More critical patches from MS

CougTek

Hairy Aussie
Joined
Jan 21, 2002
Messages
8,729
Location
Québec, Québec
Thanks, I didn't notice them earlier. They've been installed and my computer didn't explode, so I assume they worked.
 

Fushigi

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,890
Location
Illinois, USA
From our MS rep:

Today, November 11th, 2003 Microsoft is releasing four new security bulletins, three of which carry a maximum severity rating of critical. These bulletins address vulnerabilities in Microsoft Windows and Office. Summaries for the bulletins released today may be found at the following pages.

http://www.microsoft.com/technet/security/bulletin/winnov03.asp

http://www.microsoft.com/technet/security/bulletin/offnov03.asp

Please also see below for each of the individual Microsoft Security Bulletins listed in the summaries above.

**********************************************************************

Microsoft Security Bulletin MS03-048

Title: Cumulative Security Update for Internet Explorer (824145)

Date: November 11, 2003

Software:

• Microsoft Windows 98

• Microsoft Windows 98 Second Edition

• Microsoft Windows Millennium Edition

• Microsoft Windows NT® Workstation 4.0 Service Pack 6a

• Microsoft Windows NT Server 4.0 Service Pack 6a

• Microsoft Windows NT Server 4.0 Terminal Server Edition, Service Pack 6

• Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4

• Microsoft Windows XP, Microsoft Windows XP Service Pack 1

• Microsoft Windows XP 64-Bit Edition

• Microsoft Windows XP 64-Bit Edition Version 2003

• Microsoft Windows Server® 2003

• Microsoft Windows Server 2003, 64-Bit Edition

Affected Components:

• Internet Explorer 6 Service Pack 1

• Internet Explorer 6 Service Pack 1 (64-Bit Edition)

• Internet Explorer 6 Service Pack 1 for Windows Server 2003

• Internet Explorer 6 Service Pack 1 for Windows Server 2003 (64-Bit Edition)

• Internet Explorer 6

• Internet Explorer 5.5 Service Pack 2

• Internet Explorer 5.01 Service Pack 4

• Internet Explorer 5.01 Service Pack 3

• Internet Explorer 5.01 Service Pack 2

Impact: Remote Code Execution

Maximum Severity Rating: Critical

More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-048.asp

**********************************************************************

Microsoft Security Bulletin MS03-049

Title: Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)

Date: November 11, 2003

Software:

• Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4

• Microsoft Windows XP, Microsoft Windows XP Service Pack 1

• Microsoft Windows XP 64-Bit Edition

Note: The Windows XP security updates that released on October 15th as part of Security Bulletin MS03-043 (828035) include the updated file that helps protect from this vulnerability. If you have applied the Windows XP security updates for MS03-043 (828035) you do not have to reapply this update. However, the Windows 2000 security update that is released as part of this security bulletin contains updated files that were not part of the MS03-043 (828035) security bulletin. Customers have to apply this Windows 2000 security update even if they applied the Windows 2000 security updates for MS03-043 (828035).

Impact: Remote Code Execution

Maximum Severity Rating: Critical

More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-049.asp

**********************************************************************

Microsoft Security Bulletin MS03-050

Title: Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527)

Date: November 11, 2003

• Microsoft Excel 97Microsoft Excel 2000

• Microsoft Excel 2002

• Microsoft Word 97

• Microsoft Word 98(J)

• Microsoft Word 2000 and Microsoft Works Suite 2001

• Microsoft Word 2002, Microsoft Works Suite 2002, Microsoft Works Suite 2003, and Microsoft Works Suite 2004

Impact: Run code of attackers choice

Maximum Severity Rating: Important

More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-050.asp

**********************************************************************



Microsoft Security Bulletin MS03-051

Title: Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)

Date: November 11, 2003

• Microsoft Windows 2000 Service Pack 2, Service Pack 3

• Microsoft Windows XP, Microsoft Windows XP Service Pack 1

• Microsoft Office XP, Microsoft Office XP Service Release 1

Impact: Remote Code Execution

Maximum Severity Rating: Critical

More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-051.asp

*********************************************************************

Microsoft is also re-releasing Microsoft Security Bulletin MS02-050. Details regarding the re-release can be found below:

http://www.microsoft.com/technet/security/bulletin/MS02-050.asp



• V5.0 (November 11,2003): Bulletin updated to advise on the availability of a new security patch for customers who installed Windows 2000 Service Pack 4 and then installed Internet Explorer 6.0 Service Pack 1.

Customers are advised to review the bulletins and to test and deploy the associated patches in their environments, if applicable.

Microsoft will also be hosting a webcast tomorrow to address customer questions on these bulletins. For more information on this webcast please see below:

Information about Microsoft’s November Security Bulletins

11/12/2003 10:00 AM - 11:30 AM PST

http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032239225&Culture=en-US
 

Fushigi

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,890
Location
Illinois, USA
Nothing for December:
The Microsoft Security Response Center will not be releasing any security bulletins on Tuesday December 9th, 2003 as part of the monthly release cycle for the month of December. This information is provided to our Enterprise customers before Tuesday the 9th to allow them to appropriately plan resources.

No additional information is available at this time on upcoming security bulletin releases.
 

P5-133XL

Xmas '97
Joined
Jan 15, 2002
Messages
3,173
Location
Salem, Or
Fushigi said:
Nothing for December:
The Microsoft Security Response Center will not be releasing any security bulletins on Tuesday December 9th, 2003 as part of the monthly release cycle for the month of December. This information is provided to our Enterprise customers before Tuesday the 9th to allow them to appropriately plan resources.

No additional information is available at this time on upcoming security bulletin releases.

Obviously what they actually ment was that they were simply delaying "That time of the month" for one day.
 
Top