 |
|
 |
| Tuesday, February 07, 2012
|
| Register Login |
 |
|
|
|
|
Users currently online
|
 |
|
|
|
 |
Membership: |
 |
Latest:
kevin |
 |
New Today:
0 |
 |
New Yesterday:
0 |
 |
Overall:
56 |
 |
People Online: |
 |
Visitors:
7 |
 |
Members:
0 |
 |
Total:
7 |
Online Now:
|
|
|
|
|
|
|
|
|
|
Welcome to the Viruswarning forums. All your original content has been ported to the new forums as well as new content and additional opportunities to interact with the authors of Viruswarn.com. You can always access old content at www.leedrake.com/forum . You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....
But at least it's all here.
Enjoy!
|
|
|
|
|
|
Viruswarn Forums
|
|
|
|
|
| You are not authorized to post a reply.
|
|
| Author |
Messages |
|
Lee Drake
Posts:238
 |
| 10/12/2005 3:20 PM |
|
| What it is
Yesterday was patch Tuesday, and Microsoft released 2 months worth of security updates (since they skipped last month's update). There are 3 critical bulletins (MS05-050 to MS05-052) (one for Directshop, one for COM+/MSDTC, and one for Internet Explorer), there were 4 important updates (MS05-046 to MS05-049) (in Client services for Netware, Plug and Play, Microsoft collaboration data objects (Also known as CDO), and one in the Windows Shell. All of these vulnerabilities would allow an attacker to take complete control of your system. In addition, they released two moderate level security bulletins (MS05-044 to MS05-045(one in the FTP client and one in the Network Connection manager). These lesser bulletins won't allow complete control, but could allow a user to download a file they're not expecting or tie up network connections so they don't respond.
What you should do
It's HIGHLY IMPORTANT that you apply these updates. Zero or first day attacks after a vulnerability is released are not uncommon, and some of these vulnerabilities have been known for 2-3 months in general form. Many of these are remote execution vulnerabilities that could allow a worm or other computer to take over your system. If you have a flag in your system tray (yellow shield) saying that patches have been downloaded and applied and recommending a reboot - do so. If you have no flag - check http://update.microsoft.com and download and apply all critical and moderate patches.
See the list below for what OS's are affected by which vulnerability. For MS05-50 if you are not sure what version of DirectX you have you can run DXDiag.exe from the Start/Run menu to see the version you're currently running.
Note that MS also will install and run the latest version of the malicious software removal tool.
Further references
October security release bulletin Summary: http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx
MS05-044 Moderate (FTP Client): Windows XP SP1, Server 2003: http://www.microsoft.com/technet/security/Bulletin/MS05-044.mspx
MS05-045 Moderate (Network connection manager): Windows 2000 sp4, XP SP1 and SP2, Server 2003 and Server 2003 SP1): http://www.microsoft.com/technet/security/bulletin/MS05-045.mspx
MS05-046 Important (Client service for Netware): Windows 2000 sp4, XP SP1 and SP2, Server 2003 and Server 2003 SP1: http://www.microsoft.com/technet/security/bulletin/MS05-046.mspx
MS05-047 Important (Plug and Play vulnerability): Windows 2000 sp4, XP SP1 and SP2: http://www.microsoft.com/technet/security/bulletin/MS05-047.mspx
MS05-048 Important (MS CDO): 2000 SP4, XP SP1 and SP2, Server 2003, 2003 SP1, 2000 SP3 with Exchange 2000 post SP3 rollup: http://www.microsoft.com/technet/security/Bulletin/MS05-048.mspx
MS05-049 Important (Windows shell vulnerability): 2000 sp4, XP SP1 and SP2, Server 2003, Server 2003 SP1: http://www.microsoft.com/technet/security/Bulletin/MS05-048.mspx
MS05-050 Critical (Directshow vulnerability): Computers running DirectX 7.0 (on Windows 2000), 8.1 on XP SP1, server 2003 or Server 2003 sp1, 9.0c on XP SP2, windows 98. 98SE, and ME: http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx
MS05-051 Critical (MSDTC and COM+): 2000 sp4, XP SP1 and XP SP2, 2003 Server and 2003 Server SP1: http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx
MS05-052 Critical (Multiple IE vulnerabilities): 2000 SP4, XP sp1 and sp2, Server 2003 and Server 2003 sp1, Windows 98, 98SE and ME, IE versions 5.01, 6.0SP1, IE 6 SP2, IE 6 for Server 2003, IE 5.5 sp2 for Windows ME, IE 6 sp1 on 98, 98se, and ME: http://www.microsoft.com/technet/security/Bulletin/MS05-052.mspx
This concludes this viruswarning notice.
Lee Drake
Aztek Computer Solutions, Inc.
274 Goodman Street North Suite B269
Rochester, NY 14607
www.azcomputer.net
ldrake@azcomputer.net Phone: 585-242-2060
Fax: 585-242-9441
Cell: 585-509-0284
|
|
|
|
|
Lee Drake
Posts:238
|
| 10/13/2005 7:16 AM |
|
| What it is
A couple of minor notes:
The MS05-050 patch is for DIRECTSHOW not DIRECTSHOP - that was a typo.
To clarify Microsoft has a tool which will be downloaded in the patch cycle monthly that they call the "Malicious Software Removal Tool". I will endeavor to put that in quotes with caps in the future as the wording confused some users. This tool doesn't actually install as a runable program (though there is a downloadable version of it in another section of the website). It will download and immediately run. It's like a poor crippled version of McAfee's stinger - designed to get rid of a few of the more common worms and trojans that are out there. I wouldn't rely on it as a removal tool should you become infected, over better tools that are available. The tool is designed to allow machines to be updated despite having a minor infection from one of a limited list of thes viruses and trojans. Good antivirus and spyware protection should make this tool unneeded and redundant, however as Microsoft is Microsoft you'll get it every month anyway :)
As part of fixing MS05-050, depending on what version of ActiveX you have on your machine, you may be asked to download and install the latest ActiveX version, rather than just a patch for the version. If windows update recommends this, we recommend you update.
What to do
The typo and clarification require no additional action on your part :) For MS05-050 we recommend updating your version of DirectX if you are instructed to.
Further references
None.
This concludes this viruswarning update.
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.6
|
|
|
|
|
|
|
|