Re: Alert: Microsoft Security Bulletin - MS03-010

From: Arnott, Barnaby J. (barnaby.arnott_at_UNISYS.COM)
Date: 05/08/03

  • Next message: Jeff Westhead: "Re: Win 2003 DNS requests makes replies over 512 byte PIX limit"
    Date:         Thu, 8 May 2003 11:34:00 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Just so you know, a hotfix package for 814119 also exists although there is
    no article (this is not unheard of from Microsoft) and they both contain RPC
    updates. However, the files in 814408 are a large set and have newer
    timestamps and later file versions. Although both do exist, it looks like
    814408 is the one to use.

    Barnaby Arnott - MCSE/MCSA Win2000
    UNISYS Product Support Engineering, MV, CA, USA

     -----Original Message-----
    From: Russ [mailto:Russ.Cooper@RC.ON.CA]
    Sent: Wednesday, May 07, 2003 4:46 PM
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    Subject: Re: Alert: Microsoft Security Bulletin - MS03-010

    In my previous message on this subject I referred to a private fix number
    814119. There is no KB article associated with this number (publicly
    available), so I went back and rechecked what I had read. While one
    individual referred to that number as being received from PSS and solving
    the problem, the first person to mention a private fix from PSS actually
    referred to;

    http://support.microsoft.com/default.aspx?scid=kb;en-us;814408

    Sorry for the confusion.

    Cheers,
    Russ - NTBugtraq Editor

    -----Original Message-----
    From: Russ
    Sent: Wednesday, May 07, 2003 8:34 AM
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    Subject: Re: Alert: Microsoft Security Bulletin - MS03-010

    Lucas Grijander brought to my attention a newsgroup discussion regarding
    problems with MS03-010 in IIS environments. Seems that some people using
    COM+ with IIS have been experiencing problems with ASP transactions with
    COM+ after installing MS03-010. The problems have varied, but the only
    solution had been to remove MS03-010, after which the ASP transactions
    worked correctly again.
    <snip>

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Delivery co-sponsored by IP3 Inc.
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    SECURITY QUESTIONS? We've got answers...Apply for a scholarship and become
    TICSA certified.

    Do not miss your opportunity to discover solutions to what our participants
    have identified as their top 5 IT Security Challenges. You will return to
    work better prepared to put into place an effective security strategy
    utilizing the latest security tools, bookmarks and URL's.

    <http://www.ip3seminars.com>

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Have you discovered a security vulnerability related to Windows or a
    commercial product which runs on Windows?

    Need assistance crafting the format or translating your advisory to English?

    Need to verify it, or having problems contacting the Vendor?

    Contact mailto:Advisories@NTBugtraq.com

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: Jeff Westhead: "Re: Win 2003 DNS requests makes replies over 512 byte PIX limit"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #176
      ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows XP HCP URI Handler Arbitrary Command Execu... ... PHPNuke Category Parameter SQL Injection Vulnerability ... Microsoft Baseline Security Analyzer Vulnerability Identific... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #242
      ... MICROSOFT VULNERABILITY SUMMARY ... PostNuke Blocks Module Directory Traversal Vulnerability ... Groove Networks Groove Virtual Office COM Object Security By... ... The Microsoft Windows IPV6 TCP/IP stack is prone to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to equal the destination source and port. ...
      (Focus-Microsoft)
    • [NT] Vulnerability in HTML Help Allows Code Execution (MS05-001)
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ...
      (Securiteam)
    • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
      ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
      (Securiteam)
    • SecurityFocus Microsoft Newsletter #75
      ... Microsoft's Internet Security & Acceleration Server with fault-tolerance ... The Microsoft UPnP Vulnerability ... Relevant URL: ...
      (Focus-Microsoft)