FW: Alert: Microsoft Security Bulletin MS04-011 - Security Update for Microsoft Windows (835732)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 04/14/04

  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)" 
    Date:         Wed, 14 Apr 2004 08:06:50 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Microsoft Security Bulletin MS04-011:
    Security Update for Microsoft Windows (835732)

    Bulletin URL:
    <http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx>

    Summary:
      Version Number: 1.0
      Revision Date: April 13, 2004
      Impact of Vulnerability: Remote Code Execution
      Maximum Severity Rating: Critical
      Patch(es) Replaced: None
      Caveats: The security update for Windows NT Server 4.0 Terminal Server
    Edition Service Pack 6 requires, as a prerequisite, the Windows NT
    Server 4.0 Terminal Server Edition Security Rollup Package (SRP). To
    download the SRP, visit the following Web site . You must install the
    SRP before you install the security update that is provided in this
    security bulletin. If you are not using Windows NT Server 4.0 Terminal
    Server Edition Service Pack 6 you do not need to install the SRP.

    Revisions:
      * v1.0 - Tuesday, April 13, 2004: Bulletin published

    Tested Software:
      Affected Software:
      * Microsoft Windows NT. Workstation 4.0 Service Pack 6a
    <http://www.ntbugtraq.com/link/7f1713fc-f95c-43e5-b825-3cf72c1a0a3e.asp>
      * Microsoft Windows NT Server 4.0 Service Pack 6a
    <http://www.ntbugtraq.com/link/67a6f461-d2fc-4aa0-957e-3b8dc44f9d79.asp>
      * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
    6
    <http://www.ntbugtraq.com/link/62cba527-a827-4777-8641-28092d3aae4f.asp>
      * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000
    Service Pack 3, and Microsoft Windows 2000 Service Pack 4
    <http://www.ntbugtraq.com/link/0692c27e-f63a-414c-b3eb-d2342fbb6c00.asp>
      * Microsoft Windows XP and Microsoft Windows XP Service Pack 1
    <http://www.ntbugtraq.com/link/3549ea9e-da3f-43b9-a4f1-af243b6168f3.asp>
      * Microsoft Windows XP 64-Bit Edition Service Pack 1
    <http://www.ntbugtraq.com/link/c6b55ef2-d9fe-4dbe-ab7d-73a20c82ff73.asp>
      * Microsoft Windows XP 64-Bit Edition Version 2003
    <http://www.ntbugtraq.com/link/c207d372-e883-44a6-a107-6cd2d29fc6f5.asp>
      * Microsoft Windows Server 2003
    <http://www.ntbugtraq.com/link/eab176d0-01cf-453e-ae7e-7495864e8d8c.asp>
      * Microsoft Windows Server 2003 64-Bit Edition
    <http://www.ntbugtraq.com/link/c207d372-e883-44a6-a107-6cd2d29fc6f5.asp>
      * Microsoft NetMeeting
      * Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
    Microsoft Windows Millennium Edition (ME)
    Review the FAQ section of this bulletin for details about these
    operating systems.

    Technical Description:
    Executive Summary:
    This update resolves several newly-discovered vulnerabilities. Each
    vulnerability is documented in this bulletin in its own section.

    An attacker who successfully exploited the most severe of these
    vulnerabilities could take complete control of an affected system,
    including installing programs; viewing, changing, or deleting data; or
    creating new accounts that have full privileges.

    LSASS Vulnerability - CAN-2003-0533
    LDAP Vulnerability - CAN-2003-0663
    PCT Vulnerability - CAN-2003-0719
    Winlogon Vulnerability - CAN-2003-0806
    Metafile Vulnerability - CAN-2003-0906
    Help and Support Center Vulnerability - CAN-2003-0907
    Utility Manager Vulnerability - CAN-2003-0908
    Windows Management Vulnerability - CAN-2003-0909
    Local Descriptor Table Vulnerability - CAN-2003-0910
    H.323 Vulnerability* - CAN-2004-0117
    Virtual DOS Machine Vulnerability - CAN-2004-0118
    Negotiate SSP Vulnerability - CAN-2004-0119
    SSL Vulnerability - CAN-2004-0120
    ASN.1 'Double Free' Vulnerability - CAN-2004-0123

    This email is sent to NTBugtraq automagically as a service to my
    subscribers. (v4.00.1564.10850)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
    -----

  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)"