Re: Critical Update KB828035
From: Mike T (mike_tavares_at_hotmail.com)
Date: Sun, 16 Nov 2003 22:16:50 GMT
Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
Issued: October 15, 2003
Updated: November 14, 2003
Version Number: 2.2
See all Windows bulletins released October, 2003
Who Should Read This Document: Customers using Microsoft® Windows®
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should disable the Messenger Service immediately
and evaluate their need to deploy the patch
Patch Replacement: None
Why is Microsoft reissuing this security update?
Subsequent to the release of this bulletin, it was determined that the
update for Windows XP did not properly place the updated file wkssvc.dll
into the %systemroot%\system32\dllcache. This problem is unrelated to the
security vulnerability discussed in this bulletin. Microsoft recommends that
customers who have previously applied the security update reinstall the
latest version to insure that their system remains protected in the event
that the wkssvc.dll is ever deleted or becomes corrupt.
What version of Windows does this update apply to?
The only version of Windows affected by this specific issue is Windows XP.
"Bobby" <email@example.com> wrote in message
> Would someone be able to tell me why I had to download
> Critical Update KB828035 today? I already downloaded it
> (successfully) on October 19, 2003!
> (Both of them now appear in download history as
> successful downloads.)