FW: Alert: Microsoft Security Bulletin MS04-011 - Security Update for Microsoft Windows (835732)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 04/14/04

  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)"
    Date:         Wed, 14 Apr 2004 08:06:50 -0400
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Microsoft Security Bulletin MS04-011:
    Security Update for Microsoft Windows (835732)

    Bulletin URL:
    <http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx>

    Summary:
      Version Number: 1.0
      Revision Date: April 13, 2004
      Impact of Vulnerability: Remote Code Execution
      Maximum Severity Rating: Critical
      Patch(es) Replaced: None
      Caveats: The security update for Windows NT Server 4.0 Terminal Server
    Edition Service Pack 6 requires, as a prerequisite, the Windows NT
    Server 4.0 Terminal Server Edition Security Rollup Package (SRP). To
    download the SRP, visit the following Web site . You must install the
    SRP before you install the security update that is provided in this
    security bulletin. If you are not using Windows NT Server 4.0 Terminal
    Server Edition Service Pack 6 you do not need to install the SRP.

    Revisions:
      * v1.0 - Tuesday, April 13, 2004: Bulletin published

    Tested Software:
      Affected Software:
      * Microsoft Windows NT. Workstation 4.0 Service Pack 6a
    <http://www.ntbugtraq.com/link/7f1713fc-f95c-43e5-b825-3cf72c1a0a3e.asp>
      * Microsoft Windows NT Server 4.0 Service Pack 6a
    <http://www.ntbugtraq.com/link/67a6f461-d2fc-4aa0-957e-3b8dc44f9d79.asp>
      * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
    6
    <http://www.ntbugtraq.com/link/62cba527-a827-4777-8641-28092d3aae4f.asp>
      * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000
    Service Pack 3, and Microsoft Windows 2000 Service Pack 4
    <http://www.ntbugtraq.com/link/0692c27e-f63a-414c-b3eb-d2342fbb6c00.asp>
      * Microsoft Windows XP and Microsoft Windows XP Service Pack 1
    <http://www.ntbugtraq.com/link/3549ea9e-da3f-43b9-a4f1-af243b6168f3.asp>
      * Microsoft Windows XP 64-Bit Edition Service Pack 1
    <http://www.ntbugtraq.com/link/c6b55ef2-d9fe-4dbe-ab7d-73a20c82ff73.asp>
      * Microsoft Windows XP 64-Bit Edition Version 2003
    <http://www.ntbugtraq.com/link/c207d372-e883-44a6-a107-6cd2d29fc6f5.asp>
      * Microsoft Windows Server 2003
    <http://www.ntbugtraq.com/link/eab176d0-01cf-453e-ae7e-7495864e8d8c.asp>
      * Microsoft Windows Server 2003 64-Bit Edition
    <http://www.ntbugtraq.com/link/c207d372-e883-44a6-a107-6cd2d29fc6f5.asp>
      * Microsoft NetMeeting
      * Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
    Microsoft Windows Millennium Edition (ME)
    Review the FAQ section of this bulletin for details about these
    operating systems.

    Technical Description:
    Executive Summary:
    This update resolves several newly-discovered vulnerabilities. Each
    vulnerability is documented in this bulletin in its own section.

    An attacker who successfully exploited the most severe of these
    vulnerabilities could take complete control of an affected system,
    including installing programs; viewing, changing, or deleting data; or
    creating new accounts that have full privileges.

    LSASS Vulnerability - CAN-2003-0533
    LDAP Vulnerability - CAN-2003-0663
    PCT Vulnerability - CAN-2003-0719
    Winlogon Vulnerability - CAN-2003-0806
    Metafile Vulnerability - CAN-2003-0906
    Help and Support Center Vulnerability - CAN-2003-0907
    Utility Manager Vulnerability - CAN-2003-0908
    Windows Management Vulnerability - CAN-2003-0909
    Local Descriptor Table Vulnerability - CAN-2003-0910
    H.323 Vulnerability* - CAN-2004-0117
    Virtual DOS Machine Vulnerability - CAN-2004-0118
    Negotiate SSP Vulnerability - CAN-2004-0119
    SSL Vulnerability - CAN-2004-0120
    ASN.1 'Double Free' Vulnerability - CAN-2004-0123

    This email is sent to NTBugtraq automagically as a service to my
    subscribers. (v4.00.1564.10850)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
    -----


  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #140
      ... Cafelog b2 Remote File Include Vulnerability ... Webfroot Shoutbox Remote Command Execution Vulnerability ... Pablo Software Solutions Baby POP3 Server Multiple Connection... ... Microsoft Windows XP Nested Directory Denial of Service... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #127
      ... TCPDump Malformed ISAKMP Packet Denial Of Service Vulnerability ... Apache Web Server MIME Boundary Information Disclosure... ... Microsoft Windows ME Help and Support Center Buffer Overflow... ... InstantServer ISMail Remote User Fields Buffer Overflow... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #138
      ... Nessus LibNASL Arbitrary Code Execution Vulnerability ... Blackmoon FTP Server Username Information Disclosure... ... Microsoft Windows Media Player Automatic File Download and... ...
      (Focus-Microsoft)
    • [NT] Cumulative Security Update for Internet Explorer (889293, MS04-040)
      ... Get your security news from a reliable source. ... This update resolves a newly-discovered publicly reported vulnerability. ... * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ...
      (Securiteam)
    • SecurityFocus Microsoft Newsletter #71
      ... DaanSystems NewsReactor Password Encoding Vulnerability ... Microsoft Windows NT Inaccurate Login Logging Vulnerability ... Oracle RDBMS Server Default Account Vulnerability ... Avirt Gateway Suite Telnet Proxy Remote SYSTEM Access... ...
      (Focus-Microsoft)