QODS ec

Wednesday, July 14, 2004

SEC: UNIRAS Brief - 360/04 - Microsoft - Security updates to address newly discovered issues in Microsoft(R) Windows(R)

Gmail - [INFOCON] UNIRAS Brief - 360/04 - Microsoft - Security updates to address newly discovered issues in Microsoft(R) Windows(R)



-----BEGIN PGP SIGNED MESSAGE-----

-
----------------------------------------------------------------------------
------
UNIRAS (UK Govt CERT) Briefing Notice - 360/04 dated 13.07.04 Time:
21:36
UNIRAS is part of NISCC (National Infrastructure Security Co-ordination
Centre)
-
----------------------------------------------------------------------------
------
UNIRAS material is also available from its website at www.uniras.gov.uk
and
Information about NISCC is available from www.niscc.gov.uk
-
----------------------------------------------------------------------------
------

Title
=====
Microsoft security updates to address newly discovered issues in
Microsoft(R) Windows(R)

Detail
======
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Today 13 July 2004, Microsoft is releasing 7 security updates for newly
discovered vulnerabilities in Microsoft Windows.

- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Moderate, MS04-018
- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Important, MS04-019
- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Important, MS04-020
- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Important, MS04-021
- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Critical, MS04-022
- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Critical, MS04-023
- One Microsoft Security Bulletin affecting Microsoft Windows with a
maximum severity of Important, MS04-024

Summaries for these new bulletins may be found at the following page:
- http://www.microsoft.com/technet/security/bulletin/ms04-jul.mspx

Customers are advised to review the information in the bulletins, test and
deploy the updates immediately in their environments, if applicable.

Microsoft will host a webcast tomorrow to address customer questions on
these bulletins. For more information on this webcast please see
below:
- Information about Microsoft's July Security Bulletins
- Wednesday, July 14, 2004 10:00 AM - Wednesday, July 14, 2004 11:00 AM
(GMT-08:00) Pacific Time (US & Canada)
- http://go.microsoft.com/fwlink/?LinkId=30865

- The on-demand version of the webcast will be available 24 hours after the
live webcast at:
- http://go.microsoft.com/fwlink/?LinkId=30865

MS04-018

Title: Cumulative Security Update for Outlook Express (823353)

Affected Software:
- Microsoft Windows NT Workstation 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP and Microsoft Windows XP Service Pack 1
- Microsoft Windows XP 64-Bit Edition Service Pack 1
- Microsoft Windows XP 64-Bit Edition Version 2003
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 64-Bit Edition
- Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of this
bulletin for details about these operating systems.

Affected Components:
- Microsoft Outlook Express 5.5 Service Pack 2
- Microsoft Outlook Express 6
- Microsoft Outlook Express 6 Service Pack 1
- Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition)
- Microsoft Outlook Express 6 on Windows Server 2003
- Microsoft Outlook Express 6 on Windows Server 2003 (64 bit
edition)

Impact of Vulnerability: Denial of Service

Maximum Severity Rating: Moderate

Restart required: In some cases, this update does not require a restart.
The installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be stopped
for any reason or if required files are in use, this update will require a
restart. If this occurs, a message appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx
**********************************************************************

MS04-019

Title: Vulnerability in Utility Manager Could Allow Code Execution
(842526)

Affected Software:
- Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4

Impact of Vulnerability: Local Elevation of Privilege

Maximum Severity Rating: Important

Restart required: In some cases, this update does not require a restart.
The installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be stopped
for any reason or if required files are in use, this update will require a
restart. If this occurs, a message appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-019.mspx
**********************************************************************

MS04-020

Title: Vulnerability in POSIX Could Allow Code Execution (841872)

Affected Software:
- Microsoft Windows NT Workstation 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4

Impact of Vulnerability: Local Elevation of Privilege

Maximum Severity Rating: Important

Restart required: In some cases, this update does not require a restart. The
installer stops the required services, applies the update, and then restarts
the services. However, if the required services cannot be stopped for any
reason or if required files are in use, this update will require a restart.
If this occurs, a message appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx
**********************************************************************

MS04-021

Title: Security Update for IIS 4.0 (841373)

Affected Software:
- Microsoft Windows NT Workstation 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Service Pack 6a

Affected Components:
- Microsoft Internet Information Server (IIS) 4.0

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Important

Restart required: Yes

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-021.mspx
**********************************************************************

MS04-022

Title: Vulnerability in Task Scheduler Could Allow Code Execution
(841873)

Affected Software:
- Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP and Microsoft Windows XP Service Pack 1
- Microsoft Windows XP 64-Bit Edition Service Pack 1

Affected Components:
- Internet Explorer 6 when installed on Windows NT 4.0 SP6a (Workstation,
Server, or Terminal Server Edition)

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart required: In some cases, this update does not require a restart. The
installer stops the required services, applies the update, and then restarts
the services. However, if the required services cannot be stopped for any
reason or if required files are in use, this update will require a restart.
If this occurs, a message appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-022.mspx
**********************************************************************

MS04-023

Title: Vulnerability in HTML Help Could Allow Code Execution
(840315)

Affected Software:
- Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP and Microsoft Windows XP Service Pack 1
- Microsoft Windows XP 64-Bit Edition Service Pack 1
- Microsoft Windows XP 64-Bit Edition Version 2003
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 64-Bit Edition
- Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (ME) - Review the FAQ section of this
bulletin for details about these operating systems.

Affected Components:
- Internet Explorer 6.0 Service Pack 1 when installed on Windows NT 4.0
SP6a (Workstation, Server, or Terminal Server Edition)

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart required: In some cases, this update does not require a restart. The
installer stops the required services, applies the update, and then restarts
the services. However, if the required services cannot be stopped for any
reason or if required files are in use, this update will require a restart.
If this occurs, a message appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx
**********************************************************************

MS04-024

Title: Vulnerability in Windows Shell Could Allow Remote Code Execution
(839645)

Affected Software:
- Microsoft Windows NT(r) Workstation 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Microsoft Windows NT(r) Workstation 4.0 Service Pack 6a with Active
Desktop
- Microsoft Windows NT Server 4.0 Service Pack 6a with Active Desktop
- Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
with Active Desktop
- Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP and Microsoft Windows XP Service Pack 1
- Microsoft Windows XP 64-Bit Edition Service Pack 1
- Microsoft Windows XP 64-Bit Edition Version 2003
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 64-Bit Edition
- Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (ME) - Review the FAQ section of this
bulletin for details about these operating systems.

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Important

Restart required: In some cases, this update does not require a restart.
The installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be stopped
for any reason or if required files are in use, this update will require a
restart. If this occurs, a message appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
**********************************************************************

PLEASE VISIT http://www.microsoft.com/technet/security FOR THE MOST CURRENT
INFORMATION ON THESE ALERTS.

If you have any questions regarding the security updates or its
implementation after reading the above listed bulletin you should contact
Product Support Services in the United States at 1-866-PCSafety
(1-866-727-2338). International customers should contact their local
subsidiary.

Thank you,
Microsoft PSS Security Team

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQPQkAJoTaijrcixLEQJLqwCgxkitvA48KVbfszKNOZNnrC4c7wkAnRYK
fZ4CsskFTS9dKC02Q2RDIOcO
=UHe5
- -----END PGP SIGNATURE-----

-
----------------------------------------------------------------------------
------

For additional information or assistance, please contact the HELP Desk by
telephone or Not Protectively Marked information may be sent via EMail to:
uniras@niscc.gov.uk

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

-
----------------------------------------------------------------------------
------
UNIRAS wishes to acknowledge the contributions of Microsoft Corporation for
the information contained in this Briefing.
-
----------------------------------------------------------------------------
------
This Briefing contains the information released by the original author. Some
of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory from
the canonical site to ensure that you receive the most current information
concerning that problem.

Reference to any specific commercial product, process, or service by trade
name, trademark manufacturer, or otherwise, does not constitute or imply its
endorsement, recommendation, or favouring by UNIRAS or NISCC. The views and
opinions of authors expressed within this notice shall not be used for
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors or
omissions contained within this briefing notice. In particular, they shall
not be liable for any loss or damage whatsoever, arising from or in
connection with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response Teams
(IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
-
----------------------------------------------------------------------------
------


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQCVAwUBQPRJFIpao72zK539AQE2/QP/VZKLmYbxoFi+JWSWG2D71WJuVAUWc9SV
7tEmmZxARyfop/QXMdVUyVagKww6paQton9C792t+zUvkS8TpOdkS8IA55ySMmW2
5etWJ5jRKbiXcf4yTEyh2w8AQivgzHFGlFyLhMwWU98K7FZxEKKGfDGqDoKgVOAv
/sKDCQFMC9U=
=nuES
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Information is the currency of victory on the battlefield.
GEN Gordon Sullivan, CSA (1993)
------------------------------------------------------------------------

INFOCON Mailing List @
IWS - The Information Warfare Site
http://www.iwar.org.uk

------------------------------------------------------------------------
To subscribe, change your subscription or unsubscribe go to http://www.iwar.org.uk/mailman/listinfo/infocon/
------------------------------------------------------------------------

0 Comments:

Post a Comment

<< Home


Get Firefox!