 |
|
 |
| Tuesday, September 07, 2010
|
| Register Login |
 |
|
|
|
|
Users currently online
|
 |
|
|
|
 |
Membership: |
 |
Latest:
SullyC |
 |
New Today:
0 |
 |
New Yesterday:
0 |
 |
Overall:
53 |
 |
People Online: |
 |
Visitors:
4 |
 |
Members:
0 |
 |
Total:
4 |
Online Now:
|
|
|
|
|
|
|
|
|
|
Welcome to the Viruswarning forums. All your original content has been ported to the new forums as well as new content and additional opportunities to interact with the authors of Viruswarn.com. You can always access old content at www.leedrake.com/forum . You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....
But at least it's all here.
Enjoy!
|
|
|
|
|
|
Viruswarn Forums
|
|
|
|
|
| You are not authorized to post a reply.
|
|
| Author |
Messages |
|
Lee Drake
Posts:238
 |
| 04/12/2005 10:03 PM |
|
| So it must be UPDATE DAY!
What it is
Microsoft released another very large batch of updates. I'll summarize them here without going into lots of details. Suffice it to say that no matter what product you have from Microsoft - there may well have been an update today. Twin visits to http://windowsupdate.microsoft.com and http://officeupdate.microsoft.com would be in order, as well as a quick review of the latest patches to see if they affect other installed software (such as Exchange). In addition, MS has re-released some patches for new operating systems, including older Windows 9x and ME OSes. Everyone should run windows update to check.
Here's a list of the updates:
MS05-016, affects Win 2k SP3 and SP4, Windows XP SP1 and SP2, Windows XP 64bit, SP1, Windows XP 64 bit version 2003, Windows Server 2003, Windows Server 2003 64bit, Windows 9x, Windows ME. This vulnerability exists in the windows shell and is critical - it could allow complete control of your system, although it does require user interaction to authorize it.
MS05-017, affects Windows 2000 SP3 and SP4, Windows XP SP1 only, Windowx XP 64Bit SP1. this vulnerability can allow remote code execution on machines in which Message Queuing is enabled. A remote user could take over complete control of the system.
MS05-018, Affects Windows 2000 SP3 and SP4, Windows XP SP1 and SP2, Windowx XP 64bit SP1 and 2003, Windows Server 2003, Windows 9x, Windows ME. This is a vulnerability in the way windows processes fonts which could allow privilege escalation so a user could take over a system they should not be able to. The vulnerability does require the user to be logged onto the system already. The vulnerability also can allow an attacker to stop a system with a denial of service attack.
MS05-019, Affects Windows 2000 SP3 and SP4, Windows XP SP1 and SP2, Windowx XP 64bit SP1 and 2003, Windows Server 2003, Windows 9x, Windows ME. This serious vulnerability in TCP/IP could allow both remote code execution and Denial of service. I can almost guarantee you'll see a worm exploiting this problem in a very short time. If you don't patch anything else - patch this one. All that's required to take over a system is sending a particular packet to the target system. In addition there are vulnerabilities in the ping protocol that could allow a remote user to boot a computer off it's internet connection. A worm inside a firewall which exploited this, without having patched systems, could bring the network, and computers attached to it down in seconds.
MS05-020, Affects Windows 2000 SP3 and SP4, Windows XP SP1 and SP2, Windowx XP 64bit SP1 and 2003, Windows Server 2003, Windows 9x, Windows ME, all versions of Internet Explorer 6 for these operating system. This cumulative update includes the earlier released MS05-014 patches as well as vulnerabilities in the processing of DHTML, URL parsing, and Content advisor memory corruption. These new vulnerabilities could allow a remote web page or an HTML email to install spyware or trojans on your Internet Explorer based system. This is a critical vulnerability, second only to the TCP/IP one in MS05-019.
MS05-021, Affects Microsoft Exchange 2000 SP3, Exchange Server 2003, Exchange server 2003 sp1. This vulnerability in Exchange could allow a remote user to take over an exchange box or create a denial of service attack. It could allow an exchange box to be hi-jacked and used as an SMTP forwarding service. For server administrators who have publicly available exchange servers this is also a "must patch" patch.
MS05-022, Affects MSN Messenger version 6.2. All Windows XP versions come with Messenger pre-installed. Even if you don't usually use MSN Messenger you should apply this patch. The vulnerability could allow a remote user to take over your system if MSN Messenger is running on it.
MS05-023, Affects the following Microsoft Office products: Word 2000, 2002 and 2003, Works 2001, 2002, 2003 and 2004. This is a buffer overrun vulnerability that could allow an attacker to send you a word document that would install code of the attackers choice on your system. You must run officeupdate (rather than windowsupdate) to fix this one.
MS05-009, This patch to image processing on Windows systems has been updated to include a patch for Windows 9x users. They should update using windowsupate to download and apply the patch.
MS05-002, This patch to cursor processing has been updated to include a patch for Windows 9x users. They should update using windowsupate to download and apply the patch.
What you should do
If your machine is set to automatically download updates, you probably have the "world icon" and a little balloon in your system tray. Click the balloon or the icon to install the updates and reboot your system. Then check http://officeupdate.microsoft.com for addtional updates not captured by windowsupdate. You may also want to visit http://windowsupdate.microsoft.com and go through the wizard selecting "advanced install" and checking for any driver or optional updates as well. Exchange administrators should go to the patch site and download and install the appropriate patch for their version of Exchange.
Further references
MS05-016 - http://www.microsoft.com/technet/security/Bulletin/MS05-016.mspx
MS05-017 - http://www.microsoft.com/technet/security/Bulletin/MS05-017.mspx
MS05-018 - http://www.microsoft.com/technet/security/Bulletin/MS05-018.mspx
MS05-019 - http://www.microsoft.com/technet/security/Bulletin/MS05-019.mspx
MS05-020 - http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx
MS05-021 - http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx
MS05-022 - http://www.microsoft.com/technet/security/Bulletin/MS05-022.mspx
MS05-023 - http://www.microsoft.com/technet/security/Bulletin/MS05-023.mspx
MS05-002 - http://www.microsoft.com/technet/security/Bulletin/MS05-002.mspx
MS05-009 - http://www.microsoft.com/technet/security/Bulletin/MS05-009.mspx
This concludes this virus warning notice!
Lee Drake
Aztek Computer Solutions, Inc.
274 N. Goodman St Suite B269
Rochester, NY 14607
the human side of computing
Email: ldrake@azcomputer.net
Web: www.azcomputer.net Office Phone: 585-242-2060
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.6
|
|
|
|
|
|
|
|