Oct 2004 OS Security Bulletin:

Wow! Windows Update released an unprecedented number of software security updates to plug flaws in its products, including seven "critical" defects that it said hackers could use to hijack vulnerable computers running the Windows operating system. These updates are designed to fix at least 21 new vulnerabilities, several of which reside on nearly every version of the Windows operating system.  Head on to Windows Update web page the next time your computer is idle and have it patch up.

On our computers with Windows XP SP2, 2 critical (KB885884 and KB834707) update managed to sneak in with total file size of 7 MB.  After that it when in a zombie state "Installing Critical Update for Office XP on Windows XP Service Pack 2 (KB885884/KB834707)..." for a couple of minutes with its hard disk brinking frantically!  At the end, it displayed "You have successfully updated your computer.  Click Reboot Now button.

The free updates, available at Microsoft’s Windows Update Web site. Here is a quick summary:

MS04-029 Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) The affected applications issue valid WebDAV requests that have many XML attributes. This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the vulnerability could cause the affected system to stop responding or could potentially read portions of active memory content.

MS04-030 Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) This update contains a functionality change that may affect some applications. This update resolves a newly-discovered, privately reported vulnerability. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could cause WebDAV to consume all available memory and CPU time on an affected server.

MS04-031 Vulnerability in NetDDE Could Allow Remote Code Execution (841533)This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Network Dynamic Data Exchange (NetDDE) services because of an unchecked buffer. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.

MS04-032 Security Update for Microsoft Windows (840987) Microsoft Knowledge Base Article 840987 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 840987. This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

MS04-033 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836) This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in Microsoft Excel. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

MS04-034 Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376) This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the way that Windows processes Compressed (zipped) Folders. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability.

MS04-035 Vulnerability in SMTP Could Allow Remote Code Execution (885881) This update resolves a newly-discovered vulnerability. A remote code execution vulnerability exists in the Simple Mail Transfer Protocol (SMTP) component that is provided as part of the affected software. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

MS04-036 Vulnerability in NNTP Could Allow Remote Code Execution (883935) This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists within the Network News Transfer Protocol (NNTP) component of the affected operating systems. This vulnerability could potentially affect systems that do not use NNTP. This is because some programs that are listed in the affected software section require that the NNTP component be enabled before you can install them. The vulnerability is documented in the Vulnerability Details section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

MS04-037 Vulnerability in Windows Shell Could Allow Remote Code Execution (841356) If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit these vulnerabilities.

MS04-038 Cumulative Security Update for Internet Explorer (834707) This update may not include hotfixes that have been released since the release of MS04-004 or MS04-025. Customers who have received hotfixes from Microsoft or from their support providers since the release of MS04-004 or MS04-025 should review the FAQ section for this update to determine how this update might affect their operating systems. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

Updated On: 15.02.17