MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

5 Top security flaw found in corporate networks

Alert: Apple Security Bulletin

Alert: MS Security Bulletins

Alert: MS Security Tips

Browser crash test

Critical Alert

Firewall

Firewall on fire!

Hoaxes: E-mail

Internet Protocol Network Camera Surveillance

Mail relay test

Network Setup Checklist

Network Worms

On-line Privacy

Process - OK

Process - Bad & Ugly

Rootkits

Rotten Cookies

TCP Holed

TCP Port

TCP Port ~ 1024

TCP Port ~ 1352

TCP Port ~ 2500

TCP Port ~ 65301

TCP Port Scan

Web Security
Home » Network Security » 

Critical Alert

Here is a compilation of recent microsoft security bulletins and critical updates:

Aug 2005 OS Security Bulletin:
MS05-043 - Vulnerability in Print Spooler Service Link 
MS05-042 - Vulnerabilities in Kerberos Link 
MS05-041 - Vulnerability in Remote Desktop Protocol Link
MS05-040 - Vulnerability in Telephony Service Link
MS05-039 - Vulnerability in Plug and Play [Zotob VirusLink
MS05-038 - Cumulative Security Update for Internet Explorer Link

Jul 2005 OS Security Bulletin:
MS05-037 - Vulnerability in JView Profiler Link
MS05-036 - Vulnerability in Microsoft Color Management Module Link
MS05-035 - Vulnerability in Microsoft Word Link

Jun 2005 OS Security Bulletin:
MS05-034 - Cumulative Security Update for ISA Server 2000 Link
MS05-033 - Vulnerability in Telnet Client Link
MS05-032 - Vulnerability in Microsoft Agent Link
MS05-031 - Vulnerability in Step-by-Step Interactive Training Link
MS05-030 - Vulnerability in Outlook Express Link
MS05-029 - Vulnerability in Outlook Web Access for Exchange Server Link
MS05-028 - Vulnerability in Web Client Service Link
MS05-027 - Vulnerability in Server Message Block Link
MS05-026 - Vulnerability in HTML Help Link
MS05-025 - Cumulative Security Update for Internet Explorer Link

Aug 2005 OS Security Bulletin commentPost your comment  

May 2005 OS Security Bulletin:
MS05-024 - Vulnerability in Web View Link
MS05-023 - Vulnerabilities in Microsoft Word Link
MS05-022 - Vulnerability in MSN Messenger Link

Apr 2005 OS Security Bulletin:
MS05-021 - Vulnerability in Exchange Server Link
MS05-020 - Cumulative Security Update for Internet Explorer Link
MS05-019 - Vulnerabilities in TCP/IP Could Allow Denial of Service  Link
MS05-018 - Vulnerabilities in Windows Kernel Link
MS05-017 - Vulnerability in Message Queuing Link

Mar 2005 OS Security Bulletin:
No Security Bulletin

Feb 2005 OS Security Bulletin:
MS05-016 - Vulnerability in Windows Shell Link
MS05-015 - Vulnerability in Hyperlink Object Library Link
MS05-014 - Cumulative Security Update for Internet Explorer Link
MS05-013 - Vulnerability in the DHTML Editing Component ActiveX Link
MS05-012 - Vulnerability in OLE and COM Link
MS05-011 - Vulnerability in Server Message Block (SMB) Link
MS05-010 - Vulnerability in the License Logging Service Link
MS05-009 - Vulnerability in PNG Processing Link
MS05-008 - Vulnerability in Windows Shell Link
MS05-007 - Vulnerability in Windows Could Allow Info Disclosure Link
MS05-006 - Vulnerability in Windows SharePoint Services Link
MS05-005 - Vulnerability in Microsoft Office XP Link
MS05-004 - ASP.NET Path Validation Vulnerability Link

Feb 2005 OS Security Bulletin: commentPost your comment  

Jan 2005 OS Security Bulletin:

MS05-003 Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250). Indexing Service Vulnerability where an attacker who successfully exploited this vulnerability could take complete control of an affected system.

MS05-002 Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711). This update resolves several newly-discovered, privately reported and public vulnerabilities. Cursor and Icon Format Handling Vulnerability and Windows Kernel Vulnerability.

MS05-001 Vulnerability in HTML Help Could Allow Code Execution (890175). This update resolves a newly-discovered, publicly reported vulnerability. A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system.

Jan 2005 OS Security Bulletin: commentPost your comment  

Dec 2004 OS Security Bulletin:

The 6 patches to fix nine issues (none of the security holes rated as a serious threat), is now available at Microsoft´s Windows Update Web site.  Microsoft has recommended that all Windows XP users upgrade to Service Pack 2, which adds security features to Windows and removes applications that pose potential security risks.  Here is a quick summary:

MS04-040 Cumulative Security Update for Internet Explorer (889293).  This update resolves a newly-discovered publicly reported vulnerability. A vulnerability exists in Internet Explorer that could allow remote code execution on an affected system.  If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

MS04-041 Vulnerability in WordPad Could Allow Code Execution (885836).  A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. If a user is logged on with administrative privileges, an attacker who successfully exploited these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability.

MS04-042 Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249).  An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, attempts to exploit these vulnerabilities would most likely result in a denial of service of the Dynamic Host Configuration Protocol (DHCP) Server service.

MS04-043 Vulnerability in HyperTerminal Could Allow Code Execution (873339).  If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.

MS04-044 Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835).  An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.  The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.

MS04-045 Vulnerability in WINS Could Allow Remote Code Execution (870763).  This update resolves several newly-discovered, public and privately reported vulnerabilities.  The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42.

Dec 2004 OS Security Bulletin: commentPost your comment  

Nov 2004 OS Security Bulletin:

The free updates, available at Microsoft´s Windows Update Web site. Here is a quick summary:

MS04-039 Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258).  This vulnerability could enable an attacker to spoof trusted Internet content.

 

Nov 2004 OS Security Bulletin: commentPost your comment  

Oct 2004 OS Security Bulletin:

Wow! Windows Update released an unprecedented number of software security updates to plug flaws in its products, including seven "critical" defects that it said hackers could use to hijack vulnerable computers running the Windows operating system. These updates are designed to fix at least 21 new vulnerabilities, several of which reside on nearly every version of the Windows operating system.  Head on to Windows Update web page the next time your computer is idle and have it patch up.

On our computers with Windows XP SP2, 2 critical (KB885884 and KB834707) update managed to sneak in with total file size of 7 MB.  After that it when in a zombie state "Installing Critical Update for Office XP on Windows XP Service Pack 2 (KB885884/KB834707)..." for a couple of minutes with its hard disk brinking frantically!  At the end, it displayed "You have successfully updated your computer.  Click Reboot Now button.

The free updates, available at Microsoft´s Windows Update Web site. Here is a quick summary:

MS04-029 Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) The affected applications issue valid WebDAV requests that have many XML attributes. This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the vulnerability could cause the affected system to stop responding or could potentially read portions of active memory content.

MS04-030 Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) This update contains a functionality change that may affect some applications. This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could cause WebDAV to consume all available memory and CPU time on an affected server.

MS04-031 Vulnerability in NetDDE Could Allow Remote Code Execution (841533)This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Network Dynamic Data Exchange (NetDDE) services because of an unchecked buffer. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.

MS04-032 Security Update for Microsoft Windows (840987) Microsoft Knowledge Base Article 840987 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 840987. This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

MS04-033 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836) This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in Microsoft Excel. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

MS04-034 Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376) This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the way that Windows processes Compressed (zipped) Folders. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability.

MS04-035 Vulnerability in SMTP Could Allow Remote Code Execution (885881) This update resolves a newly-discovered vulnerability. A remote code execution vulnerability exists in the Simple Mail Transfer Protocol (SMTP) component that is provided as part of the affected software. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

MS04-036 Vulnerability in NNTP Could Allow Remote Code Execution (883935) This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists within the Network News Transfer Protocol (NNTP) component of the affected operating systems. This vulnerability could potentially affect systems that do not use NNTP. This is because some programs that are listed in the affected software section require that the NNTP component be enabled before you can install them. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

MS04-037 Vulnerability in Windows Shell Could Allow Remote Code Execution (841356) If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit these vulnerabilities.

MS04-038 Cumulative Security Update for Internet Explorer (834707) This update may not include hotfixes that have been released since the release of MS04-004 or MS04-025. Customers who have received hotfixes from Microsoft or from their support providers since the release of MS04-004 or MS04-025 should review the FAQ section for this update to determine how this update might affect their operating systems. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

Oct 2004 OS Security Bulletin: commentPost your comment  

Sep 2004 Microsoft Security Bulletin:

  • MS04-027 Vulnerability in WordPerfect Converter Could Allow Code Execution (884933).
  • MS04-028 Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987).  This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section.  If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

Sep 2004 Microsoft Security Bulletin: commentPost your comment  

Aug 2004 Microsoft Security Bulletin:

  • MS04-026 Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436).  This update resolves a newly-discovered, privately reported vulnerability. A cross-site scripting and spoofing vulnerability exists in Outlook Web Access for Exchange Server 5.5 that could allow an attacker to convince a user to run a malicious script. The vulnerability is documented in the Vulnerability Details section of this bulletin.  An attacker who successfully exploited the vulnerability could manipulate Web browser caches and intermediate proxy server caches, and put spoofed content in those caches. They may also be able to exploit the vulnerability to perform cross-site scripting attacks.

Aug 2004 Microsoft Security Bulletin: commentPost your comment  

Jul 2004 Microsoft Security Bulletin:

  • MS04-025 Vulnerability in Windows Shell Could Allow Remote Code Execution (KB867801). This update resolves several newly discovered public vulnerabilities: Navigation Method Cross-Domain Vulnerability, Malformed BMP File Buffer Overrun Vulnerability, and Malformed GIF File Double Free Vulnerability.  These Vulnerability allows Remote Code Execution on the Local Computer.
  • MS04-024 Vulnerability in Windows Shell Could Allow Remote Code Execution (KB839645).  This update resolves a newly-discovered, publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows Shell launches applications. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, significant user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
  • MS04-023 Vulnerability in HTML Help Could Allow Code Execution (KB840315).  This update resolves two newly-discovered vulnerabilities. The HTML Help vulnerability was privately reported and the showHelp vulnerability is public. Each vulnerability is documented in this bulletin in its own Vulnerability Details section.  If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
  • MS04-022 Vulnerability in Task Scheduler Could Allow Code Execution (KB841873).  This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Task Scheduler because of an unchecked buffer. The vulnerability is documented in the Vulnerability Details section of this bulletin.  If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
  • MS04-021 Security Update for IIS 4.0 (KB841373).  This update resolves a newly-discovered, privately reported vulnerability.  An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
  • MS04-020 Vulnerability in POSIX Could Allow Code Execution (KB841872).  This update resolves a newly-discovered, privately reported vulnerability. A privilege elevation vulnerability exists in the POSIX operating system component (subsystem). The vulnerability is documented in the Vulnerability Details section of this bulletin.  An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
  • MS04-019 Vulnerability in Utility Manager Could Allow Code Execution (KB842526).  This update resolves a newly-discovered, privately reported vulnerability. A privilege elevation vulnerability exists in the way that Utility Manager launches applications. A logged-on user could force Utility Manager to start an application with system privileges and could take complete control of the system. The vulnerability is documented in the Vulnerability Details section of this bulletin.  An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
  • MS04-018 Cumulative Security Update for Outlook Express (KB823353).  This update resolves a public vulnerability. A denial of service vulnerability exists in Outlook Express because of a lack of robust verification for malformed e-mail headers. The vulnerability is documented in the Vulnerability Details section of this bulletin. This update also changes the default security settings for Outlook Express 5.5 Service Pack 2 (SP2). This change is documented in the Frequently Asked Questions related to this security update section of this bulletin.

July 2004 commentPost your comment  

 

Jun 2004 Microsoft Security Bulletin:

  • MS04-017 Vulnerability in Crystal Reports Web Viewer Could Allow Information Disclosure and Denial of Service (KB842689) - Outlook2003
  • MS04-016 Vulnerability in DirectPlay Could Allow Denial of Service (KB839643) - Windows2000, XP, Server2003

Jun 2004 commentPost your comment  

 


Page1 2


commentPost your comment 
Mail this pageMail this page


© 2006-2010. All Rights Reserved.