Microsoft Security Bulletins for 13 July 2004

Author	All Replies
Steve I'm a PC, so shut up Consultant join:2001-03-10 Yorba Linda, CA 2 edits	Microsoft Security Bulletins for 13 July 2004 Our usual Microsoft host Jerry ( JmanB ) is on an airplane to Atlanta right now, and I've been asked to post this for him and Emily (the new Security lead). I do not represent or speak for Microsoft. 13 July 2004 Today Microsoft released the following Security Bulletins. Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summaries: http://www.microsoft.com/technet/security/bulletin/ms04-jul.mspx Critical Bulletins: MS04-022 - Vulnerability in Task Scheduler Could Allow Code Execution (841873) http://www.microsoft.com/technet/security/bulletin/ms04-022.mspx MS04-023 - Vulnerability in HTML Help Could Allow Code Execution (840315) http://www.microsoft.com/technet/security/bulletin/ms04-023.mspx Important Bulletins: MS04-019 - Vulnerability in Utility Manager Could Allow Code Execution (842526) http://www.microsoft.com/technet/security/bulletin/ms04-019.mspx MS04-020 - Vulnerability in POSIX Could Allow Code Execution (841872) http://www.microsoft.com/technet/security/bulletin/ms04-020.mspx MS04-021 - Security Update for IIS 4.0 (841373) http://www.microsoft.com/technet/security/bulletin/ms04-021.mspx MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx Moderate Bulletins: MS04-018 - Cumulative Security Update for Outlook Express (823353) http://www.microsoft.com/technet/security/bulletin/ms04-018.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site
	to forum · permalink · · 2004-07-13 13:58:48 ·
gkweb join:2003-06-09 76800 1 edit	After installing the updates, I have noticed that two files were modified (firewall alert) : WINDOWS\system32\ws2_32.dll MD5 - 20C6D9F9522DDA0F9A8E4B8641CA9245 WINDOWS\system32\mswsock.dll MD5 - 461B467CAE39D0A2765C876B46E78A7C Is it the same for everyone ? (French XP + SP1 + last critical updates)
	to forum · permalink · · 2004-07-13 14:48:39 ·
koam Pink Pecker Premium join:2000-08-16 East Puddle clubs:	reply to Steve Um, as an end user, will these things get to me via Windows Update for XP or are they something I should be doing supplementary to WU? Thanks. -- Danieli Consulting LLC, Strategy and Brandinghttp://kdanieli.com
	to forum · permalink · · 2004-07-13 17:43:53 ·
Steve I'm a PC, so shut up Consultant join:2001-03-10 Yorba Linda, CA	I'm quite sure that these will be available on Windows Update. Steve
	to forum · permalink · · 2004-07-13 17:45:27 ·
Randy Bell Premium join:2002-02-24 Santa Clara, CA	reply to koam said by koam : Um, as an end user, will these things get to me via Windows Update for XP or are they something I should be doing supplementary to WU? There were five of them via WU this morning for my Windows XP box, requiring a reboot. There were two of them via WU for my son's Win98SE box, requiring no reboot. I think you should be able to get them via {manual or automatic} WU. -- "But now abide faith, hope, love, these three; but the greatest of these is love." (1 Cor. 13:13)
	to forum · permalink · · 2004-07-13 17:46:42 ·
Daemon Premium join:2003-06-29 San Francisco, CA ·Comcast	It's not a security bulletin, but there is an additional critical update- BITS 2.0. (background intelligent transfer service). It's what Automatic Updates uses to download updates, and version 2.0 is much improved. BITS 2.0 is what WU5 will use, so it looks like they are rolling it out to everyone in anticipation of WU5 and XP Sp2 -- -Ryan 01011000
	to forum · permalink · · 2004-07-13 18:02:35 ·
koam Pink Pecker Premium join:2000-08-16 East Puddle clubs: ·Shoreham Telephone ·ViaTalk	reply to Randy Bell Thanks Steve and Randy. Yes I ran WU on 2 of our machines and found 5 or 6 critical updates for each. This after a slew of them in the past week as well. In Add/Remove Programs, I have 23 Hotfixes on one machine (XP Home), 41 Hotfixes on the other (XP Pro). -- Danieli Consulting LLC, Strategy and Brandinghttp://kdanieli.com
	to forum · permalink · · 2004-07-13 18:18:27 ·
satburn Premium join:2003-06-03 Versailles, MO	reply to Steve said by Steve : Critical Bulletins: MS04-022 - Vulnerability in Task Scheduler Could Allow Code Execution (841873) I'm on the mailing list and got these at work. I shuddered when I saw it. Guess we know there's a trojan coming soon... What is the scope of the vulnerability? This is a remote code execution vulnerability. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit this vulnerability. So, all they have to do is click on attachment and execute it.... yeah, nobody will do that.... -- SRS\|XP Pro\|Intel 2.4 Ghz\|500 RAM\|60 GB HD\|DAK403_P8\|SatMex5\|1230 MHz\|Vertical\|ZoneAlarm\|NOD32
	to forum · permalink · · 2004-07-13 18:27:35 ·
jpeachman join:2000-05-23 Pittsburg, CA	reply to gkweb said by gkweb : After installing the updates, I have noticed that two files were modified (firewall alert) : WINDOWS\system32\ws2_32.dll MD5 - 20C6D9F9522DDA0F9A8E4B8641CA9245 WINDOWS\system32\mswsock.dll MD5 - 461B467CAE39D0A2765C876B46E78A7C Is it the same for everyone ? (French XP + SP1 + last critical updates) Must be some of the XP-only updates. After updating W2K SP4, the files you mentioned (which both exist on my system, though of course in WINNT\system32 instead) have not been updated or changed. Joe
	to forum · permalink · · 2004-07-13 20:03:14 ·
trparky Bite My Shiny Metal Ass Premium,MVM join:2000-05-24 Cleveland, OH clubs:	Is Windows XP Service Pack 2 RC2 users effected? -- WedgeAntilles250
	to forum · permalink · · 2004-07-13 21:24:58 ·
jpeachman join:2000-05-23 Pittsburg, CA 1 edit	Sorry WedgeAntilles250, I'm not sure I understand your question. There were various updates today for all versions of Windows, but the question I was responding to asked whether everyone had the same 2 specific files updated (there are plenty of others, too), and I was just saying I didn't on W2K. If you run Windows Update, it will tell you what is available for your particular Windows version. If you have a different specific question, could you clarify? Joe
	to forum · permalink · · 2004-07-13 21:31:11 ·
boblandy Premium join:2002-05-06	reply to gkweb said by gkweb : After installing the updates, I have noticed that two files were modified (firewall alert) : WINDOWS\system32\ws2_32.dll MD5 - 20C6D9F9522DDA0F9A8E4B8641CA9245 WINDOWS\system32\mswsock.dll MD5 - 461B467CAE39D0A2765C876B46E78A7C Is it the same for everyone ? (French XP + SP1 + last critical updates) neither of these 2 files have been modified on my winxp after installing the critical updates -- look out kid they keep it all hid
	to forum · permalink · · 2004-07-13 22:06:28 ·
trparky Bite My Shiny Metal Ass Premium,MVM join:2000-05-24 Cleveland, OH clubs:	Is Windows XP Service Pack 2 vulnerable to these exploits? -- WedgeAntilles250
	to forum · permalink · · 2004-07-13 22:27:52 ·
evilpeppard Always Fight For Freedom Premium join:2003-08-20 Aurora, CO clubs:	said by trparky : Is Windows XP Service Pack 2 vulnerable to these exploits? I believe one of them did affect users with XP SP2 installed, but only if it was the beta version of XP SP2. Don't quote me though. I'm at home now so I don't have the info from work where I originally saw this. I'd just run WU and install the criticals. -- ASUS A7N8X Deluxe rev 2.0 w/AMD 3200+ Barton, 1GB Matched Corsair DDR400 RAM, WD Raptor 10K RPM SATA HD's in RAID 0, EVGA FX5900 Ultra 256mb NVidia, WinXP Pro,Logitech z-5300 speakers
	to forum · permalink · · 2004-07-13 22:36:16 ·
Morac join:2001-08-30 Riverside, NJ ·Comcast	reply to Steve quote: Fixes a behavior that was introduced in MS03-014 where Outlook Express 6 SP1 and later creates a copy of the Windows Address Book in a predictable location with a file name of ~. After you install this update, Outlook Express will no longer create this copy of the Windows Address Book in a predictable location. Finally! -- The Comcast Disney Avatar has been retired.
	to forum · permalink · · 2004-07-13 23:48:02 ·
Daemon Premium join:2003-06-29 San Francisco, CA ·Comcast	said by Morac : quote: Fixes a behavior that was introduced in MS03-014 where Outlook Express 6 SP1 and later creates a copy of the Windows Address Book in a predictable location with a file name of ~. After you install this update, Outlook Express will no longer create this copy of the Windows Address Book in a predictable location. Finally! Now it's going to make ~ files all over the disk in random places! -- -Ryan 01011000
	to forum · permalink · · 2004-07-14 00:12:20 ·
Mele20 Premium join:2001-06-05 Hilo, HI	reply to Steve Why does WU version 5 tell me that it needs to upgrade itself before I can get any updates? I just installed version 5 about a week ago and it already needs to upgrade?
	to forum · permalink · · 2004-07-14 05:10:53 ·
ObdH Premium join:2003-06-11	reply to Steve said by user=windowsupdate: Security Update for Windows 2000 (KB840315) Download size: 310 KB A security issue has been identified that could allow an attacker to compromise a computer running Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more... Remove Security Update for Windows 2000 (KB842526) Download size: 310 KB A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more... Remove Security Update for Windows 2000 (KB841873) Download size: 311 KB A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more... Remove Security Update for Windows 2000 (KB841872) Download size: 346 KB A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more... Remove Security Update for Windows 2000 (KB839645) Download size: 310 KB A security issue has been identified that could allow an attacker to compromise a computer running Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more... Well...atleast they're blunt about it! Surely that's a good sign -- Miserable failure
	to forum · permalink · · 2004-07-14 05:26:28 ·
bcool Premium join:2000-08-25 The Ozarks	reply to Mele20 said by Mele20 : Why does WU version 5 tell me that it needs to upgrade itself before I can get any updates? I just installed version 5 about a week ago and it already needs to upgrade? Oops. Hi Mele. I've been asleep at the wheel. I didn't even know there was a WU version 5 that's available for installation. Who, where, how?
	to forum · permalink · · 2004-07-14 05:30:59 ·
Daemon Premium join:2003-06-29 San Francisco, CA ·Comcast	reply to Mele20 said by Mele20 : Why does WU version 5 tell me that it needs to upgrade itself before I can get any updates? I just installed version 5 about a week ago and it already needs to upgrade? because BITS 2.0 RTM is out. Last week you would have been using 2.0 RC2 -- -Ryan 01011000
	to forum · permalink · · 2004-07-14 05:49:28 ·


Wednesday, 09-Dec 11:41:28	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. republican-creole page compression OFF