January 12, 2005
Microsoft Security Bulletin Summary for January 2005
This month Microsoft has released 2 critical update bulletins and
one important bulletin.
Critical Security Bulletins
1. MS05-001 - Vulnerability in HTML Help Could Allow Remote Code
Execution (890175)
Affected software Windows 2000 sp 3 & 4
XP sp 1 & 2 / XP 64 bit
Windows 2003 / Windows 2003 64 bit
2. MS05-002 - Vulnerability in Cursor and Icon Format Handling
Could Allow Remote Code Execution (891711)
Affected software Windows 2000 sp 3 & 4
XP sp 1 & 2 / XP 64 bit
Windows 2003 / Windows 2003 64 bit
December 15, 2004
Microsoft Security Bulletin Summary for December 2004 - Revised
CRITICAL: Cumulative Security Update for Internet Explorer
- Affected Software:
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition
Service Pack 6
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
Plus there are 5 important security bulletins:
MS04-041 - Vulnerability in WordPad Could Allow Code Execution
MS04-042 - Vulnerability in DHCP Could Allow Remote Code
Execution and Denial of Service
MS04-043 - Vulnerability in HyperTerminal Could Allow Code
Execution
MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could
Allow Elevation of Privilege
MS04-045 - Vulnerability in WINS Could Allow Remote Code
Execution
Details are below.
Dave Nelson
December 03, 2004
Microsoft Security Bulletin Summary for December 2004
For the month of December, Microsoft has released one critical security
bulletin.
MS04-040 - Cumulative Security Update for Internet Explorer
(889293)
- Affected Software:
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition
Service Pack 6
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Review the FAQ section of bulletin MS04-O40 for
information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)
- Impact: Remote Code Execution
- Version Number: 1.0
November 12, 2004
Microsoft Security Bulletin Summary for November 2004
Only one IMPORTANT security notice from Microsoft for November.
A vulnerability in the ISA server 2000 and Proxy server 2.0 could
allow internet content spoofing. See complete bulletin below.
*-------------------------------------------------------------------
********************************************************************
Title: Microsoft Security Bulletin Summary for November 2004
Issued: November 9, 2004
Version Number: 1.0
Bulletin: http://go.microsoft.com/fwlink/?LinkId=37221
********************************************************************
Important Security Bulletins
===========================
MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server
2.0 Could Allow Internet Content Spoofing (888258)
Continue reading "Microsoft Security Bulletin Summary for November 2004"
October 20, 2004
Microsoft Security Bulletin Summary for October 2004
We have a bunch of them here. There are 7 critical and 3 important.
I will also attach one updated bulletin MS04-028 which have revised
security updates for Office XP, Visio 2002, and Project 2002.
Affected software is listed below each bulletin.
Critical:
1. MS04-032 - Security Update for Microsoft Windows (840987)
Looks like Windows XP SP2 is OK - patch needed for all other Windows.
2. MS04-033 - Vulnerability in Microsoft Excel Could Allow
Remote Code Execution (886836)
Microsoft Office 2000 Software Service Pack 3
Microsoft Office XP Software Service Pack 2
Microsoft Office 2001 for Mac
Microsoft Office v. X for Mac
September 18, 2004
Mozilla, Firefox and Thunderbird CRITICAL vulerabilites
Secunia has released an advisory about several CRITICAL vulnerablites in recent version of Mozilla, Firefox and Thunderbird. You should upgrade all versions of Mozilla to at least 1.7.3, Firefox to at least "Preview Release" and Thunderbird to at least 0.8.
See: http://secunia.com/advisories/12526/
September 15, 2004
Microsoft Security Bulletin Summary for September 2004
There is one CRITICAL udpate - buffer overrun in JPEG processing (GDI+)
which could allow code execution.
See the list below for affected software (MS04-028)
One important bulletin:
Important Security Bulletins
============================
MS04-027 - Vulnerability in WordPerfect Converter Could
Allow Code Execution (884933)
- Affected Software:
- Office 2003
- Office XP Service Pack 3
- Office 2000 Service Pack 3
- Works Suite (All versions)
- Impact: Remote Code Execution
- Version Number: 1.0
August 10, 2004
Interesting new backdoor
Symantec is warning us about a new backdoor they've called Backdoor.Moonlit. Apparently the backdoor will listen on an algorithmically derived port based on the computers IP address. The algorithm is designed so that each infected computer within an address space will likely be listening for remote connections on a different port. Remote computers can determine on which port the infected computer is listening using the IP address plus a known algorithm. The traffic to & from the Moonlit backdoor is also encoded.
This makes detection of the backdoor quite difficult.
See: Symantec information.
Stay tuned.
--Mike
July 14, 2004
Microsoft Security Bulletin Summary for July 2004
Here are the SEVEN new security updates from Microsoft.
2 of the 7 are CRITICAL - IE flaws
4 are IMPORTANT - remote code execution
1 is MODERATE - for outlook express.
Exploits for these holes should be showing up in 5 to 7 days. Please
get your systems patched.
MS04-024 - Vulnerability in Windows Shell Could Allow Remote
Code Execution (839645) is being picked as the
vulnerability which worms
and viruses will be targeting.
Affected operating systems - Windows 98 to Windows 2003 server.
Update Availability:
===================
Updates are available to address these issues.
For additional information, including Technical Details,
Workarounds, answers to Frequently Asked Questions,
and Update Deployment Information please read
the Microsoft Security Bulletin Summary for this
month at: http://go.microsoft.com/fwlink/?LinkId=32567
June 24, 2004
IIS expoit loads malicious JavaScript
We have reports that Microsoft IIS servers being compromised. After a machine is compromised, a document footer is added for each Web site on the compromised Web server. The document footer appends malicious JavaScript to all of the web sites served by the machine.
The vulnerability being used to compromise IIS is not known. The goal of this malicious JavaScript is to compromise Microsoft Internet Explorer and install a keystroke logger. Currently, the only advise we can give is to make sure all patches have been installed and Internet Explorer and IIS are at the current patch level.