Re: Microsoft Security Bulletin MS03-040 - 828750

From: PCR (pcrrcp_at_netzero.net)
Date: 10/05/03 

Date: Sat, 4 Oct 2003 22:27:59 -0400

Well, as cquirke said, even an URL can be faked, perhaps in HTML only--
still, a convincing enough post, with a signature such as yours will
entice one to click any URL. So, it's best to just put any critical fix
at Windows Update. Fine! We've all clicked a half million URLs by now,
and I've got a collection of 500, but... BUT...... well... this post
might be a favorite kind of target. Indeed, Swen has been here imitating
MS already, you know. So, until you do some of what Nancie suggested,
which is some kind of screening of posts, it's best to keep it at
Windows Update.

But do come by now & then, even just to tell us one has come out. This
is because some of us may have uninstalled the MS Critical Update
Notification Tool, whether accidentally or for any other valid reason. 

-- 
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR
pcrrcp@netzero.net
"Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message
news:upMZZBpiDHA.616@TK2MSFTNGP11.phx.gbl...
| There is some interesting feedback here to my post. FYI, I personally
have
| been posting our security bulletins and alerts in these newsgroups for
over
| two years now. In fact, I created these security newsgroups (.security
and
| .security.virus) mainly for this purpose. My post is completely
consistent
| with the way I have always posted them. This is the first time anyone
had
| issues with cross posting. I understand the basis of those concerns
though
| and will take them in to consideration. So, in light of recent swen
issues
| in these newsgroups, is it the general feeling of all here that cross
| posting should not be used to communicate these bulletin releases?
|
| Microsoft has always maintained that
www.microsoft.com/technet/security is
| authoritative in regards to security issues with our products. This
means
| that even if you are subscribed to our security bulletin notification
| service, you should verify the validity of that information by going
to that
| site.
|
| -- 
| Regards,
|
| Jerry Bryant - MCSE, MCDBA
| Microsoft IT Communities
|
| Get Secure! www.microsoft.com/security
|
|
| This posting is provided "AS IS" with no warranties, and confers no
rights.
| "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message
| news:Ol5il6hiDHA.3712@tk2msftngp13.phx.gbl...
| > Title: Cumulative Patch for Internet Explorer Execution (828750)
| > Date: October 3, 2003
| > Software:
| > Internet Explorer 5.01
| > Internet Explorer 5.5
| > Internet Explorer 6.0
| > Internet Explorer 6.0 for Windows Server 2003
| > Impact: Run code of attacker's choice.
| > Maximum Severity Rating: Critical
| > Bulletin: MS03-040
| >
| > The Microsoft Security Response Center has released Microsoft
Security
| > Bulletin MS03-040
| >
| > What Is It?
| > The Microsoft Security Response Center has released Microsoft
Security
| > Bulletin MS03-040 which concerns a vulnerability in Internet
Explorer.
| > Customers are advised to review the information in the bulletin,
test and
| > deploy the patch immediately in their environments, if applicable.
| >
| > More information is now available at
| > http://www.microsoft.com/technet/security/bulletin/MS03-040.asp
| >
| > If you have any questions regarding the patch or its implementation
after
| > reading the above listed bulletin you should contact Product Support
| > Services in the United States at 1-866-PCSafety (1-866-727-2338).
| > International customers should contact their local subsidiary.
| >
| >
| >
| > -- 
| > Regards,
| >
| > Jerry Bryant - MCSE, MCDBA
| > Microsoft IT Communities
| >
| > Get Secure! www.microsoft.com/security
| >
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| rights.
| >
| >
|
|

Relevant Pages

  • Neue Sicherheits-Bulletins - KRITISCHE UPDATES - Bitte beachten
    ... Bulletin Anfang. ... Microsoft is releasing the following four new security bulletins for newly discovered vulnerabilities: ... Windows Services for UNIX, ...
    (microsoft.public.de.german.visio)
  • [NT] Vulnerability in JView Profiler Could Allow Remote Code Execution (MS05-037)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... through Internet Explorer, this update sets the kill bit for the JView ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ...
    (Securiteam)
  • Re: Security warning zone?
    ... Service presented in Internet Explorer Enhanced Security. ... you may removed Internet Explorer Enhanced ... Click Close and reboot the server. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Microsoft Security Bulletin MS01-055 (Version 2.0)
    ... The following is a Security Bulletin from the Microsoft Product Security ... The third vulnerability is a new variant of a vulnerability ...
    (Bugtraq)
  • <>
    ... > Microsoft Security Bulletin Advance Notification issued: ... > Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. ...
    (microsoft.public.windows.server.sbs)