MS01-022 not in MDAC 2.7 SP1

From: Carl R. Diliberto (cdiliberto@HOTMAIL.COM)
Date: 01/28/03

  • Next message: Clive Flint: "MSIEXEC problem with long user names"
    Date:         Tue, 28 Jan 2003 12:23:23 -0500
    From: "Carl R. Diliberto" <cdiliberto@HOTMAIL.COM>

    Is it just me, or did Microsoft not include the WebDAV update (MS01-022) in
    MDAC 2.7 SP1 redistributable? I noticed that XP is not vulnerable, but even
    a W2K Server with SP3, XML 4.0 SP1, and MDAC 2.7 SP1 is still vulnerable to
    at least this exploit?

    I am trying to write some outlines on securing Windows Boxes and noticed
    that this old update was missing thanks to MSBA 1.1 not being able to verify

    I wonder about MS02-008, MS02-053, and MS02-065???

    Anyone else run into this?

    Delivery co-sponsored by TruSecure Corporation
    TICSA - Anniversary Special - Limited Time

    Become TICSA certified for just $221.25 US when you register before 3/31/03
    with PROMO "TS0103" at NO membership fees, certification
    good for 2 years. Price for international delivery just $296.25 US, with
    this offer. Offer cannot be combined with any other special and expires
    3/31/03. Visit for full details.