Peachy Posted October 13, 2004 Posted October 13, 2004 Hey, hey, hey, it's Super Patch Tuesday at Microsoft and they have a fall harvest of bug fixes for October:http://www.microsoft.com/technet/security/...n/ms04-oct.mspxCritical Bulletins:MS04-032 - Security Update for Microsoft Windows (840987)http://www.microsoft.com/technet/security/...n/ms04-032.mspxMS04-033 - Vulnerability in Microsoft Excel Could Allow Code Execution (886836)http://www.microsoft.com/technet/security/...n/ms04-033.mspxMS04-034 - Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376) http://www.microsoft.com/technet/security/...n/ms04-034.mspxMS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881)http://www.microsoft.com/technet/security/...n/ms04-035.mspxMS04-036 - Vulnerability in NNTP Could Allow Code Execution (883935) http://www.microsoft.com/technet/security/...n/ms04-036.mspxMS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)http://www.microsoft.com/technet/security/...n/ms04-037.mspxMS04-038 - Cumulative Security Update for Internet Explorer (834707) http://www.microsoft.com/technet/security/...n/ms04-038.mspxImportant Bulletins:MS04-029 - Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) http://www.microsoft.com/technet/security/...n/ms04-029.mspxMS04-030 - Bulletin Title Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) http://www.microsoft.com/technet/security/...n/ms04-030.mspxMS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution(841533)http://www.microsoft.com/technet/security/...n/ms04-031.mspxRe-Released Bulletins:MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) http://www.microsoft.com/technet/security/...n/ms04-028.mspx Quote
Peachy Posted November 10, 2004 Posted November 10, 2004 Patch Tuesday, once again. This is for ISA 2000 Server:Microsoft Security Bulletin MS04-039Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)http://www.microsoft.com/technet/security/...n/MS04-039.mspx Quote
Peachy Posted December 2, 2004 Posted December 2, 2004 It's not yet Patch Tuesday (that's for next week), but Microsoft has released an IE patch for the IFRAME vulnerability. http://www.microsoft.com/technet/security/...n/MS04-040.mspxThis doesn't affect IE running in Windows XP Service Pack 2 nor Windows Server 2003. Quote
Guest Paracelsus Posted December 3, 2004 Posted December 3, 2004 This doesn't affect IE running in Windows XP Service Pack 2 nor Windows Server 2003.Ah! That explains why I received a "Failed Install" message after I tried the Parch last night from the link in the MS Security Update e-mail.Guess I should read those things a bit more carefully. Quote
Peachy Posted December 14, 2004 Posted December 14, 2004 It's Super Tuesday. This one was actually released on December 1:Cumulative Security Update for Internet Explorer (889293)http://www.microsoft.com/technet/security/...n/MS04-040.mspxThese 5 are from today:Vulnerability in WordPad Could Allow Code Execution (885836)http://www.microsoft.com/technet/security/...n/MS04-041.mspxVulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249) [This is for Windows NT 4 Server only]:http://www.microsoft.com/technet/security/...n/MS04-042.mspxVulnerability in HyperTerminal Could Allow Code Execution (873339)http://www.microsoft.com/technet/security/...n/MS04-043.mspxVulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)http://www.microsoft.com/technet/security/...n/MS04-044.mspx Vulnerability in WINS Could Allow Remote Code Execution (870763) [only server products]:http://www.microsoft.com/technet/security/...n/MS04-045.mspx Quote
Plukaduk Posted December 14, 2004 Posted December 14, 2004 It's Super Tuesday.I call it Patch Wednesday... thanks Peachy. :thumbsup:Edit: I'm 18 hours ahead of the US west coast. Quote
Peachy Posted December 15, 2004 Posted December 15, 2004 I keep a SUS server maintained to track all of Microsoft's updates for all their supported operating systems. After synchronizing my server with Windows Update I noticed a few more patches waiting for approval that are not listed on their main security site. This one, http://support.microsoft.com/kb/886185 is meant for Windows XP Service Pack 2 users running Windows Firewall with a dial-up modem. In a nutshell, it fixes a problem in which the Internet was inadvertantly made a part of the local network, thus exposing your computer to printer and file shares publicly. Quote
Peachy Posted December 15, 2004 Posted December 15, 2004 There's also this Optional Update if you use Windows Update directly: Cumulative Update for Outlook Express for Windows XP (KB887797)http://www.microsoft.com/downloads/details...&DisplayLang=enIt's for Outlook Express in Windows XP Service Pack 2. Not really a critical security update, but I will post it here for thoroughness. Quote
Peachy Posted January 12, 2005 Posted January 12, 2005 Oh yeah, almost forgot. It's Super Patch Tuesday and Microsoft has 3 new patches today:Microsoft Security Bulletin MS05-001Vulnerability in HTML Help Could Allow Code Execution (890175)http://www.microsoft.com/technet/security/...n/MS05-001.mspxMicrosoft Security Bulletin MS05-002Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)http://www.microsoft.com/technet/security/...n/MS05-002.mspxMicrosoft Security Bulletin MS05-003Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)http://www.microsoft.com/technet/security/...n/MS05-003.mspx Quote
Peachy Posted January 12, 2005 Posted January 12, 2005 Just a note to this month's patches: MS05-002 and MS05-003 do not apply to Windows XP Service Pack 2. Quote
TeMerc Posted February 8, 2005 Posted February 8, 2005 Microsoft has released twelve (12) new security bulletins. The security updates for February 2005 include several high-priority updates for Microsoft Windows that also affect Microsoft SharePoint, Microsoft Internet Explorer, and Microsoft Media Player technologies.Critical Updates (8) MS05-005 - Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352) MS05-009 - Vulnerability in PNG Processing Could Allow Remote Code Execution (890261) MS05-010 - Vulnerability in the License Logging Service Could Allow Code Execution (885834) MS05-011 - Vulnerability in Server Message Block Could Allow Remote Code Execution (885250) MS05-012 - Vulnerability in OLE and COM Could Allow Remote Code Execution (873333) MS05-013 - Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781) MS05-014 - Cumulative Security Update for Internet Explorer (867282) MS05-015 - Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113) Important (3) MS05-004 - ASP.NET Path Validation Vulnerability (887219) MS05-007 - Vulnerability in Windows Could Allow Information Disclosure (888302) MS05-008 - Vulnerability in Windows Shell Could Allow Remote Code Execution (890047) Moderate (1) MS05-006 - Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981) Re-released Bulletins (2) MS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881) Security bulletin summary for October 2004 View the Bulletin Summary in http://www.microsoft.com/security/bulletin...02_windows.mspxIf you have any of the software listed on this page installed on your computer, you should visit the visit Windows Update and Office Update websites to install related updates. Quote
Peachy Posted February 8, 2005 Posted February 8, 2005 Super Tuesday it is today and we have a whopping number patches from Microsoft:MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)MS05-014: Cumulative Security Update for Internet Explorer (867282)MS05-013: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)MS05-010: Vulnerability in the License Logging Service Could Allow Code Execution (885834)MS05-009: Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)MS05-008: Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302)MS05-006: Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)MS05-005: Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)MS05-004: ASP.NET Path Validation Vulnerability (887219)http://www.microsoft.com/technet/Security/default.mspxI will edit the links later tonight; gotta go out first! Quote
Guest Paracelsus Posted February 9, 2005 Posted February 9, 2005 (edited) We have a Sticky thread in the Security & Networking area for posting MS Monthly Updates Edited February 9, 2005 by Paracelsus Quote
Peachy Posted March 8, 2005 Posted March 8, 2005 No security updates from Microsoft this month!But if you do go to Windows Update this month you will be asked to download the current month's Windows Malicious Software Removal Tool (KB890830) Quote
Guest LilBambi Posted March 8, 2005 Posted March 8, 2005 AU downloaded the Malicious Software Removal Tool to me when I rebooted the computer 5 minutes ago LOL! Quote
Peachy Posted March 9, 2005 Posted March 9, 2005 Seems I was premature. Microsoft decided to release two Windows 98 patches today after all:Microsoft Security Bulletin MS05-002Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)http://www.microsoft.com/technet/security/...n/ms05-002.mspxMicrosoft Security Bulletin MS05-015Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)http://www.microsoft.com/technet/security/...n/ms05-015.mspxThese are updates previously updated patches. Quote
zlim Posted March 9, 2005 Posted March 9, 2005 Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right. Quote
Guitar Man Posted March 10, 2005 Posted March 10, 2005 Microsoft decided to release two Windows 98 patches today You mean to tell me that M$ is still releasing patches for Win98 ? I thought support was over for that OS long ago. Quote
zlim Posted March 10, 2005 Posted March 10, 2005 I guess enough people still run it that they feel obliged to offer security updates, I check 2nd Tues. of every month with my 98s and ME to get them secure.OT...I finally persuaded a senior couple to spring for a newer refurbed computer. They were running 95 on a 133MHz with a 1.5 gig hd. It was hard to find old software (firewall and antivirus) that would install on 95. They are now the proud owners of a 2K computer with a 10gig hd. I haven't been able to figure out the speed of their new computer. The reseller had 733's on sale for $99 but they were sold by the time my friends could get there. I spent Monday putting on ZA, AVG, SpywareBlaster and MS's anti-spyware program. Quote
fishsticks Posted March 10, 2005 Posted March 10, 2005 Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.<{POST_SNAPBACK}> Hi Zlim,Is there anymore info posted on the internet regarding the problems 891711 is causing? I'm also having super bigtime problems and can't find anything posted on the internet regarding it. I have WinMe and when my windows update downloaded/installed 891711 and 888113 everytime I use IE or other similar applications I get the blue screen of death. I had to use system restore to put things back in order (but then that blew up my Norton AntiVirus installation and I had to reinstall that... nothing but major headaches).I hope Microsoft resolves this, but as I said before I haven't heard much news at all aside from your comment on this forum.Thanks and regards, Fish Quote
striker Posted March 10, 2005 Posted March 10, 2005 (edited) Fish,I stumbled upon this one :http://groups.google.nl/groups?hl=nl&lr=&c....com%26rnum%3D3Here's another one :http://groups.google.nl/groups?hl=nl&lr=&c...%3DN%26tab%3Dwgand there are more on google...(removing the update in safe mode seems to cure it according to some google threads.)HTH Edited March 10, 2005 by striker Quote
Pete! Posted March 10, 2005 Posted March 10, 2005 I'm not having any problems in Win 98SE, but I seem to have a new running process with it's executable in the "start-up" section of msconfigKb891711.exe appears to have been installed at about the same time I got the updates. Quote
fishsticks Posted March 11, 2005 Posted March 11, 2005 Fish,I stumbled upon this one :http://groups.google.nl/groups?hl=nl&lr=&c....com%26rnum%3D3Here's another one :http://groups.google.nl/groups?hl=nl&lr=&c...%3DN%26tab%3Dwgand there are more on google...(removing the update in safe mode seems to cure it according to some google threads.)HTH<{POST_SNAPBACK}> Thanks Striker. I also stumbled upon these threads complaining about the same at DSL Reports and DAL:http://www.dslreports.com/forum/remark,128...e=flat#12875676http://www.d-a-l.com/help/showthread.php?t=15043 Quote
epp_b Posted March 11, 2005 Posted March 11, 2005 Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.<{POST_SNAPBACK}> Doh! From now on, I'm checking here for a few days before updating. I can attest to those blue screens on Win98SE.You mean to tell me that M$ is still releasing patches for Win98 ? I thought support was over for that OS long ago. <{POST_SNAPBACK}> Nope, they extended it until sometime in 2006. Quote
epp_b Posted March 11, 2005 Posted March 11, 2005 Hi Zlim,Is there anymore info posted on the internet regarding the problems 891711 is causing? I'm also having super bigtime problems and can't find anything posted on the internet regarding it. I have WinMe and when my windows update downloaded/installed 891711 and 888113 everytime I use IE or other similar applications I get the blue screen of death. I had to use system restore to put things back in order (but then that blew up my Norton AntiVirus installation and I had to reinstall that... nothing but major headaches).Thanks and regards, Fish<{POST_SNAPBACK}> System restore is NOT reliable period. Then again...neither is WinME! :lol:The most reliable method of backing up and restoration is to use system images or to copy the partition. Quote
Guitar Man Posted March 11, 2005 Posted March 11, 2005 If you're going to use System Restore to undo update damage, then the next time it shows up as an update (and it will after doing a SR rollback), just hide it from the future list of updates.I hope I made sense... Quote
Ed_P Posted March 15, 2005 Posted March 15, 2005 Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.I ran into this Sat. PC would boot to a BLACK (not blue) screen. I booted to Safe Mode and used MSCONFIG to stop KB891711 from starting which resolved the booting problem.I also noticed that they were running an older version of the free version of ZoneAlarm (the one I put on last fall). I upgraded it to the current version. After booting and seeing everything was OK I reenabled KB891711. Rebooted and the system came up fine.hth Quote
nlinecomputers Posted March 16, 2005 Author Posted March 16, 2005 I just had a laptop that hit my bench that was spyware invested and never had ANY updates. Still running IE 5, ick. Got it clean and fully patched and KB891711 stop it cold. Would freeze on boot up. Uninstalled it and everything is fine. I would seriously avoid this patch on 98. Quote
epp_b Posted March 17, 2005 Posted March 17, 2005 (edited) I just had a laptop that hit my bench that was spyware invested and never had ANY updates. Still running IE 5, ick.  Got it clean and fully patched and KB891711 stop it cold. Would freeze on boot up. Uninstalled it and everything is fine. I would seriously avoid this patch on 98.<{POST_SNAPBACK}> Ugh. People like that shouldn't be allowed to own computers... :"> Edited March 17, 2005 by epp_b Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.