[Dshield] Several fixes available for critical vulnerabilities inMS IE and various flavours of MS Windows

Chuck Lewis clewis at iquest.net
Wed Apr 14 14:12:25 GMT 2004


Peter,

Nice catch - thanks. I just went there (and TRY to keep up to date) and
there were 5 critical updates... 

The 4 you mention:

Security Update for Microsoft Windows (835732)
Cumulative Update for Microsoft RPC/DCOM (828741)
Cumulative Security Update for Outlook Express (837009) Check
Vulnerability in the Microsoft Jet Database Engine Could Allow Code
Execution (837001)

And:

Critical Update for Internet Explorer 6 Service Pack 1 (KB831167)
Download size: 378 KB, < 1 minute
An identified issue may cause errors when Internet Explorer attempts to
renew a connection to a server. You should apply this update if you begin to
receive errors connecting to websites after you have applied the KB832894
security update to Internet Explorer. After you install this item, you may
need to restart your computer. Read more...

Chuck

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Peter Stendahl-Juvonen
Sent: Wednesday, April 14, 2004 5:26 AM
To: DShield General DShield Discussion List
Subject: [Dshield] Several fixes available for critical vulnerabilities inMS
IE and various flavours of MS Windows

Several fixes available for critical vulnerabilities in MS IE and
various flavours of MS Windows

FYI-

For those concerned (MS Security Bulletins and patches issued April 13,
2004)-


1) Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732)

http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

Who should read this document: Customers who use MicrosoftR WindowsR
Impact of vulnerability:  Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should apply the update immediately.

Affected Software (in addition to Windows): Microsoft NetMeeting


2) Microsoft Security Bulletin MS04-012
Cumulative Update for Microsoft RPC/DCOM (828741)

http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx

Who should read this document: Customers who use MicrosoftR WindowsR
Impact of vulnerability:  Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should apply the update immediately.


3) Microsoft Security Bulletin MS04-013
Cumulative Security Update for Outlook Express (837009)

http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx

Who should read this document: Customers who have MicrosoftR Outlook
ExpressR installed
Impact of vulnerability:  Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should apply the update immediately.

Security Update Replacement: This bulletin replaces MS03-014: Cumulative
Update for Outlook Express, and any prior Cumulative Security Update for
Outlook Express.


4) Microsoft Security Bulletin MS04-014
Vulnerability in the Microsoft Jet Database Engine Could Allow Code
Execution (837001)

http://www.microsoft.com/technet/security/bulletin/ms04-014.mspx

Who should read this document: Customers who use MicrosoftR WindowsR
Impact of vulnerability:  Remote Code Execution
Maximum Severity Rating: Important
Recommendation: Customers should install the update at the earliest
opportunity.


Have downloaded and applied all patches. Installs and runs fine.
(In nationalized [Finnish language] W2K Pro platform.)

Happy patching


- Pete


                 "Absence of occupation is not rest; 
             A mind quite vacant is a mind distressed."
              William Cowper (1731-1800); English poet.


_______________________________________________
list mailing list
list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list