Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011

From: Jonathan Maltz [MS-MVP] (jmaltz_at_mvps.org)
Date: 04/25/04

  • Next message: Anton ml. Vahčič: "outlook express and deleted mail"
    Date: Sun, 25 Apr 2004 15:28:20 -0400
    
    

    Hi Karl,

    Thanks

    -- 
    --Jonathan Maltz [Microsoft MVP - Windows Server, Virtual PC]
    http://www.visualwin.com - A Windows Server 2003 visual, step-by-step
    tutorial site :-)
    http://vpc.visualwin.com - Does <insert OS name> work on VPC 2004?  Find out
    here
    Only reply by newsgroup.  I do not do technical support via email.  Any
    emails I have not authorized are deleted before I see them.
    "Karl Levinson [x y] mvp" <levinson_k@despammed.com> wrote in message
    news:%237I1sOsKEHA.3076@TK2MSFTNGP10.phx.gbl...
    > The workaround is the same, but you don't need a workaround for Server
    2003,
    > unless you have enabled TLS 1.0  Server 2003 is not vulnerable to this by
    > default.  Both SSL 2.0 and TLS 1.0 must be enabled to be vulnerable.
    >
    >
    > "Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message
    > news:eASx0aWKEHA.4032@TK2MSFTNGP10.phx.gbl...
    > > Is there an article for IIS 6.0?
    > >
    > > 04-011 is indicated for Server 2003 as well
    > >
    > > -- 
    > > --Jonathan Maltz [Microsoft MVP - Windows Server, Virtual PC]
    > > http://www.visualwin.com - A Windows Server 2003 visual, step-by-step
    > > tutorial site :-)
    > > http://vpc.visualwin.com - Does <insert OS name> work on VPC 2004?  Find
    > out
    > > here
    > > Only reply by newsgroup.  I do not do technical support via email.  Any
    > > emails I have not authorized are deleted before I see them.
    > >
    > >
    > > "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message
    > > news:%233aEkhPKEHA.3944@tk2msftngp13.phx.gbl...
    > > > Note: www.microsoft.com/technet/security and
    www.microsoft.com/security
    > > are
    > > > authoritative in all matters concerning Microsoft Security Bulletins!
    > ANY
    > > > e-mail, web board or newsgroup posting (including this one) should be
    > > > verified by visiting these sites for official information. Microsoft
    > never
    > > > sends security or other updates as attachments. These updates must be
    > > > downloaded from the microsoft.com download center or Windows Update.
    See
    > > the
    > > > individual bulletins for details.
    > > >
    > > > Because some malicious messages attempt to masquerade as official
    > > Microsoft
    > > > security notices, it is recommended that you physically type the URLs
    > into
    > > > your web browser and not click on the hyperlinks provided.
    > > >
    > > > What is this alert?
    > > >
    > > > - Microsoft is aware of code available on the Internet that seeks to
    > > exploit
    > > > vulnerabilities addressed as part of our April 13th security updates.
    We
    > > are
    > > > investigating the situation to help protect our customers.
    > Specifically,
    > > > the reports detail exploit code that attempts to use the IIS PCT/SSL
    > > > vulnerability on servers running Internet Information Services with
    the
    > > > Secure Socket Layer authentication enabled.  This vulnerability is
    > > addressed
    > > > by bulletin MS04-011.  Customers who have deployed MS04-011 are not at
    > > risk
    > > > from this exploit code.
    > > >
    > > > - Microsoft considers these reports credible and serious and continues
    > to
    > > > urge all customers to immediately install the MS4-011 update as well
    as
    > > the
    > > > other critical updates provided on April 13th.
    > > >
    > > > - Customers who are still evaluating and testing MS04-011 should
    > > immediately
    > > > implement the workaround steps detailed for the PCT/SSL vulnerability
    > > > detailed in the MS04-011.  In addition, Microsoft has published a
    > > knowledge
    > > > base article KB187498 at
    > > > http://support.microsoft.com/default.aspx?scid=kb;en-us;187498  which
    > > > provides additional details on SSL and how to disable PCT without
    > applying
    > > > MS04-011.
    > > >
    > > > - We expect to see additional exploits and proof-of-concept code
    > targeting
    > > > the April 2004 security bulletin release in coming days and weeks,
    > > > potentially including worm or virus examples.
    > > >
    > > > If you have any questions regarding the security updates or its
    > > > implementation after reading the above listed bulletin you should
    > contact
    > > > Product Support Services in the United States at 1-866-PCSafety
    > > > (1-866-727-2338).  International customers should contact their local
    > > > subsidiary.
    > > >
    > > > Thank you,
    > > > Microsoft PSS Security Team
    > > >
    > > > -- 
    > > > Regards,
    > > >
    > > > Jerry Bryant - MCSE, MCDBA
    > > > Microsoft IT Communities
    > > >
    > > > Get Secure! www.microsoft.com/security
    > > >
    > > >
    > > > This posting is provided "AS IS" with no warranties, and confers no
    > > rights.
    > > >
    > > >
    > >
    > >
    >
    >
    

  • Next message: Anton ml. Vahčič: "outlook express and deleted mail"