dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3086

JmanB
Premium Member
join:2003-08-27
Redmond, WA

3 recommendations

JmanB

Premium Member

Microsoft Security Bulletins for 10/3/2003

Title: Cumulative Patch for Internet Explorer Execution (828750)
Date: October 3, 2003
Software:
Internet Explorer 5.01
Internet Explorer 5.5
Internet Explorer 6.0
Internet Explorer 6.0 for Windows Server 2003
Impact: Run code of attacker’s choice.
Maximum Severity Rating: Critical
Bulletin: MS03-040

The Microsoft Security Response Center has released Microsoft Security Bulletin MS03-040

What Is It?
The Microsoft Security Response Center has released Microsoft Security Bulletin MS03-040 which concerns a vulnerability in Internet Explorer. Customers are advised to review the information in the bulletin, test and deploy the patch immediately in their environments, if applicable.

More information is now available at »www.microsoft.com/techne ··· -040.asp

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.

Misfits1
@lsanca1.dsl-verizon.

Misfits1

Anon

Thank you for informing us,everyone patch your ie!
mrgeek
Premium Member
join:2002-12-13
Dundee, IL

mrgeek to JmanB

Premium Member

to JmanB
Anybody else get a Windows Media Player security update...kb828026?

hpguru
Curb Your Dogma
Premium Member
join:2002-04-12

hpguru

Premium Member

said by mrgeek:
Anybody else get a Windows Media Player security update...kb828026?
Just installed it.
mrgeek
Premium Member
join:2002-12-13
Dundee, IL

mrgeek

Premium Member

Thank you. Wonder why it wasn't posted with the IE security bulletin?

rustydog999
join:2002-06-17
the internet

rustydog999 to JmanB

Member

to JmanB
yep got both .

Microsoft should send out a FREE cd to eveyone with all the current updates.

My system has so many patches I have patches on patches and patches to fix patches that where supposed to fix patches .

.
JackCam614
Premium Member
join:2000-08-24
New Hyde Park, NY

JackCam614 to mrgeek

Premium Member

to mrgeek
said by mrgeek:
Thank you. Wonder why it wasn't posted with the IE security bulletin?
Hey mrgeek,

As noted in my email notification regarding this MS Patch, the Windows Media Update is not considered a 'security patch'.
I'm guessing for this reason, it is not addressed in this Security related thread.
------------------------------------------------------
In addition to applying this security patch it is recommended that
users also install the Windows Media Player update referenced in
Knowledge Base Article 828026. This update is available from Windows
Update as well as the Microsoft Download Center for all supported
versions of Windows Media Player. While not a security patch, this
update contains a change to the behavior of Windows Media Player's
ability to launch URL's to help protect against DHTML behavior based
attacks. Specifically, it restricts Windows Media Player's ability
to launch URL's in the local computer zone from other zones.
------------------------------------------------------------

...
Jack
[text was edited by author 2003-10-03 23:34:33]

[text was edited by author 2003-10-03 23:37:07]
Daemon
Premium Member
join:2003-06-29
Washington, DC

Daemon to JmanB

Premium Member

to JmanB
was beaten to the punch....

anyway, I only complain that the bulletin came out so late in the day. I was on WU not a few hours ago and it wasn't out for download.
[text was edited by author 2003-10-03 23:37:00]

Sparrow
Crystal Sky
Premium Member
join:2002-12-03
Sachakhand

Sparrow to JmanB

Premium Member

to JmanB
Thank you!
mrgeek
Premium Member
join:2002-12-13
Dundee, IL

mrgeek to JackCam614

Premium Member

to JackCam614
Thanks for the clarification.

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

antdude to JmanB

Premium Member

to JmanB
Wow! MS actually released updates on a Friday! Wowser.

Karnog
join:2002-03-03
Westminster, CA

Karnog to JmanB

Member

to JmanB
One down, several thousand more to go:) woohoo!
Mannaggia5
join:2003-08-25

Mannaggia5 to JmanB

Member

to JmanB
I received an e-mail notice from Microsoft about the new patch. I have XP set up for automatic updating. I always get the update signal before I receive the e-mail notification. Not this time though. Anyone else have automatic update enabled, and if so, did you receive the notice?
analyzer1
join:2003-08-30

analyzer1 to JmanB

Member

to JmanB
Does this patch fix the Objectdata vulnerability reported by eEye ?

»www.eeye.com/html/Resear ··· 820.html

catseyenu
Ack Pfft
Premium Member
join:2001-11-17
Fix East

catseyenu

Premium Member

From:
»www.secunia.com/MS03-032
quote:

MS03-032: Object Data Vulnerability Test

Test to see if your browser is vulnerable to the latest Microsoft Internet Explorer vulnerability. The vulnerability which is called the "Object Data Vulnerability" allows malicious websites, emails or newsgroup messages to silently download and execute any file on your system.

Secunia has issued an extraordinary alert, which is rated as "Extremely Critical". Clicking on the link below will perform a test to verify whether or not you are vulnerable to the Object Data vulnerability reported by eEye.
NOTE:
http-equiv has proved that the MS03-032 Security Bulletin from Microsoft fails to close the "Object Data" vulnerability. This test has been updated to use the latest exploit code as described by http-equiv and GreyMagic.

WARNING:
If you are vulnerable, the Secunia website will execute Internet Explorer on your system and load a new web page.
I got a prompt which I denied and no instance of IE.
Patch seems to be working.

MRK8
Premium Member
join:2001-01-11
San Antonio, TX

MRK8

Premium Member

said by catseyenu:
From:
»www.secunia.com/MS03-032
quote:
MS03-032: Object Data Vulnerability Test

WARNING:
If you are vulnerable, the Secunia website will execute Internet Explorer on your system and load a new web page.
I got a prompt which I denied and no instance of IE.
Patch seems to be working.
If ActiveX is disabled (or on prompt, and refused) this test should fail anyway with or without the patch, correct?

sig6
Premium Member
join:2001-05-05

sig6 to Mannaggia5

Premium Member

to Mannaggia5
Mannaggia: Just FYI, I have auto update set to notify me when an update is available and I haven't seen anything from it yet.
sig6

sig6 to JmanB

Premium Member

to JmanB
quote:
What You Should Know About Microsoft Security Bulletin MS03-040 (828750)

Why We Are Issuing This Update
A number of security issues have been identified in Microsoft® Internet Explorer that could allow an attacker to compromise a Microsoft Windows®-based system and then take a variety of actions. For example, an attacker could run programs on your computer when you are viewing a Web page. This vulnerability affects all computers that have Internet Explorer installed. (You do not have to be using Internet Explorer as your Web browser to be affected by this issue.) You should help protect your computer by installing this update from Microsoft.
(I added the bold for emphasis.)

»www.microsoft.com/securi ··· -040.asp
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

I just read that and installed the patch. However, I don't understand how, if I was using Mozilla, I could be affected by an IE issue even if IE is a part of the OS. Care to explain?

dp
MVM
join:2000-12-08
Greensburg, PA

dp to JmanB

MVM

to JmanB
Thanks for the heads-up on that update.
SS_2003 Rule
join:2002-11-11
Los Angeles, CA

SS_2003 Rule to JmanB

Member

to JmanB
odd while doing a update of xp pro..fresh install sp 1 no updates..I had 60 mbs to dl..did that in 8 minutes..and while installing wanted to access 10/04/2003 03:20:52 Allowed TCP Outgoing wustat.windows.com [207.46.197.121] 1208 C:\Program Files\Internet Explorer\IEXPLORE.EXE 10/04/2003 03:19:49 10/04/2003 03:19:50
with the name was service pack update..which was weird since I never saw it before..I had to allow it or it would just sit there..not moving the progress bar..has anyone else gotten this before? while installing updates from ms site?

dp
MVM
join:2000-12-08
Greensburg, PA

dp to mrgeek

MVM

to mrgeek
said by mrgeek:
Anybody else get a Windows Media Player security update...kb828026?
I'm running WinME and I also got that update as well.

Lappen
join:2000-12-07
sweden

Lappen to Mannaggia5

Member

to Mannaggia5
said by Mannaggia5:
I received an e-mail notice from Microsoft about the new patch. I have XP set up for automatic updating. I always get the update signal before I receive the e-mail notification. Not this time though. Anyone else have automatic update enabled, and if so, did you receive the notice?
Nope. I also have automatic updates enabled but I didn't get it trough automatic updates. I got the e-mail and updated manually

catseyenu
Ack Pfft
Premium Member
join:2001-11-17
Fix East

catseyenu to MRK8

Premium Member

to MRK8
said by MRK8:
If ActiveX is disabled (or on prompt, and refused) this test should fail anyway with or without the patch, correct?
Maybe that's all the patch did, changed the default settings?
I ran the test pre-patch and got the pop up, post patch... prompt.
Gawd, somebody shoot me.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20 to JmanB

Premium Member

to JmanB
>I got a prompt which I denied and no instance of IE.
Patch seems to be working.

I ran this test after installing the patch. I have always had IE on prompt for Active X. I didn't get any prompt when I ran the test. All that happened was that the page reloaded.

bcool
Premium Member
join:2000-08-25

bcool to dp

Premium Member

to dp
said by dp:
said by mrgeek:
Anybody else get a Windows Media Player security update...kb828026?
I'm running WinME and I also got that update as well.

Well, I dual boot and haven't run windowsupdate in a couple of weeks on WIN98SE. This is what I get when attempting to check for updates while on WIN98SE hmmmm.....wonder where else I can find kb828026?

dp
MVM
join:2000-12-08
Greensburg, PA

dp

MVM

I just checked the Windows Update Catalog and didn't see kb828026 listed for Win98/98SE but it is listed if you look up WinME.

hpguru
Curb Your Dogma
Premium Member
join:2002-04-12

hpguru to SS_2003 Rule

Premium Member

to SS_2003 Rule
said by SS_2003 Rule:
..and while installing wanted to access 10/04/2003 03:20:52 Allowed TCP Outgoing wustat.windows.com [207.46.197.121] 1208 C:\Program Files\Internet Explorer\IEXPLORE.EXE 10/04/2003 03:19:49 10/04/2003 03:19:50
with the name was service pack update..which was weird since I never saw it before..I had to allow it or it would just sit there..not moving the progress bar..has anyone else gotten this before? while installing updates from ms site?
At one time I had wustat.windows.com in the hosts file. I removed it after receiving reports that it disables WU for users of WinXP. It doesn't seem to effect users of WinNT/2K or Win9x/Me however. I block it in my own config without any ill effect.

FoMoCo
466 C.I.D.
join:2001-01-10
Grand Rapids, MI

FoMoCo to JmanB

Member

to JmanB
I tested on that page and got a pop up window but it was just a blank window.This with unpatch 98se.Then I patched my wifes 98 box and tested it.I get a file download pop up box asking if I want to dl HTML application.
[text was edited by author 2003-10-04 10:16:04]
mrgeek
Premium Member
join:2002-12-13
Dundee, IL

mrgeek to JmanB

Premium Member

to JmanB
I also didn't get the media player update on my Win98SE box, but I reformatted and installed Media Player 9 (along with all the other patches) in July and figured what was covered in the patch was already included with my download, so no patch was needed.