlook Express (837009)
    Important Bulletins:
    MS04-014 - Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

    Re-Released Bulletins:
    The following bulletins have been re-released to advise of the availability of updates for various versions of Microsoft Exchange Server. Please see the bottom of each bulletin for revision information.

    MS00-082 - Patch Available for 'Malformed MIME Header' Vulnerability

    MS01-041 - Malformed RPC Request Can Cause Service Failure

    MS02-011 - Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service

    MS03-046 - Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (829436)

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-233:cool:. International customers should contact their local subsidiary.
    Last edited: Apr 15, 2004
  2. DevilFrank

    DevilFrank Registered Member

    Jul 20, 2003
    The DeepSight Threat Analyst team has raised the ThreatCon to level 2. Symantec's ThreatCon Rating provides an overall view of global Internet Security and is based on a 1-4 rating system, with a level 4 being the highest threat level.

    Network administrators are strongly advised to audit their controlled systems that these issues may affect, and also apply necessary updates. The Symantec Security Response team believes that the creation of Internet worms that take advantage of some of these vulnerabilities is possible and recommends that the risks be mitigated as soon as possible.
Thread Status:
Not open for further replies.