Re: Microsoft Security Bulletin Release for 10/15/2003
From: Mike (forest_test_at_excite.com)
Date: 16 Oct 2003 09:34:03 -0700
Why are there two versions of these updates? There is one install
package for SP2 and a separate one for SP3&SP4. As far as I can tell
they are identical. I have extracted their contents and they have the
same file sizes and dates. The reason this concerns me is that the
package for SP2 will install successfully on a system with SP4.
"Jerry Bryant [MSFT]" <firstname.lastname@example.org> wrote in message news:<uWnl1g0kDHA.1408@TK2MSFTNGP11.phx.gbl>...
> NOTE: http://www.microsoft.com/technet/security and
> http://microsoft.com/security are authoritative in all matters concerning
> Microsoft Security Bulletins! ANY email, web board or newsgroup posting
> should be verified by visiting these sites for official information.
> Microsoft never sends security updates as email attachments!
> Today Microsoft released the following Security Bulletins. This represents
> the first release under our new monthly release schedule and Security
> Bulletin format.
> Microsoft Windows Security Bulletin Summary for October, 2003
> Microsoft Exchange Server Security Bulletin Summary for October, 2003
> Links to individual Bulletins:
> MS03-041 - Flaw in Authentication Verification Could Allow Remote Code
> Execution - Severity Rating: Critical
> MS03-042 - Buffer Overflow in Windows Troubleshooter ActiveX Control Could
> Allow Code Execution - Rating: Important
> MS03-043 - Buffer Overrun in Messenger Service Could Allow Code Execution -
> Severity Rating: Critical, Severity Rating for Trustworthy Computing
> Initiative Products: Moderate
> MS03-044 - Flaw in Windows Help and Support Center Could Lead to System
> Compromise - Severity Rating: Critical
> MS03-045 - Buffer Overrun in the ListBox and in the ComboBox Control Could
> Allow Code Execution - Severity Rating: Important
> MS03-046 - Flaw in Exchange Server Could Allow Arbitrary Code Execution -
> Severity Rating: Critical
> MS03-047 - Flaw in Exchange Server 5.5 Outlook Web Access Could Allow
> Cross-Site Scripting Attack - Severity Rating: Moderate
> Jerry Bryant - MCSE, MCDBA
> Microsoft IT Communities
> Get Secure! www.microsoft.com/security
> This posting is provided "AS IS" with no warranties, and confers no rights.