Office XP Update: March 23, 2004

From: insecure (insecure_at_AMERITECH.NET)
Date: 04/16/04

  • Next message: Aviram Jenik: "Zaep AntiSpam Cross Site Scripting"
    Date:         Fri, 16 Apr 2004 16:10:33 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    I guess Microsoft is getting in to the habit of releasing security
    updates without a security bulletin. That should help them in their
    public relations, oops I mean security, campaign.

    This update won't show up on Windows Update. If you do a scan on Office
    Update you'll be offered the patch. How many people do that on a regular
    basis?

    http://support.microsoft.com/?kbid=833858

    Release Date: March 23, 2004

    SUMMARY
    Microsoft has released an update to Microsoft Office XP. This update
    contains important security and stability enhancements in the Microsoft
    Script Editor and may require that you restart your computer

    List of issues fixed by the update
    The Office XP Update: KB833858 fixes the following issues that were
    previously not documented in the Microsoft Knowledge Base.

    Default debugging permissions have been enhanced
    Changes have been made to the Microsoft Visual Studio .NET debugger that
    is included in Microsoft Office XP to make debugging permissions more
    restrictive. As a security enhancement, users who are not part of the
    Administrators group or the Debugger Users group will no longer be able
    to debug scripts with the Microsoft Script Editor.

    -----
    Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
    -----


  • Next message: Aviram Jenik: "Zaep AntiSpam Cross Site Scripting"

    Relevant Pages

    • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
      ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
      (Securiteam)
    • SecurityFocus Microsoft Newsletter #75
      ... Microsoft's Internet Security & Acceleration Server with fault-tolerance ... The Microsoft UPnP Vulnerability ... Relevant URL: ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #120
      ... Strengthening Network Security: FREE Guide Network security is a ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows File Protection Signed File Replacement... ... PlatinumFTPServer Information Disclosure Vulnerability ...
      (Focus-Microsoft)
    • Re: A 6% fix from Microsoft Security Bulletin MS03-040 - 828750
      ... Now if the geeks over at Microsoft could get "infected" with some of this ... The Internet is already mind blowing in the way it can bring people ... that creates an unacceptable risk of security compromise and we need to shut ... down all Internet browsing with IE. ...
      (microsoft.public.win2000.security)
    • SecurityFocus Microsoft Newsletter # 87
      ... Meeting IT Security Benchmarks Through IT Audits ... MICROSOFT VULNERABILITY SUMMARY ... Bypassing Windows 2000 Domain Password settings ...
      (Focus-Microsoft)