Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011

From: Jonathan Maltz [MS-MVP] (jmaltz_at_mvps.org)
Date: 04/23/04

  • Next message: Dmitrii S. Zakharov [MSFT]: "Re: Failed audits on administrative accouts" 
    Date: Fri, 23 Apr 2004 15:11:37 -0400

    Is there an article for IIS 6.0?

    04-011 is indicated for Server 2003 as well 

    -- 
--Jonathan Maltz [Microsoft MVP - Windows Server, Virtual PC]
http://www.visualwin.com - A Windows Server 2003 visual, step-by-step
tutorial site :-)
http://vpc.visualwin.com - Does <insert OS name> work on VPC 2004?  Find out
here
Only reply by newsgroup.  I do not do technical support via email.  Any
emails I have not authorized are deleted before I see them.
"Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message
news:%233aEkhPKEHA.3944@tk2msftngp13.phx.gbl...
> Note: www.microsoft.com/technet/security and www.microsoft.com/security
are
> authoritative in all matters concerning Microsoft Security Bulletins! ANY
> e-mail, web board or newsgroup posting (including this one) should be
> verified by visiting these sites for official information. Microsoft never
> sends security or other updates as attachments. These updates must be
> downloaded from the microsoft.com download center or Windows Update. See
the
> individual bulletins for details.
>
> Because some malicious messages attempt to masquerade as official
Microsoft
> security notices, it is recommended that you physically type the URLs into
> your web browser and not click on the hyperlinks provided.
>
> What is this alert?
>
> - Microsoft is aware of code available on the Internet that seeks to
exploit
> vulnerabilities addressed as part of our April 13th security updates. We
are
> investigating the situation to help protect our customers.  Specifically,
> the reports detail exploit code that attempts to use the IIS PCT/SSL
> vulnerability on servers running Internet Information Services with the
> Secure Socket Layer authentication enabled.  This vulnerability is
addressed
> by bulletin MS04-011.  Customers who have deployed MS04-011 are not at
risk
> from this exploit code.
>
> - Microsoft considers these reports credible and serious and continues to
> urge all customers to immediately install the MS4-011 update as well as
the
> other critical updates provided on April 13th.
>
> - Customers who are still evaluating and testing MS04-011 should
immediately
> implement the workaround steps detailed for the PCT/SSL vulnerability
> detailed in the MS04-011.  In addition, Microsoft has published a
knowledge
> base article KB187498 at
> http://support.microsoft.com/default.aspx?scid=kb;en-us;187498  which
> provides additional details on SSL and how to disable PCT without applying
> MS04-011.
>
> - We expect to see additional exploits and proof-of-concept code targeting
> the April 2004 security bulletin release in coming days and weeks,
> potentially including worm or virus examples.
>
> If you have any questions regarding the security updates or its
> implementation after reading the above listed bulletin you should contact
> Product Support Services in the United States at 1-866-PCSafety
> (1-866-727-2338).  International customers should contact their local
> subsidiary.
>
> Thank you,
> Microsoft PSS Security Team
>
> -- 
> Regards,
>
> Jerry Bryant - MCSE, MCDBA
> Microsoft IT Communities
>
> Get Secure! www.microsoft.com/security
>
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
  • Next message: Dmitrii S. Zakharov [MSFT]: "Re: Failed audits on administrative accouts"

    Relevant Pages

    • <>
      ... > Microsoft Security Bulletin Advance Notification issued: ... > Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. ...
      (microsoft.public.windows.server.sbs)
    • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
      ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
      (Securiteam)
    • Re: Does Microsoft take Security Seriously? - Internet Bank hacked - it could happen to you!
      ... take security seriously. ... I have used Microsoft products for year without ... while downloading those updates. ... As soon as I connected to the Internet, I did a Windows Update - I ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Microsoft Security Bulletins for December 2007
      ... Microsoft released today the following security bulletins. ... high-priority updates and 2007 ... Microsoft Office Service Pack 1 on Microsoft Update and Windows ...
      (microsoft.public.windowsupdate)
    • SecurityFocus Microsoft Newsletter #75
      ... Microsoft's Internet Security & Acceleration Server with fault-tolerance ... The Microsoft UPnP Vulnerability ... Relevant URL: ...
      (Focus-Microsoft)