Office XP Update: March 23, 2004

• Previous message: Tiago Halm: "[BUG-CORRECTION] IISShield "Server" header costumization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Fri, 16 Apr 2004 16:10:33 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

I guess Microsoft is getting in to the habit of releasing security
updates without a security bulletin. That should help them in their
public relations, oops I mean security, campaign.

This update won't show up on Windows Update. If you do a scan on Office
Update you'll be offered the patch. How many people do that on a regular
basis?

http://support.microsoft.com/?kbid=833858

Release Date: March 23, 2004

SUMMARY
Microsoft has released an update to Microsoft Office XP. This update
contains important security and stability enhancements in the Microsoft
Script Editor and may require that you restart your computer

List of issues fixed by the update
The Office XP Update: KB833858 fixes the following issues that were
previously not documented in the Microsoft Knowledge Base.

Default debugging permissions have been enhanced
Changes have been made to the Microsoft Visual Studio .NET debugger that
is included in Microsoft Office XP to make debugging permissions more
restrictive. As a security enhancement, users who are not part of the
Administrators group or the Debugger Users group will no longer be able
to debug scripts with the Microsoft Script Editor.

-----
Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
-----

• Previous message: Tiago Halm: "[BUG-CORRECTION] IISShield "Server" header costumization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [NT] Cumulative Security Update for Internet Explorer (MS04-025) ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ... (Securiteam) SecurityFocus Microsoft Newsletter #75 ... Microsoft's Internet Security & Acceleration Server with fault-tolerance ... The Microsoft UPnP Vulnerability ... Relevant URL: ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #120 ... Strengthening Network Security: FREE Guide Network security is a ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows File Protection Signed File Replacement... ... PlatinumFTPServer Information Disclosure Vulnerability ... (Focus-Microsoft) Re: A 6% fix from Microsoft Security Bulletin MS03-040 - 828750 ... Now if the geeks over at Microsoft could get "infected" with some of this ... The Internet is already mind blowing in the way it can bring people ... that creates an unacceptable risk of security compromise and we need to shut ... down all Internet browsing with IE. ... (microsoft.public.security) Re: A 6% fix from Microsoft Security Bulletin MS03-040 - 828750 ... Now if the geeks over at Microsoft could get "infected" with some of this ... The Internet is already mind blowing in the way it can bring people ... that creates an unacceptable risk of security compromise and we need to shut ... down all Internet browsing with IE. ... (microsoft.public.security.virus)