Jump to content


Microsoft Monthly Update


  • Please log in to reply
135 replies to this topic

#1 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 10 February 2004 - 09:02 PM

It is the second Tuesday of the month and as scheduled Microsoft has released all the newly issued patches for the month.Microsoft has issued 3 patches. One to correct a buffer overflow that can allow an attacker to gain control of the computer, a set of patches to fix various security issues in Internet Explorer that allow attackers to spoof websites, and a issue with the WINS service on Windows Servers that could lead to a Denial of Service Attack. Full Story and Links to Technet
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#2 OFFLINE   SonicDragon

SonicDragon

    Discussion Deity

  • Forum MVP
  • 4,188 posts

Posted 10 February 2004 - 10:53 PM

Apparently there is a very very very critical update in there. I was listening to some security pro on tech tv saying that this was the biggest windows flaw he had ever seen etc, and could potensially be like the worst ever.But, the security company that found it did a pretty good job about keeping it secret and only telling ms, who now has a patch out (it took them over 200 days though). This guy was estimating two to three weeks before it would be really exploited... who knows  :huh: Anyone got a good article on this? I haven't read the news today...<edit>Here's  a slashdot story.</edit>

Edited by SonicDragon, 10 February 2004 - 10:57 PM.


#3 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 10 February 2004 - 11:53 PM

Yes after I posted my story I found some of the information that you had on that.  Very troublesome that it took over 200 days to fix this.  Nice to see that eEye sat on it and allowed MS time to fix it but 6 months is too long.  Linux can have bugs and get them fixed in days and often it by part timers doing work on there dime.  Why the heck does it take so friggen long for Bill and his hired gang of marketing idiots to buy a clue? :huh:  :huh:
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#4 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 11 February 2004 - 12:08 AM

This may also be related to the big OpenSSL bug that was found about 4 months ago:http://www.mandrakes...=MDKSA-2003:098They fixed it fast and Microsoft sleeps.
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#5 OFFLINE   Stryder

Stryder

    Multithreader

  • Members
  • PipPipPipPipPipPipPipPip
  • 1,073 posts

Posted 11 February 2004 - 12:13 AM

From what I read this exploit went down to the very core of ntfs operating systems. A Microsoft security executive said the flawed software was "an extremely deep and pervasive technology in Windows".  The problems affected a technology in the ntfs versions of Windows known as "abstract syntax notation," a way to share data across different computers. Some of Microsoft's built-in security features -- such as its Kerberos cryptography system -- rely on the flawed software.This exploit has actually been there for years. Very scary thought.

#6 OFFLINE   Ed_P

Ed_P

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,096 posts

Posted 11 February 2004 - 12:56 AM

If the bug has been around for "years" and not found until a few months ago by people deliberately looking for bugs it doesn't sound too critical.  But the fix is classified as Critical so all pcs properly configured to download the update will be fixed.  And for all the pcs that end up getting infected they should all have their hard drives wiped and DOS installed.  They are obviously not qualified to run anything more sophisticated.   :D
Ed

#7 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,448 posts

Posted 11 February 2004 - 01:10 AM

The third update only affects Windows Server 2003 running WINS and Windows 2000 Server SP2 and earlier and Windows NT 4.0 Server:

Quote

Microsoft Security Bulletin MS04-006  PrintVulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)Issued: February 10, 2004Version Number: 1.0Summary    Who should read this document: Customers who are using Microsoft® Windows Internet Naming Service (WINS)®    Impact of vulnerability: Remote Code Execution    Maximum Severity Rating: Important    Recommendation: WINS server administrators should install the patch at the earliest opportunity.    Security Update Replacement: None    Caveats: None    Tested Software and Security Update Download Locations:        Affected Software            * Microsoft Windows NT® Server 4.0 Service Pack 6a - Download the update            * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Download the update            * Microsoft Windows 2000 Server Service Pack 2, Microsoft Windows 2000 Server Service Pack 3, Microsoft Windows 2000 Server Service Pack 4 - Download the update            * Microsoft Windows Server™ 2003 - Download the update            * Microsoft Windows Server 2003 64-Bit Edition - Download the update        Non Affected Software            * Microsoft Windows NT® Workstation 4.0 Service Pack 6a            * Microsoft Windows 2000 Professional Service Pack 2, Microsoft Windows 2000 Professional Service Pack 3, Microsoft Windows 2000 Professional Service Pack 4            * Microsoft Windows XP, Microsoft Windows XP Service Pack 1            * Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1            * Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1
The second patch there was last weeks phishing exploit patch for IE6. So really, if you are currently up-to-date on your patches you only need the first one.As a side note to the phishing patch, Microsoft also released a fix for that patch. This is only for people using XMLHTTP calls, apparently, so, unless you have Microsoft XML 3.0 installed, then it is irrelevant.

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#8 OFFLINE   Stryder

Stryder

    Multithreader

  • Members
  • PipPipPipPipPipPipPipPip
  • 1,073 posts

Posted 11 February 2004 - 01:25 AM

EdP, on Feb 10 2004, 11:51 PM, said:

If the bug has been around for "years" and not found until a few months ago by people deliberately looking for bugs it doesn't soon too critical.  But the fix is classified as Critical so all pcs properly configured to download the update will be fixed.  And for all the pcs that end up getting infected they should all have their hard drives wiped and DOS installed.  They are obviously not qualified to run anything more sophisticated.   :D
The reason I say it has been around for years is that the exploit effects operating systems going all the way back to Windows NT. Which has been around for years.

#9 OFFLINE   Stryder

Stryder

    Multithreader

  • Members
  • PipPipPipPipPipPipPipPip
  • 1,073 posts

Posted 11 February 2004 - 01:28 AM

Peachy, the exploit we are reffering to is not the one you posted. The one we are talking about is here: http://www.microsoft...in/MS04-007.asp

Quote

Microsoft Security Bulletin MS04-007  PrintASN.1 Vulnerability Could Allow Code Execution (828028)Issued: February 10, 2004Version Number: 1.0Summary    Who should read this document: Customers who are using Microsoft® Windows®    Impact of vulnerability: Remote Code Execution    Maximum Severity Rating: Critical    Recommendation: Systems administrators should apply the update immediately.    Security Update Replacement: None    Caveats: Windows NT 4.0 (Workstation, Server, and Terminal Server Edition) does not install the affected file by default. This file is installed as part of the MS03-041 Windows NT 4.0 security update and other possible non-security-related hotfixes. If the Windows NT 4.0 security update for MS03-041 is not installed, this may not be a required update. To verify if the affected file is installed, search for the file named Msasn1.dll. If this file is present, this security update is required. Windows Update, Software Update Services, and the Microsoft Security Baseline Analyzer will also correctly detect if this update is required.    Tested Software and Security Update Download Locations:        Affected Software:            * Microsoft Windows NT® Workstation 4.0 Service Pack 6a – Download the update.            * Microsoft Windows NT Server 4.0 Service Pack 6a – Download the update.            * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 – Download the update.            * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft 2000 Windows Service Pack 4 – Download the update.            * Microsoft Windows XP, Microsoft Windows XP Service Pack 1 – Download the update.            * Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update.            * Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1 – Download the update.            * Microsoft Windows Server™ 2003 – Download the update.            * Microsoft Windows Server 2003 64-Bit Edition – Download the update.    Tested Microsoft Windows Components:        Affected Components:            * Microsoft ASN.1 Library    The software listed above has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. Please review the Microsoft Support Lifecycle Web site to determine the support lifecycle for your product and version.    Technical Details        A security vulnerability exists in the Microsoft ASN.1 Library that could allow code execution on an affected system. The vulnerability is caused by an unchecked buffer in the Microsoft ASN.1 Library, which could result in a buffer overflow.        An attacker who successfully exploited this buffer overflow vulnerability could execute code with system privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges.        Abstract Syntax Notation 1 (ASN.1) is a data standard that is used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. More information about ASN.1 can be found in Microsoft Knowledge Base Article 252648.


#10 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,553 posts

Posted 11 February 2004 - 10:52 AM

Thanks everyone ... got my one new patch in place :DZDNet  article: Microsoft: ' Patch now'
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#11 OFFLINE   SonicDragon

SonicDragon

    Discussion Deity

  • Forum MVP
  • 4,188 posts

Posted 12 February 2004 - 09:00 PM

I heard the other day that eEYE has found something like 7 more flaws that ms has not fixed yet. I don't have an article or anything to confirm that though :ph34r:

#12 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,448 posts

Posted 09 March 2004 - 07:55 PM

It's Super Tuesday ala Microsoft.3 patches are available:Vulnerability in MSN Messenger Could Allow Information Disclosure (838512)Vulnerability in Microsoft Outlook Could Allow Code Execution (828040) (Only affects Office XP SP2/Outlook 2002 users)Vulnerability in Windows Media Services Could Allow a Denial of Service (832359) (Only affects Windows 2000 Server)Patch away for those affected by these updates! :whistling:

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#13 OFFLINE   Rons

Rons

    Forum Fiend

  • Forum MVP
  • 1,753 posts

Posted 09 March 2004 - 09:00 PM

Thanks Peachy :whistling:

#14 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,448 posts

Posted 13 April 2004 - 09:32 PM

Get your super Tuesday monthly Microsoft patches!

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#15 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,448 posts

Posted 12 May 2004 - 12:10 AM

Second Tuesday of the month. This patch is available!Microsoft Security Bulletin MS04-015Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#16 OFFLINE   Rons

Rons

    Forum Fiend

  • Forum MVP
  • 1,753 posts

Posted 12 May 2004 - 09:45 AM

Has anyone tried installing this patch? Any problems to report? :D

#17 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 12 May 2004 - 10:28 AM

Well other then my wife leaving me, my cat dying, and I've broken out in hives there are no problems to report so far.   :D Seriously I put in on three machines and client's machine arrived with it already patched.  The Client machine had spyware problems that are gone and the unit is fine now.
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#18 OFFLINE   Ed_P

Ed_P

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,096 posts

Posted 12 May 2004 - 11:07 AM

II''vvee  iinnssttaalleedd  iitt  aallssoo  wwiitthh  nnoo  pprroobblleemmss..   :D  :w00t:
Ed

#19 OFFLINE   Rons

Rons

    Forum Fiend

  • Forum MVP
  • 1,753 posts

Posted 12 May 2004 - 12:37 PM

Nathan,Sorry to hear about the cat! LOL :D

#20 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 12 May 2004 - 01:29 PM

nlinecomputers, on May 12 2004, 09:30 AM, said:

Well other then my wife leaving me, my cat dying, and I've broken out in hives there are no problems to report so far.   :D Seriously I put in on three machines and client's machine arrived with it already patched.  The Client machine had spyware problems that are gone and the unit is fine now.
NLine, do you like country music by any chance? :w00t:

#21 OFFLINE   striker

striker

    handyman

  • Honorary Moderators
  • 8,509 posts

Posted 12 May 2004 - 02:37 PM

Here's a piece of information on what this "fix" does to your system ...http://www.computerw...Search=&nPage=1
Striker
still the same...

#22 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,448 posts

Posted 09 June 2004 - 09:33 AM

Yes, yes, I'm late, epp_b already posted links in the Windows forum, but, just to be consistent, June's security update is for DirectX, any version: http://www.microsoft...06_windows.mspxVulnerability in DirectPlay Could Allow Denial of ServiceVulnerability in Crystal Reports Web Viewer Could Allow Information Disclosure and Denial of ServiceThe second update is only applicable if you use both Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, and have Internet Information Services installed. Other documentation at Microsoft suggests that you don't need to have IIS installed to apply the patch, just the first condition.

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#23 OFFLINE   teacher

teacher

    Acute Mac

  • Honorary Moderators
  • 13,854 posts

Posted 13 July 2004 - 07:34 PM

Another 5 out there.  Get them while they are hot!Julia ;)
Teacher
Beach Bum Extraordinaire

#24 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,448 posts

Posted 13 July 2004 - 07:39 PM

July security updates from Microsoft are now available:http://www.microsoft...07_windows.mspxLooks like a mix of everything, XP, Windows Servers, IE6 SP1, Outlook Express. B)

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#25 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 13 July 2004 - 08:08 PM

Slashdot is already calling it black Tuesday.  If we stay true to form the viruses will hit in about 2 weeks..... B)
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users