Microsoft Security Bulletin(s) for 11/9/2004

Discussion in 'other security issues & news' started by NICK ADSL UK, Nov 9, 2004.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for 11/9/2004

    November 9, 2004
    Today Microsoft released the following Security Bulletin(s).

    Note: http://www.microsoft.com/technet/security/default.mspx
    and
    www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summaries:

    October Summary
    http://www.microsoft.com/technet/security/Bulletin/ms04-nov.mspx

    Important Bulletins:

    MS04-039 – Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing [888258]
    http://www.microsoft.com/technet/security/Bulletin/ms04-039.mspx

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety [1-866-727-2338] International customers should contact their local subsidiary.
    --
     
    Last edited: Nov 9, 2004
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS04-038[Critical]Updated: November 9, 2004

    Cumulative Security Update for Internet Explorer (834707)
    Issued: October 12, 2004
    Updated: November 9, 2004
    Version: 1.1

    Summary
    Who should read this document: Customers who use Microsoft Windows

    Impact of Vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers should install the update immediately.

    Security Update Replacement: This update replaces the update that is included with Microsoft Security Bulletin MS04-025. That update is also a cumulative update.


    Affected Software:

    • Microsoft Windows NT Server 4.0 Service Pack 6a

    • Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

    • Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4

    • Microsoft Windows XP, Microsoft Windows XP Service Pack 1, and Microsoft Windows XP Service Pack 2

    • Microsoft Windows XP 64-Bit Edition Service Pack 1

    • Microsoft Windows XP 64-Bit Edition Version 2003

    • Microsoft Windows Server 2003

    • Microsoft Windows Server 2003 64-Bit Edition

    • Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) – Review the FAQ section of this bulletin for details about these operating systems


    Please note this update was first issued on the October 12-10-04 and this update today refers to that update.

    Revisions:

    • V1.0 (October 12, 2004): Bulletin published

    V1.1 (November 9, 2004): Updated the ActiveX control name from “Heartbeat.ocx” to “Hrtbeat.ocx”, added GUID information to the Security Update Information section, and added acknowledgement to Liu Die Yu for working with us responsibly on two vulnerabilities addressed by this update.



    http://www.microsoft.com/technet/security/Bulletin/MS04-038.mspx

    HELP AND SUPPORT>>>>>>>>
    http://support.microsoft.com/?id=834707
     
    Last edited: Nov 12, 2004
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Re-Releases, November 2004

    Title: Microsoft Security Bulletin Re-Releases, November 2004
    Issued: November 16, 2004
    ********************************************************************

    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    * MS04-039

    Bulletin Information:
    =====================

    * MS04-039

    - http://www.microsoft.com/technet/security/bulletin/MS04-039.mspx
    - Reason for re-release: Bulletin updated to reflect the release
    of updated ISA Server 2000 security updates for all languages.
    These issues affected customers using ISA Server 2000 Service
    Pack 1 or using Windows 2000 Service Pack 3. The Security
    Update Replacement section has also been revised.
    - Originally posted: November 9, 2004
    - Updated: November 16, 2004
    - Bulletin Severity Rating: Important
    - Version: 3.0

    ********************************************************************

    Support:
    ========
    Technical support is available from Microsoft Product Support
    Services at 1-866-PC SAFETY (1-866-727-233:cool:. There is no
    charge for support calls associated with security updates.
    International customers can get support from their local Microsoft
    subsidiaries. Phone numbers for international support can be found at
    http://support.microsoft.com/common/international.aspx
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Update for Windows XP (KB886677)11/19/2004

    Update for Windows XP (KB886677)
    This update addresses an issue where double-byte character set (DBCS) characters may appear corrupted in Internet Explorer on Windows XP when you browse a Web site that uses Shift-JIS character encoding.



    Quick Info
    File Name:
    WindowsXP-KB886677-x86-enu.exe

    Download Size:
    530 KB

    Date Published:
    11/19/2004

    Version:
    886677


    http://www.microsoft.com/downloads/...b995-6e060ac7e5b1&displaylang=en&Hash=LRC6SRB
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Update for Windows XP (KB887742) 11/22/2004

    Update for Windows XP (KB887742)
    This update addresses an issue in Windows XP Service Pack 2 that could cause the system to stop responding if certain TDI filter drivers, such as anti-virus software, are installed.



    Quick Info
    File Name:
    WindowsXP-KB887742-x86-ENU.exe

    Download Size:
    447 KB

    Date Published:
    11/22/2004

    Version:
    887742

    http://www.microsoft.com/downloads/...ac96-8b5dca23f395&displaylang=en&Hash=FFSDFCF
     
Loading...
Thread Status:
Not open for further replies.