Re: Microsoft Security Bulletin MS02-053
From: Richard Benack [MS] (richbe@online.microsoft.com)
Date: 09/27/02
- Next message: mapsonx: "Re: MS02-052"
- Previous message: MARYLIN SHAY: "OUTLOOK EXPRESS OMITTING EMAILS"
- In reply to: Ed: "Microsoft Security Bulletin MS02-053"
- Next in thread: mike singer: "Re: Microsoft Security Bulletin MS02-053"
- Reply: mike singer: "Re: Microsoft Security Bulletin MS02-053"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Richard Benack [MS]" <richbe@online.microsoft.com> Date: Thu, 26 Sep 2002 16:04:54 -0700
You can download the windows 2000 patch from
http://www.microsoft.com/Windows2000/downloads/security/q324096/download.asp
It it is possible to manually harden a server using the same processes as
IISLOCKDOWN...Is there a concern with the tool?
Rich
This posting is provided "AS IS" with no warranties, and confers no rights.
"Ed" <ykphoo@hotmail.com> wrote in message
news:98ee01c26536$5e6609a0$3aef2ecf@TKMSFTNGXA09...
> Hello,
>
> I have just gone through the details regarding this latest
> bulletin and have the following queries:
> 1) Is there a way to disable SmartHTML Interpreter without
> using IIS Lockdown tool?
> 2) Will removing .shtml script mappings from Internet
> Services Manager help to elevate this vulnerability?
> 3) Why isn't there a specify patch that can be downloaded
> for Microsoft FrontPage Server Extensions 2000 for Windows
> 2000? Why the need to use Windows Update as compared to
> the usual single patch download?
>
> Ed
>
> >-----Original Message-----
> >Title: Buffer Overrun in SmartHTML Interpreter Could
> Allow Code Execution
> >(Q324096)
> >Date: 09/25/2002
> >Software: Microsoft FrontPage Server Extensions 2000;
> Microsoft FrontPage
> >Server Extensions 2002; Microsoft Windows 2000 (shipped
> FSPE 2000);
> >Microsoft Windows XP (shipped FPSE 2000)
> >Impact: Buffer overrrun or denial of service
> >Maximum Severity Rating: Critical
> >Bulletin: MS02-053
> >
> >The Microsoft Security Response Center has released
> Microsoft Security
> >Bulletin MS02-053
> >
> >What Is It?
> >The Microsoft Security Response Center has released
> Microsoft Security
> >Bulletin MS02-053 which concerns a vulnerability in
> Microsoft Frontpage
> >Server Extensions. Customers are advised to review the
> information in the
> >bulletin and test and deploy the patch in their
> environments, if applicable.
> >
> >More information is now available at
> >http://www.microsoft.com/technet/security/bulletin/MS02-
> 053.asp
> >
> >If you have any questions regarding the patch or its
> implementation after
> >reading the above listed bulletin you should contact
> Product Support
> >Services in the United States at 1-866-PCSafety (1-866-
> 727-2338) or post in
> >this newsgroup. International customers should contact
> their local
> >subsidiary.
> >
> >--
> >Regards,
> >
> >Jerry Bryant - MCSE, MCDBA
> >Microsoft IT Communities
> >
> >Get Secure! www.microsoft.com/security
> >
> >
> >This posting is provided "AS IS" with no warranties, and
> confers no rights.
> >
> >
> >.
> >
- Next message: mapsonx: "Re: MS02-052"
- Previous message: MARYLIN SHAY: "OUTLOOK EXPRESS OMITTING EMAILS"
- In reply to: Ed: "Microsoft Security Bulletin MS02-053"
- Next in thread: mike singer: "Re: Microsoft Security Bulletin MS02-053"
- Reply: mike singer: "Re: Microsoft Security Bulletin MS02-053"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
