nlinecomputers Posted February 11, 2004 Share Posted February 11, 2004 It is the second Tuesday of the month and as scheduled Microsoft has released all the newly issued patches for the month.Microsoft has issued 3 patches. One to correct a buffer overflow that can allow an attacker to gain control of the computer, a set of patches to fix various security issues in Internet Explorer that allow attackers to spoof websites, and a issue with the WINS service on Windows Servers that could lead to a Denial of Service Attack. Full Story and Links to Technet Quote Link to comment Share on other sites More sharing options...
SonicDragon Posted February 11, 2004 Share Posted February 11, 2004 (edited) Apparently there is a very very very critical update in there. I was listening to some security pro on tech tv saying that this was the biggest windows flaw he had ever seen etc, and could potensially be like the worst ever.But, the security company that found it did a pretty good job about keeping it secret and only telling ms, who now has a patch out (it took them over 200 days though). This guy was estimating two to three weeks before it would be really exploited... who knows Anyone got a good article on this? I haven't read the news today...<edit>Here's a slashdot story.</edit> Edited February 11, 2004 by SonicDragon Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted February 11, 2004 Author Share Posted February 11, 2004 Yes after I posted my story I found some of the information that you had on that. Very troublesome that it took over 200 days to fix this. Nice to see that eEye sat on it and allowed MS time to fix it but 6 months is too long. Linux can have bugs and get them fixed in days and often it by part timers doing work on there dime. Why the heck does it take so friggen long for Bill and his hired gang of marketing idiots to buy a clue? Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted February 11, 2004 Author Share Posted February 11, 2004 This may also be related to the big OpenSSL bug that was found about 4 months ago:http://www.mandrakesecure.net/en/advisorie...=MDKSA-2003:098They fixed it fast and Microsoft sleeps. Quote Link to comment Share on other sites More sharing options...
Stryder Posted February 11, 2004 Share Posted February 11, 2004 From what I read this exploit went down to the very core of ntfs operating systems. A Microsoft security executive said the flawed software was "an extremely deep and pervasive technology in Windows". The problems affected a technology in the ntfs versions of Windows known as "abstract syntax notation," a way to share data across different computers. Some of Microsoft's built-in security features -- such as its Kerberos cryptography system -- rely on the flawed software.This exploit has actually been there for years. Very scary thought. Quote Link to comment Share on other sites More sharing options...
Ed_P Posted February 11, 2004 Share Posted February 11, 2004 If the bug has been around for "years" and not found until a few months ago by people deliberately looking for bugs it doesn't sound too critical. But the fix is classified as Critical so all pcs properly configured to download the update will be fixed. And for all the pcs that end up getting infected they should all have their hard drives wiped and DOS installed. They are obviously not qualified to run anything more sophisticated. Quote Link to comment Share on other sites More sharing options...
Peachy Posted February 11, 2004 Share Posted February 11, 2004 The third update only affects Windows Server 2003 running WINS and Windows 2000 Server SP2 and earlier and Windows NT 4.0 Server: Microsoft Security Bulletin MS04-006 PrintVulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)Issued: February 10, 2004Version Number: 1.0Summary  Who should read this document: Customers who are using Microsoft® Windows Internet Naming Service (WINS)®  Impact of vulnerability: Remote Code Execution  Maximum Severity Rating: Important  Recommendation: WINS server administrators should install the patch at the earliest opportunity.  Security Update Replacement: None  Caveats: None  Tested Software and Security Update Download Locations:    Affected Software      * Microsoft Windows NT® Server 4.0 Service Pack 6a - Download the update      * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Download the update      * Microsoft Windows 2000 Server Service Pack 2, Microsoft Windows 2000 Server Service Pack 3, Microsoft Windows 2000 Server Service Pack 4 - Download the update      * Microsoft Windows Serverâ„¢ 2003 - Download the update      * Microsoft Windows Server 2003 64-Bit Edition - Download the update    Non Affected Software      * Microsoft Windows NT® Workstation 4.0 Service Pack 6a      * Microsoft Windows 2000 Professional Service Pack 2, Microsoft Windows 2000 Professional Service Pack 3, Microsoft Windows 2000 Professional Service Pack 4      * Microsoft Windows XP, Microsoft Windows XP Service Pack 1      * Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1      * Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1The second patch there was last weeks phishing exploit patch for IE6. So really, if you are currently up-to-date on your patches you only need the first one.As a side note to the phishing patch, Microsoft also released a fix for that patch. This is only for people using XMLHTTP calls, apparently, so, unless you have Microsoft XML 3.0 installed, then it is irrelevant. Quote Link to comment Share on other sites More sharing options...
Stryder Posted February 11, 2004 Share Posted February 11, 2004 If the bug has been around for "years" and not found until a few months ago by people deliberately looking for bugs it doesn't soon too critical. But the fix is classified as Critical so all pcs properly configured to download the update will be fixed. And for all the pcs that end up getting infected they should all have their hard drives wiped and DOS installed. They are obviously not qualified to run anything more sophisticated. The reason I say it has been around for years is that the exploit effects operating systems going all the way back to Windows NT. Which has been around for years. Quote Link to comment Share on other sites More sharing options...
Stryder Posted February 11, 2004 Share Posted February 11, 2004 Peachy, the exploit we are reffering to is not the one you posted. The one we are talking about is here: http://www.microsoft.com/technet/treeview/...in/MS04-007.asp Microsoft Security Bulletin MS04-007 PrintASN.1 Vulnerability Could Allow Code Execution (828028)Issued: February 10, 2004Version Number: 1.0Summary  Who should read this document: Customers who are using Microsoft® Windows®  Impact of vulnerability: Remote Code Execution  Maximum Severity Rating: Critical  Recommendation: Systems administrators should apply the update immediately.  Security Update Replacement: None  Caveats: Windows NT 4.0 (Workstation, Server, and Terminal Server Edition) does not install the affected file by default. This file is installed as part of the MS03-041 Windows NT 4.0 security update and other possible non-security-related hotfixes. If the Windows NT 4.0 security update for MS03-041 is not installed, this may not be a required update. To verify if the affected file is installed, search for the file named Msasn1.dll. If this file is present, this security update is required. Windows Update, Software Update Services, and the Microsoft Security Baseline Analyzer will also correctly detect if this update is required.  Tested Software and Security Update Download Locations:    Affected Software:      * Microsoft Windows NT® Workstation 4.0 Service Pack 6a – Download the update.      * Microsoft Windows NT Server 4.0 Service Pack 6a – Download the update.      * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 – Download the update.      * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft 2000 Windows Service Pack 4 – Download the update.      * Microsoft Windows XP, Microsoft Windows XP Service Pack 1 – Download the update.      * Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update.      * Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1 – Download the update.      * Microsoft Windows Serverâ„¢ 2003 – Download the update.      * Microsoft Windows Server 2003 64-Bit Edition – Download the update.  Tested Microsoft Windows Components:    Affected Components:      * Microsoft ASN.1 Library  The software listed above has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. Please review the Microsoft Support Lifecycle Web site to determine the support lifecycle for your product and version.  Technical Details    A security vulnerability exists in the Microsoft ASN.1 Library that could allow code execution on an affected system. The vulnerability is caused by an unchecked buffer in the Microsoft ASN.1 Library, which could result in a buffer overflow.    An attacker who successfully exploited this buffer overflow vulnerability could execute code with system privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges.    Abstract Syntax Notation 1 (ASN.1) is a data standard that is used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. More information about ASN.1 can be found in Microsoft Knowledge Base Article 252648. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 11, 2004 Share Posted February 11, 2004 Thanks everyone ... got my one new patch in place ZDNet article: Microsoft: ' Patch now' Quote Link to comment Share on other sites More sharing options...
SonicDragon Posted February 13, 2004 Share Posted February 13, 2004 I heard the other day that eEYE has found something like 7 more flaws that ms has not fixed yet. I don't have an article or anything to confirm that though Quote Link to comment Share on other sites More sharing options...
Peachy Posted March 9, 2004 Share Posted March 9, 2004 It's Super Tuesday ala Microsoft.3 patches are available:Vulnerability in MSN Messenger Could Allow Information Disclosure (838512)Vulnerability in Microsoft Outlook Could Allow Code Execution (828040) (Only affects Office XP SP2/Outlook 2002 users)Vulnerability in Windows Media Services Could Allow a Denial of Service (832359) (Only affects Windows 2000 Server)Patch away for those affected by these updates! Quote Link to comment Share on other sites More sharing options...
Rons Posted March 10, 2004 Share Posted March 10, 2004 Thanks Peachy Quote Link to comment Share on other sites More sharing options...
Peachy Posted April 14, 2004 Share Posted April 14, 2004 Get your super Tuesday monthly Microsoft patches! Quote Link to comment Share on other sites More sharing options...
Peachy Posted May 12, 2004 Share Posted May 12, 2004 Second Tuesday of the month. This patch is available!Microsoft Security Bulletin MS04-015Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374) Quote Link to comment Share on other sites More sharing options...
Rons Posted May 12, 2004 Share Posted May 12, 2004 Has anyone tried installing this patch? Any problems to report? Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted May 12, 2004 Author Share Posted May 12, 2004 Well other then my wife leaving me, my cat dying, and I've broken out in hives there are no problems to report so far. Seriously I put in on three machines and client's machine arrived with it already patched. The Client machine had spyware problems that are gone and the unit is fine now. Quote Link to comment Share on other sites More sharing options...
Ed_P Posted May 12, 2004 Share Posted May 12, 2004 II''vvee iinnssttaalleedd iitt aallssoo wwiitthh nnoo pprroobblleemmss.. Quote Link to comment Share on other sites More sharing options...
Rons Posted May 12, 2004 Share Posted May 12, 2004 Nathan,Sorry to hear about the cat! LOL Quote Link to comment Share on other sites More sharing options...
epp_b Posted May 12, 2004 Share Posted May 12, 2004 Well other then my wife leaving me, my cat dying, and I've broken out in hives there are no problems to report so far. Seriously I put in on three machines and client's machine arrived with it already patched. The Client machine had spyware problems that are gone and the unit is fine now.NLine, do you like country music by any chance? Quote Link to comment Share on other sites More sharing options...
striker Posted May 12, 2004 Share Posted May 12, 2004 Here's a piece of information on what this "fix" does to your system ...http://www.computerweekly.com/articles/art...Search=&nPage=1 Quote Link to comment Share on other sites More sharing options...
Peachy Posted June 9, 2004 Share Posted June 9, 2004 Yes, yes, I'm late, epp_b already posted links in the Windows forum, but, just to be consistent, June's security update is for DirectX, any version: http://www.microsoft.com/security/bulletin...06_windows.mspxVulnerability in DirectPlay Could Allow Denial of ServiceVulnerability in Crystal Reports Web Viewer Could Allow Information Disclosure and Denial of ServiceThe second update is only applicable if you use both Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, and have Internet Information Services installed. Other documentation at Microsoft suggests that you don't need to have IIS installed to apply the patch, just the first condition. Quote Link to comment Share on other sites More sharing options...
teacher Posted July 13, 2004 Share Posted July 13, 2004 Another 5 out there. Get them while they are hot!Julia Quote Link to comment Share on other sites More sharing options...
Peachy Posted July 13, 2004 Share Posted July 13, 2004 July security updates from Microsoft are now available:http://www.microsoft.com/security/bulletin...07_windows.mspxLooks like a mix of everything, XP, Windows Servers, IE6 SP1, Outlook Express. Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted July 14, 2004 Author Share Posted July 14, 2004 Slashdot is already calling it black Tuesday. If we stay true to form the viruses will hit in about 2 weeks..... Quote Link to comment Share on other sites More sharing options...
Peachy Posted July 14, 2004 Share Posted July 14, 2004 Looks like this patch, http://www.microsoft.com/technet/security/...n/MS04-024.mspx fixes the shell execution problem highlighted by Mozilla. Interestingly, this is an update to a patch that was released July 16, 2003! Quote Link to comment Share on other sites More sharing options...
redmaledeer Posted July 14, 2004 Share Posted July 14, 2004 Another 5 out there. Get them while they are hot!This brings up the usual problem that the hotter you get them, the more likely you are to be a beta tester for the patch. There seems no clear way of winning, tho I usually wait a week or two. Quote Link to comment Share on other sites More sharing options...
Peachy Posted August 11, 2004 Share Posted August 11, 2004 This month's Microsoft monthly update is only for those users running an Exchange 5.5 Server: http://www.microsoft.com/security/bulletin...8_exchange.mspxThis is a good sign; no new patches for XP this close after the release of SP2. Quote Link to comment Share on other sites More sharing options...
Peachy Posted September 15, 2004 Share Posted September 15, 2004 It's Super Patch Tuesday at Microsoft. Two patches this month:Vulnerability in WordPerfect Converter Could Allow Code ExecutionBuffer Overrun in JPEG Processing (GDI+) Could Allow Code ExecutionThe JPEG update is rated critical and affects Windows, Office, and IE 6. Quote Link to comment Share on other sites More sharing options...
Ed_P Posted September 15, 2004 Share Posted September 15, 2004 The JPEG update is rated critical and affects Windows, Office, and IE 6.But not Windows XP SP2. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.