ALERT: Holes Of Doom for 12-April-2005

Explorer

Explorer

Learning Storage Performance
Joined
Jun 26, 2002
Messages
236
Location
Hinterlands
MS05-016:
http://www.microsoft.com/technet/security/Bulletin/MS05-016.mspx
Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)
 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows ME.
:( "IMPORTANT" :(



MS05-017:
http://www.microsoft.com/technet/security/Bulletin/MS05-017.mspx
Vulnerability in Message Queuing Could Allow Code Execution (892944)
Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows 98, Windows 98 SE.
:( "IMPORTANT" :(



MS05-018:
http://www.microsoft.com/technet/security/Bulletin/MS05-018.mspx
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)
Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows ME.
:( "IMPORTANT" :(



MS05-019:
http://www.microsoft.com/technet/security/Bulletin/MS05-019.mspx
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows ME.
:errr: "CRITICAL" :errr:



MS05-020:
http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx
Cumulative Security Update for Internet Explorer (890923)
Affected Software: Internet Explorer 5.01, Internet Explorer 6.0, Internet Explorer 6.0 for Windows Server 2003, Internet Explorer 6.0 for Windows XP Service Pack 2, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows ME.
:errr: "CRITICAL" :errr:



MS05-021:
http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx
Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)
Affected Software: Exchange 2000 Server, Exchange 2000 Enterprise Server, Exchange Server 2003.
:errr: "CRITICAL" :errr:



MS05-022:
http://www.microsoft.com/technet/security/Bulletin/MS05-022.mspx
Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)
Affected Software: MSN Messenger 6.
:errr: "CRITICAL" :errr:



MS05-023:
http://www.microsoft.com/technet/security/Bulletin/MS05-023.mspx
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)
Affected Software: Word 2000, Office 2000, Works 2001, Office XP, Word 2002, Works 2002, Works 2003, Works 2004, Office 2003, Word 2003
:errr: "CRITICAL" :errr:

 
T

time

Storage? I am Storage!
Joined
Jan 18, 2002
Messages
4,932
Location
Brisbane, Oz
So, Word documents are a security risk even without macro viruses. :roll:

I despair.
 
.Nut

.Nut

Learning Storage Performance
Joined
Jul 30, 2002
Messages
229
Location
.MARS
time said:
So, Word documents are a security risk even without macro viruses. :roll:

I despair.
Click to expand...

Yes, because you can execute all sorts of code and surf the net within Word (and other Office product).


  • Unpatched flaw found in Microsoft software

    Microsoft is investigating the report of a flaw that could open
    to attack systems running the company's Office or Access software.
    The vulnerability, which was not one of eight patched by Microsoft
    on Tuesday,     could enable an intruder to remotely execute malicious
    code on a vulnerable PC, according to security company Secunia...

    http://ct.zdnet.com.com/clicks?c=123577-3458039&brand=zdnet&ds=5
 
Dïscfärm

Dïscfärm

Learning Storage Performance
Joined
Nov 22, 2002
Messages
239
Location
Hïntërländs
Then, on top of all the above, NOW THIS...

  • Industry Reels From IP Flaw
    IP flaw could allow attacks on routers and Internet software     [list:4a3389b0a0] The U.K.'s National Infrastructure Co-Ordination Centre (NISCC) has warned of a flaw in Internet Protocol (IP) that could allow significant attacks on a wide range of products, including routers and Internet software from Microsoft (Profile, Products, Articles), Cisco Systems (Profile, Products, Articles), IBM (Profile, Products, Articles), Juniper Networks (Profile, Products, Articles), and others...
[/list:u:4a3389b0a0]
http://www.infoworld.com/article/05/04/13/HNipflaw_1.html?source=NLC-TB2005-04-13


 
Platform

Platform

Learning Storage Performance
Joined
May 10, 2002
Messages
234
Location
Rack 294, Pos. 10

Then, on top of all the above, NOW THIS...
  • 19 Apr 2005.
    Topic: File Selection May Lead to Command Execution.

    Discovery date: 18 Jan 2005.

    Affected applications:
    Windows Explorer on Windows 2000 Professional.
    Windows Explorer on Windows 2000 Server.
    Windows Explorer on Windows 2000 Advanced Server.

    Note that any other application that uses the Web View library under Windows 2000 is vulnerable as well.

    http://www.greymagic.com/security/advisories/gm015-ie/



http://www.eweek.com/article2/0,1759,1788600,00.asp?kc=ewnws042205dtx1k0000599


 
Platform

Platform

Learning Storage Performance
Joined
May 10, 2002
Messages
234
Location
Rack 294, Pos. 10
This will supposedly be the LAST major update package for Windows 2000 (Workstation & Server). Should show up the week of 06 ~ 10 of June.

The Update Rollup, which replaces Windows 2000 SP5 (Service Pack 5), is a cumulative set of hot fixes, security patches and critical updates packaged together for easy deployment...
Click to expand...



Details at:

http://www.eweek.com/article2/0,1759,1822852,00.asp

 
You must log in or register to reply here.
Top