msoft:windows update

Discussion in 'other security issues & news' started by the mul, Oct 15, 2003.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    updates are kb828035, kb825119, kb823182, kb824141=3.7mb download.


    The Mul
     
  2. AplusWebMaster

    AplusWebMaster Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    239
    Location:
    Philadelphia, PA, USA
    :( FYI...more on this from the Internet Storm Center:
    http://isc.sans.org/diary.html
    October 15th 2003 17:48 EDT
    "...Today, Microsoft published a number of advisories, 5 of which are classified as 'critical' (= allow remote execution of code). For a summary, see: http://www.microsoft.com//technet/security/bulletin/winoct03.asp
    ....The release of such a large number of vulnerabilities is due to Microsoft's implementation of a new "Security Bulletin Release Process". New security bulletins will now be released monthly. For details, see: http://www.microsoft.com/technet/security/bulletin/revsbwp.asp..."
     
  3. AplusWebMaster

    AplusWebMaster Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    239
    Location:
    Philadelphia, PA, USA
    Re: Multiple MS advisories -revised-!!!

    :( FYI...

    MS posts 'revisions' to MS03-045 and MS03-047
    http://www.computerworld.com/printthis/2003/0,4814,86399,00.html
    OCTOBER 23, 2003
    "...Two software patches Microsoft Corp. released last week caused problems on foreign language versions of the Windows operating system and Exchange e-mail server. As a result, Microsoft yesterday issued "major revisions" to the two patches, MS03-045 and MS03-047...
    - MS03-045 concerns a buffer overrun vulnerability in a component of most supported versions of Windows. Microsoft rated the issue "important" but not critical. If left unpatched, the security hole would allow any person with a valid user log-in and password for an affected system to take total control of that machine and run malicious code on it...
    - MS03-047 was rated "Moderate" and described a cross-site scripting vulnerability in Exchange Server 5.5, Service Pack 4. If left unpatched, the problem could allow a remote attacker to send a user on a vulnerable system an e-mail message containing an embedded Web link to trick victims into running a computer script of the attacker's choice, Microsoft said..."

    - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-045.asp

    - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-047.asp
     
Loading...
Thread Status:
Not open for further replies.