MS Monthly Updates Released
Microsoft has released three updates on its regular "second Tuesday of the month" schedule:
MS04-009 was raised from 'Important' to 'Critical'.
Microsoft Security Bulletin MS04-008 describes a possible DoS condition within Windows Media Services. The issue affects only Microsoft Windows 2000 Server Service Pack 2, Microsoft Windows 2000 Server Service Pack 3, and Microsoft Windows 2000 Server Service Pack 4. The only vulnerable version of Windows Media Services is version 4.1 for Windows Server 2000. If you are unable to patch an affected system, a possible work-around would be to block port 7007 and 7778 at the firewall. Note: Blocking port 7007 will keep multicast streams and playlists from being streamed to the Internet. Blocking port 7778 will disable remote administration of Windows Media Services. This issue is listed by Microsoft as having a severity of "Moderate."
Microsoft Security Bulletin MS04-009 describes a vulnerability in Microsoft's HTML rendering code (on machines with Outlook 2002 installed) that could allow a malicious HTML to execute script code within the "Local Machine" zone on an unprotected system. It appears that anything that uses Microsoft's HTML rendering code on such a machine could be vulnerable. The issue is caused by the way Outlook 2002 handles certain "mailto" URLs. (Note: Outlook 2002 is both a stand-alone product and a part of Office XP.) For situations where patches cannot be applied, Microsoft suggests that the issue can be mitigated by changing Outlook's default start page to something besides "Outlook Today." We have additional information which suggests, however, that this mitigation is ineffective and can be easily circumvented. We would suggest that you switch to viewing email as "text only" if you are unable to patch. (Note: This will only mitigate attack via a malicious email. It does nothing to protect you from other HTML vectors that may exploit this vulnerability.) Microsoft has listed this issue as having a severity of "Critical."
The third update, Microsoft Security Bulletin MS04-010, covers a possible information disclosure in Microsoft MSN Messenger. This issue affects Microsoft MSN Messenger versions 6.0 and 6.1, and does not affect any versions of Microsoft Messenger. Because of a flaw in the way that MSN Messenger handles file requests, a remote attacker could view the contents of files at known locations on a user's system. Microsoft has listed the severity of this issue as "Moderate."
Handler on duty: Tom Liston - ( http://www.labreatechnologies.com ) I will be teaching next: Intrusion Detection In-Depth - SANS Blue Team and Purple Team 2020
Mar 10th 2004
Mar 10th 2004
1 decade ago