Microsoft Security Bulletin(s) for 4/12/2005

Author	All Replies
JmanB Premium,VIP join:2003-08-27 Redmond, WA ·Vonage	Microsoft Security Bulletin(s) for 4/12/2005 April 12, 2005 Today Microsoft released the following Security Bulletin(s). Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summary: »www.microsoft.com/technet/securi···apr.mspx Critical Bulletins: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) »www.microsoft.com/technet/securi···019.mspx Cumulative Security Update for Internet Explorer (890923) »www.microsoft.com/technet/securi···020.mspx Vulnerability in Exchange Server Could Allow Remote Code Execution (894549) »www.microsoft.com/technet/securi···021.mspx Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597) »www.microsoft.com/technet/securi···022.mspx Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169) »www.microsoft.com/technet/securi···023.mspx Important Bulletins: Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086) »www.microsoft.com/technet/securi···016.mspx Vulnerability in Message Queuing Could Allow Code Execution (892944) »www.microsoft.com/technet/securi···017.mspx Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859) »www.microsoft.com/technet/securi···018.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- Jerry Bryant - Microsoft IT Communities. This posting is provided "AS IS" with no warranties, and confers no rights.
	to forum · permalink · · 2005-04-12 14:25:40 ·
Cudni La Merma - Vigilado Premium,MVM join:2003-12-20 Someshire	As always, thanks for the update Cudni
	to forum · permalink · · 2005-04-12 14:50:10 ·
Pole883 Premium join:2004-01-27 Schenectady, NY	reply to JmanB Awesome.........thanks!! Be well..... Mike
	to forum · permalink · · 2005-04-12 15:01:09 ·
Buddel If it ain't broke, don't fix it. Premium join:2004-03-06 EU	reply to JmanB Thanks for the info.
	to forum · permalink · · 2005-04-12 15:02:36 ·
jabarnut Light Years Away Premium,MVM join:2005-01-22 Galaxy M31	reply to JmanB Appreciate the info!!!
	to forum · permalink · · 2005-04-12 16:22:11 ·
dadkins Can you do Blu? Premium,MVM join:2003-09-26 Hercules, CA	reply to JmanB Thank you jbMSFT!
	to forum · permalink · · 2005-04-12 16:40:17 ·
visormiser Premium join:2004-02-10 Alexandria, VA	According to SANS: The update to the MS05-002 advisory (Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution) is relevant to those who are applying the patch to Windows 98, 98SE, and ME; users of these platforms may need to re-apply the patch. If I'm not mistaken, this is the same flaw that gave Windows 98 and Windows ME users such a headache, as demonstrated quite thoroughly in this thread at DSL Reports
	to forum · permalink · · 2005-04-12 16:49:09 ·
Skipdawg The Original Premium,ExMod 2001-03 join:2001-04-19 The Void	reply to JmanB All updated now. Thanks again for keeping us informed
	to forum · permalink · · 2005-04-12 20:31:26 ·
opus74 Deep Thought Premium join:2002-03-04 Coello, IL clubs: 1 edit	reply to JmanB Thanks for the information.
	to forum · permalink · · 2005-04-12 21:40:59 ·
Barbara Ann Premium,MVM join:2000-10-17	reply to JmanB Thanks loads!
	to forum · permalink · · 2005-04-12 23:18:50 ·
Curley join:2002-04-10 Michigan	reply to JmanB Thanks for pluggin a few more holes!
	to forum · permalink · · 2005-04-13 01:15:07 ·
Khaine join:2003-03-03 Australia	reply to JmanB Thanks jbMSFT
	to forum · permalink · · 2005-04-13 01:39:08 ·
Libra Premium join:2003-08-06 USA	reply to JmanB I guess I'm the only one in a total state of confusion over IE Update MS05-020 »www.microsoft.com/technet/securi···020.mspx Under FAQs it says, in part, re XP SP2: "For Internet Explorer 6 for Microsoft Windows XP Service Pack 2, Windows Server 2003, and Windows 64-Bit Edition Version 2003 (Itanium), this security update contains hotfixes included with or after MS04-025, as well as fixes for all the security issues addressed in this update. However, the hotfix versions of the files included in this security update are ONLY INSTALLED if you have PREVIOUSLY INSTALLED an Internet Explorer HOTFIX to UPDATE any of the files listed in the “Security Update Information” section of this bulletin." I have no idea if I applied a hotfix to update any of those files! In XP SP2 I have MS04-038 and MS05-014 installed re IE plus a lot of hotfixes for Windows. In another area it said you can install a hotfix or edit the registry before applying this IE Cumulative Update (I don't know if this applies to XP SP2, or not). I checked the registry in XP for: HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\QFEInstalled (must have a DWORD value that is more than 1 or equal to 1) I don't have QFEInstalled in the registry. I found instructions on how to add it, should I? Since I have XP SP2 which wasn't activated until December 2004, do I need these hotfixes or the registry edit? If I need a hotfix, where do I get it. I thought Windows Updates would have prompted if I needed them. I'd also like to know how this applies to Windows 98se - which also doesn't have that registry item. I'd appreciate your help with this. Thank you. Sincerely, Libra
	to forum · permalink · · 2005-04-13 03:36:00 ·
jabarnut Light Years Away Premium,MVM join:2005-01-22 Galaxy M31 3 edits	(Edited) (Never mind as far as my rather lengthy original post) Libra...just run Windows Update on your Computer manually. If something Critical shows up, install it and go merrily along on your way. Don't worry, be happy. -- I had a life once.....now I have a Computer and a Modem.
	to forum · permalink · · 2005-04-13 09:03:52 ·
Cudni La Merma - Vigilado Premium,MVM join:2003-12-20 Someshire	This particular update works fine and maybe you should have tried, that it works fine on your comp, before going for third party fix/hack Cudni
	to forum · permalink · · 2005-04-13 11:28:59 ·


Saturday, 05-Dec 06:32:48	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. republican-creole page compression OFF