[Dshield] Several fixes available for critical vulnerabilities inMS IE and various flavours of MS Windows

info TCS info at thijsseling.nl
Fri Apr 16 15:02:34 GMT 2004


Has anyone noticed the problems with the instllation of the Security Update
for Microsoft Windows 835732? (After installing Security fix KB835732, the
SYSTEM.exe process uses up 99% of CPU time, and make the system
non-responsive).
I read in a post that Microsoft at the moment suggests that "the benefit of
waiting (for a fix) may not be worth the risk of waiting 
(worms).  This problem isn't happening on every machine - just certain (to
be determined) machines."
This kept me up a couple of extra hours last night, so if you haven't
patched yet: you're warned!

Henny




-> -----Original Message-----
-> From: list-bounces at lists.dshield.org 
-> [mailto:list-bounces at lists.dshield.org] On Behalf Of Peter 
-> Stendahl-Juvonen
-> Sent: woensdag 14 april 2004 12:26
-> To: DShield General DShield Discussion List
-> Subject: [Dshield] Several fixes available for critical 
-> vulnerabilities inMS IE and various flavours of MS Windows
-> 
-> 
-> Several fixes available for critical vulnerabilities in MS 
-> IE and various flavours of MS Windows
-> 
-> FYI-
-> 
-> For those concerned (MS Security Bulletins and patches 
-> issued April 13,
-> 2004)-
-> 
-> 
-> 1) Microsoft Security Bulletin MS04-011
-> Security Update for Microsoft Windows (835732)
-> 
-> http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx
-> 
-> Who should read this document: Customers who use MicrosoftR 
-> WindowsR Impact of vulnerability:  Remote Code Execution 
-> Maximum Severity Rating: Critical
-> Recommendation: Customers should apply the update immediately.
-> 
-> Affected Software (in addition to Windows): Microsoft NetMeeting
-> 
-> 
-> 2) Microsoft Security Bulletin MS04-012
-> Cumulative Update for Microsoft RPC/DCOM (828741)
-> 
-> http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx
-> 
-> Who should read this document: Customers who use MicrosoftR 
-> WindowsR Impact of vulnerability:  Remote Code Execution 
-> Maximum Severity Rating: Critical
-> Recommendation: Customers should apply the update immediately.
-> 
-> 
-> 3) Microsoft Security Bulletin MS04-013
-> Cumulative Security Update for Outlook Express (837009)
-> 
-> http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx
-> 
-> Who should read this document: Customers who have MicrosoftR 
-> Outlook ExpressR installed Impact of vulnerability:  Remote 
-> Code Execution Maximum Severity Rating: Critical
-> Recommendation: Customers should apply the update immediately.
-> 
-> Security Update Replacement: This bulletin replaces 
-> MS03-014: Cumulative Update for Outlook Express, and any 
-> prior Cumulative Security Update for Outlook Express.
-> 
-> 
-> 4) Microsoft Security Bulletin MS04-014
-> Vulnerability in the Microsoft Jet Database Engine Could 
-> Allow Code Execution (837001)
-> 
-> http://www.microsoft.com/technet/security/bulletin/ms04-014.mspx
-> 
-> Who should read this document: Customers who use MicrosoftR 
-> WindowsR Impact of vulnerability:  Remote Code Execution 
-> Maximum Severity Rating: Important
-> Recommendation: Customers should install the update at the 
-> earliest opportunity.
-> 
-> 
-> Have downloaded and applied all patches. Installs and runs 
-> fine. (In nationalized [Finnish language] W2K Pro platform.)
-> 
-> Happy patching
-> 
-> 
-> - Pete
-> 
-> 
->                  "Absence of occupation is not rest; 
->              A mind quite vacant is a mind distressed."
->               William Cowper (1731-1800); English poet.
-> 
-> 
-> _______________________________________________
-> list mailing list
-> list at lists.dshield.org
-> To change your subscription options (or unsubscribe), see: 
-> http://www.dshield.org/mailman/listinfo/list
-> 





More information about the list mailing list