Jump to content
Sign in to follow this  
nlinecomputers

Microsoft Monthly Update

Recommended Posts

Hey, hey, hey, it's Super Patch Tuesday at Microsoft and they have a fall harvest of bug fixes for October:http://www.microsoft.com/technet/security/...n/ms04-oct.mspxCritical Bulletins:MS04-032 - Security Update for Microsoft Windows (840987)http://www.microsoft.com/technet/security/...n/ms04-032.mspxMS04-033 - Vulnerability in Microsoft Excel Could Allow Code Execution (886836)http://www.microsoft.com/technet/security/...n/ms04-033.mspxMS04-034 - Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376) http://www.microsoft.com/technet/security/...n/ms04-034.mspxMS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881)http://www.microsoft.com/technet/security/...n/ms04-035.mspxMS04-036 - Vulnerability in NNTP Could Allow Code Execution (883935) http://www.microsoft.com/technet/security/...n/ms04-036.mspxMS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)http://www.microsoft.com/technet/security/...n/ms04-037.mspxMS04-038 - Cumulative Security Update for Internet Explorer (834707) http://www.microsoft.com/technet/security/...n/ms04-038.mspxImportant Bulletins:MS04-029 - Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) http://www.microsoft.com/technet/security/...n/ms04-029.mspxMS04-030 - Bulletin Title Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) http://www.microsoft.com/technet/security/...n/ms04-030.mspxMS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution(841533)http://www.microsoft.com/technet/security/...n/ms04-031.mspxRe-Released Bulletins:MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) http://www.microsoft.com/technet/security/...n/ms04-028.mspx

Share this post


Link to post
Share on other sites
Guest Paracelsus
This doesn't affect IE running in Windows XP Service Pack 2 nor Windows Server 2003.
Ah! That explains why I received a "Failed Install" message after I tried the Parch last night from the link in the MS Security Update e-mail.Guess I should read those things a bit more carefully. :lol:

Share this post


Link to post
Share on other sites

It's Super Tuesday. This one was actually released on December 1:Cumulative Security Update for Internet Explorer (889293)http://www.microsoft.com/technet/security/...n/MS04-040.mspxThese 5 are from today:Vulnerability in WordPad Could Allow Code Execution (885836)http://www.microsoft.com/technet/security/...n/MS04-041.mspxVulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249) [This is for Windows NT 4 Server only]:http://www.microsoft.com/technet/security/...n/MS04-042.mspxVulnerability in HyperTerminal Could Allow Code Execution (873339)http://www.microsoft.com/technet/security/...n/MS04-043.mspxVulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)http://www.microsoft.com/technet/security/...n/MS04-044.mspx Vulnerability in WINS Could Allow Remote Code Execution (870763) [only server products]:http://www.microsoft.com/technet/security/...n/MS04-045.mspx

Share this post


Link to post
Share on other sites
It's Super Tuesday.
I call it Patch Wednesday... thanks Peachy. :thumbsup:Edit: I'm 18 hours ahead of the US west coast. :D

Share this post


Link to post
Share on other sites

I keep a SUS server maintained to track all of Microsoft's updates for all their supported operating systems. After synchronizing my server with Windows Update I noticed a few more patches waiting for approval that are not listed on their main security site. This one, http://support.microsoft.com/kb/886185 is meant for Windows XP Service Pack 2 users running Windows Firewall with a dial-up modem. In a nutshell, it fixes a problem in which the Internet was inadvertantly made a part of the local network, thus exposing your computer to printer and file shares publicly.

Share this post


Link to post
Share on other sites

Oh yeah, almost forgot. It's Super Patch Tuesday and Microsoft has 3 new patches today:Microsoft Security Bulletin MS05-001Vulnerability in HTML Help Could Allow Code Execution (890175)http://www.microsoft.com/technet/security/...n/MS05-001.mspxMicrosoft Security Bulletin MS05-002Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)http://www.microsoft.com/technet/security/...n/MS05-002.mspxMicrosoft Security Bulletin MS05-003Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)http://www.microsoft.com/technet/security/...n/MS05-003.mspx :)

Share this post


Link to post
Share on other sites

Just a note to this month's patches: MS05-002 and MS05-003 do not apply to Windows XP Service Pack 2. B)

Share this post


Link to post
Share on other sites

Microsoft has released twelve (12) new security bulletins. The security updates for February 2005 include several high-priority updates for Microsoft Windows that also affect Microsoft SharePoint, Microsoft Internet Explorer, and Microsoft Media Player technologies.Critical Updates (8)

Important (3)

Moderate (1)

Re-released Bulletins (2)

View the Bulletin Summary in http://www.microsoft.com/security/bulletin...02_windows.mspxIf you have any of the software listed on this page installed on your computer, you should visit the visit Windows Update and Office Update websites to install related updates.

Share this post


Link to post
Share on other sites

Super Tuesday it is today and we have a whopping number patches from Microsoft:MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)MS05-014: Cumulative Security Update for Internet Explorer (867282)MS05-013: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)MS05-010: Vulnerability in the License Logging Service Could Allow Code Execution (885834)MS05-009: Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)MS05-008: Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302)MS05-006: Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)MS05-005: Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)MS05-004: ASP.NET Path Validation Vulnerability (887219)http://www.microsoft.com/technet/Security/default.mspxI will edit the links later tonight; gotta go out first! :whistling:

Share this post


Link to post
Share on other sites
Guest Paracelsus

We have a Sticky thread in the Security & Networking area for posting MS Monthly Updates ;)

Edited by Paracelsus

Share this post


Link to post
Share on other sites

No security updates from Microsoft this month!But if you do go to Windows Update this month you will be asked to download the current month's Windows Malicious Software Removal Tool (KB890830)

Share this post


Link to post
Share on other sites

AU downloaded the Malicious Software Removal Tool to me when I rebooted the computer 5 minutes ago LOL!

Share this post


Link to post
Share on other sites

Seems I was premature. Microsoft decided to release two Windows 98 patches today after all:Microsoft Security Bulletin MS05-002Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)http://www.microsoft.com/technet/security/...n/ms05-002.mspxMicrosoft Security Bulletin MS05-015Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)http://www.microsoft.com/technet/security/...n/ms05-015.mspxThese are updates previously updated patches. :devil:

Share this post


Link to post
Share on other sites

Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.

Share this post


Link to post
Share on other sites
Microsoft decided to release two Windows 98 patches today
You mean to tell me that M$ is still releasing patches for Win98 ? :thumbsup: I thought support was over for that OS long ago. :thumbsup:

Share this post


Link to post
Share on other sites

I guess enough people still run it that they feel obliged to offer security updates, I check 2nd Tues. of every month with my 98s and ME to get them secure.OT...I finally persuaded a senior couple to spring for a newer refurbed computer. They were running 95 on a 133MHz with a 1.5 gig hd. It was hard to find old software (firewall and antivirus) that would install on 95. They are now the proud owners of a 2K computer with a 10gig hd. I haven't been able to figure out the speed of their new computer. The reseller had 733's on sale for $99 but they were sold by the time my friends could get there. I spent Monday putting on ZA, AVG, SpywareBlaster and MS's anti-spyware program.

Share this post


Link to post
Share on other sites
Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.

Hi Zlim,Is there anymore info posted on the internet regarding the problems 891711 is causing? I'm also having super bigtime problems and can't find anything posted on the internet regarding it. I have WinMe and when my windows update downloaded/installed 891711 and 888113 everytime I use IE or other similar applications I get the blue screen of death. I had to use system restore to put things back in order (but then that blew up my Norton AntiVirus installation and I had to reinstall that... nothing but major headaches).I hope Microsoft resolves this, but as I said before I haven't heard much news at all aside from your comment on this forum.Thanks and regards, Fish

Share this post


Link to post
Share on other sites

I'm not having any problems in Win 98SE, but I seem to have a new running process with it's executable in the "start-up" section of msconfigKb891711.exe appears to have been installed at about the same time I got the updates.

Share this post


Link to post
Share on other sites
Fish,I stumbled upon this one :http://groups.google.nl/groups?hl=nl&lr=&c....com%26rnum%3D3Here's another one :http://groups.google.nl/groups?hl=nl&lr=&c...%3DN%26tab%3Dwgand there are more on google...(removing the update in safe mode seems to cure it according to some google threads.)HTH

Thanks Striker. I also stumbled upon these threads complaining about the same at DSL Reports and DAL:http://www.dslreports.com/forum/remark,128...e=flat#12875676http://www.d-a-l.com/help/showthread.php?t=15043

Share this post


Link to post
Share on other sites
Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.

Doh! From now on, I'm checking here for a few days before updating. I can attest to those blue screens on Win98SE.
You mean to tell me that M$ is still releasing patches for Win98 ?  :rolleyes: I thought support was over for that OS long ago.  :P

Nope, they extended it until sometime in 2006.

Share this post


Link to post
Share on other sites
Hi Zlim,Is there anymore info posted on the internet regarding the problems 891711 is causing?  I'm also having super bigtime problems and can't find anything posted on the internet regarding it.  I have WinMe and when my windows update downloaded/installed 891711 and 888113 everytime I use IE or other similar applications I get the blue screen of death.  I had to use system restore to put things back in order (but then that blew up my Norton AntiVirus installation and I had to reinstall that... nothing but major headaches).Thanks and regards, Fish

System restore is NOT reliable period. Then again...neither is WinME! :lol:The most reliable method of backing up and restoration is to use system images or to copy the partition.

Share this post


Link to post
Share on other sites

If you're going to use System Restore to undo update damage, then the next time it shows up as an update (and it will after doing a SR rollback), just hide it from the future list of updates.I hope I made sense... :rolleyes:

Share this post


Link to post
Share on other sites
Some people are having major problems (BSOD) with 891711. I put it on my list to avoid until MS gets it right.
I ran into this Sat. PC would boot to a BLACK (not blue) screen. I booted to Safe Mode and used MSCONFIG to stop KB891711 from starting which resolved the booting problem.I also noticed that they were running an older version of the free version of ZoneAlarm (the one I put on last fall). I upgraded it to the current version. After booting and seeing everything was OK I reenabled KB891711. Rebooted and the system came up fine.hth

Share this post


Link to post
Share on other sites

I just had a laptop that hit my bench that was spyware invested and never had ANY updates. Still running IE 5, ick. Got it clean and fully patched and KB891711 stop it cold. Would freeze on boot up. Uninstalled it and everything is fine. I would seriously avoid this patch on 98.

Share this post


Link to post
Share on other sites
I just had a laptop that hit my bench that was spyware invested and never had ANY updates.  Still running IE 5, ick.   Got it clean and fully patched and KB891711 stop it cold.  Would freeze on boot up.  Uninstalled it and everything is fine.  I would seriously avoid this patch on 98.

Ugh. People like that shouldn't be allowed to own computers... ;) :"> Edited by epp_b

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...