[Dshield] MS Security patches

Thor Larholm thor at pivx.com
Wed Oct 15 20:56:38 GMT 2003


Add to that MS03-046 and MS03-047.

Critical:
Vulnerability in Exchange Server Could Allow Arbitrary Code Execution
(829436)
http://www.microsoft.com/technet/security/bulletin/MS03-046.asp

Moderate:
Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow
Cross-Site Scripting Attack (828489)
http://www.microsoft.com/technet/security/bulletin/MS03-047.asp



Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher

-----Original Message-----
From: Deb Hale [mailto:haled at pionet.net] 
Sent: Wednesday, October 15, 2003 12:28 PM
To: list at dshield.org
Subject: [Dshield] MS Security patches


FYI - 


Microsoft has just posted 5 new security patches.  4 are critical, 1 is
important.  

Microsoft Security Bulletin MS03-041 to MS03-045. 

Critical 

823182 MS03-041 Vulnerability in Authenticode Verification Could Allow
Remote Code Execution 
Windows Millennium Edition (Windows Me) 
Windows NTR 4.0 
Windows NT 4.0,
Terminal Server Edition 
Windows 2000 
Windows XP 
Windows ServerT 2003 
 
826232 MS03-042 Buffer Overflow in Windows Troubleshooter ActiveX
Control Could Allow Code Execution 
Windows 2000 
 
828035 MS03-043 Buffer Overrun in Messenger Service Could Allow Code
Execution 
Windows NT 4.0 
Windows NT 4.0,
Terminal Server Edition 
Windows 2000 
Windows XP 
Windows Server 2003 
 
825119 MS03-044 Buffer Overrun in Windows Help and Support Center Could
Lead to System Compromise 
Windows Me 
Windows NT 4.0 
Windows NT 4.0,
Terminal Server Edition 
Windows 2000 
Windows XP 
Windows Server 2003 

Important 

824141 MS03-045 Buffer Overrun in the ListBox and in the ComboBox
Control Could Allow Code Execution 
Windows NT 4.0 
Windows NT 4.0,
Terminal Server Edition 
Windows 2000 
Windows XP 
Windows Server 2003 
 


_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list