2003 Microsoft Security Bulletin List - Final
Grok Headline matches for 2003 Microsoft Security Bulletin List - Final
ActiveWin.com: Microsoft Security
Bulletin List - Updated
ActiveWin.com: Microsoft Security
Bulletin List - Updated
11/17/2003 11:10 PMWe have updated our list of the security bulletins released so far
this year. Take a look at the list if you think you may have missed
one.
Updated: ActiveWin.com: Microsoft
Security Bulletin List - Updated
Updated: ActiveWin.com: Microsoft
Security Bulletin List - Updated
06/08/2004 06:38 PMWe have re-updated our Microsoft Security Bulletin List for 2004. Be
sure to check it out to see if you missed any of the 17 bulletins
released this year.
Microsoft Security Bulletin MS03-050:
Vulnerability in Microsoft Word and
Microsoft Excel Could Allow Arbitrary
Code to Run (831527)
Microsoft Security Bulletin MS03-050:
Vulnerability in Microsoft Word and
Microsoft Excel Could Allow Arbitrary
Code to Run (831527)
11/13/2003 12:36 AMA security vulnerability exists in Microsoft Word that could allow
malicious code execution. This vulnerability exists due to to the way
Word checks the length of a data value (Macro names) embedded in a
document. If a specially crafted document were to be opened it could
overflow a data value in Word and allow arbitrary code to be executed.
If successfully exploited, an attacker could then take the same
actions as the user had permissions to carry out, such as adding,
changing or deleting data or files, communicating with a web site or
formatting the hard drive.
Microsoft Security Bulletin MS03-048:
Cumulative Security Update for Internet
Explorer (824145)
Microsoft Security Bulletin MS03-048:
Cumulative Security Update for Internet
Explorer (824145)
11/13/2003 12:36 AMThis is a cumulative update that includes the functionality of all the
previously-released updates for Internet Explorer 5.01, Internet
Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates
the following five newly-discovered vulnerabilities.
Microsoft Security Bulletin MS04-025:
Cumulative Security Update for Internet
Explorer (867801)
Microsoft Security Bulletin MS04-025:
Cumulative Security Update for Internet
Explorer (867801)
08/02/2004 01:10 AMThis update resolves several newly discovered public vulnerabilities.
Each vulnerability is documented in this bulletin in its own
Vulnerability Details section.
If a user is logged on with administrative privileges, an attacker who
successfully exploited the most severe of these vulnerabilities could
take complete control of an affected system, including installing
programs; viewing, changing, or deleting data; or creating new
accounts with full privileges. Users whose accounts are configured to
have fewer privileges on the system would be at less risk than users
who operate with administrative privileges.
Microsoft recommends that customers apply the update immediately.
"Microsoft Security Bulletin MS04-011:
Security Update for Microso..."
"Microsoft Security Bulletin MS04-011:
Security Update for Microso..."
04/16/2004 03:38 AMFrom Wish List to Check List: Customer
Input Drives Microsoft Office OneNote
2003 Service Pack 1
From Wish List to Check List: Customer
Input Drives Microsoft Office OneNote
2003 Service Pack 1
04/20/2004 11:26 PMIn an academic setting, a score of 90 percent earns an automatic "A".
By that measure, the team shaping Microsoft Office OneNote 2003 merits
a similar high passing grade. When the innovative application debuted
last October, it reflected the pioneering edge of the digital
note-taking category. Today, Microsoft honed that edge by announcing
the preview release of Microsoft Office OneNote 2003 Service Pack 1
(OneNote SP1). Ninety percent of the features included in the software
update are a direct result of customer input and feedback -- with the
remaining 10 percent coming from indirect customer feedback.
Virginity Security Advisory 2003-002 :
Tritanium Bulletin Board - Read and
write from/to internal (protected)
Threads
Virginity Security Advisory 2003-002 :
Tritanium Bulletin Board - Read and
write from/to internal (protected)
Threads
10/31/2003 06:22 PMVirginity Security (Oct 31 2003)
Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage
Server Extensions Could Allow Code
Execution (813360)
Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage
Server Extensions Could Allow Code
Execution (813360)
11/13/2003 12:36 AMThis bulletin addresses two new security vulnerabilities in Microsoft
FrontPage Server Extensions, the most serious of which could enable an
attacker to run arbitrary code on a user's system.
Microsoft Security Bulletin Discussion
Microsoft Security Bulletin Discussion
02/13/2004 01:12 PMMicrosoft RSS Security Bulletin Feed
Microsoft RSS Security Bulletin Feed
06/09/2004 09:15 AMThis is not a subject any of us can afford to ignore-“Really
Simple Syndication (RSS) makes it possible to offer dynamically
updated headline feeds that can be exposed on Web sites or through RSS
news aggregators. TechNet’s security team has just announced the
first version of an RSS feed for its security bulletins. Read
more.”
Microsoft Security Bulletin MS04-011
Microsoft Security Bulletin MS04-011
05/02/2004 05:41 AMpublicadas el 13 de abril .. patch §„§Š .. a
fix
microsoft.com/technet/security/bulletin/MS04-011.mspx
track this
site | 3 links
Revised: Microsoft Security Bulletin
MS04-025 (2.0)
Revised: Microsoft Security Bulletin
MS04-025 (2.0)
08/01/2004 04:54 PMMicrosoft Security Bulletin MS04-025 Cumulative Security Update for
Internet Explorer (867801)
Maximum Severity Rating: Critical
Security Update Replacement: This update replaces the one that
is provided in Microsoft Security Bulletin MS04-004, which is itself a
cumulative update.
Caveats: Subsequent to the release of this security bulletin,
Microsoft was made aware that the update provided for Windows XP
customers running the new version of Windows Update, Windows Update
Version 5,
did not contain the final release code for the
vulnerabilities addressed in the security bulletin. Microsoft has
corrected the update and is re-releasing this bulletin to advise of
the availability of a revised update available to Windows Update
Version 5 customers. Customers who are utilizing Windows Update
Version 4, the vast majority of customers, are not affected by this
revision.
This update does not include hotfixes for Internet Explorer provided
since the release of MS04-004. Customers who have received hotfixes
from Microsoft or their support providers since the release of
MS04-004 should review the FAQ section for this update to determine
how this update might impact their operating systems.
View:
Microsoft Security Bulletin MS04-025
View:
Microsoft Windows Update
News source:
Microsoft
TechnetRead full story...Microsoft Security Bulletin Advance
Notification
Microsoft Security Bulletin Advance
Notification
04/08/2005 12:21 PMOn April 12, 2005, the Microsoft Security Response Center is planning
to release:
• 5 Microsoft Security Bulletins affecting Microsoft
Windows. The greatest aggregate, maximum severity rating for these
security updates is Critical. Some of these updates will require a
restart. These updates will be detectable using the Microsoft Baseline
Security Analyzer (MBSA).
• 1 Microsoft Security Bulletin affecting Microsoft Office. The
greatest aggregate, maximum severity rating for these security updates
is Critical. These updates will not require a restart. These updates
will be detectable using MBSA.
• 1 Microsoft Security Bulletin affecting MSN Messenger. The greatest
aggregate, maximum severity rating for these security updates is
Critical. These updates may require a restart. These updates will be
detectable using the Enterprise Scanning Tool (EST).
• 1 Microsoft Security Bulletin affecting Microsoft Exchange. The
greatest aggregate, maximum severity rating for these security updates
is Critical. These updates will not require a restart. These updates
will be detectable using MBSA.
View:
Microsoft Security Bulletin Advance
Notification
News source:
Neowin BPN ForumRead full story...REVISED: Microsoft Security Bulletin
MS02-050
REVISED: Microsoft Security Bulletin
MS02-050
11/13/2003 05:23 AMMay's Microsoft Security Bulletin
notifies only one new vulnerability
May's Microsoft Security Bulletin
notifies only one new vulnerability
05/12/2004 09:50 AMPC Pro May 12 2004 2:16PM GMT
Microsoft Security Bulletin MS04-020:
Vulnerability in POSIX
Microsoft Security Bulletin MS04-020:
Vulnerability in POSIX
08/10/2004 04:24 PMOverview
This security vulnerability affects the Microsoft INTERIX® 2.2
product.
System Requirements
Supported Operating Systems: Windows 2000 Service Pack 2, Windows 2000
Service Pack 3, Windows 2000 Service Pack 4, Windows NT
Download:
Microsoft Security Bulletin MS04-020: Vulnerability in
POSIX Could Allow Code ExecutionRead full story...Microsoft Security Bulletin Re-Releases,
April 2005
Microsoft Security Bulletin Re-Releases,
April 2005
04/17/2005 07:00 PMCastle Cops Apr 17 2005 7:25PM GMT
Microsoft Security Bulletin Summary for
June, 2004
Microsoft Security Bulletin Summary for
June, 2004
06/08/2004 01:46 PM
Bulletin Identifier: Microsoft Security Bulletin
MS04-016
Bulletin Title:
Vulnerability in
DirectPlay
Could Allow Denial of Service (839643)
Executive Summary: A
denial of
service vulnerability
exists in the IDirectPlay4 API of Microsoft DirectPlay because of a
lack of robust
packet validation.
Maximum Severity Rating:
Moderate
Impact of Vulnerability: Denial of Service
Affected Software: Windows. For more information, see the
Affected Software
and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin
MS04-017
Bulletin Title:
Vulnerability in Crystal Reports Web Viewer Could Allow Information
Disclosure and
Denial of Service (842689)
Executive Summary: A directory traversal vulnerability
exists in Crystal
Reports and Crystal Enterprise from Business Objects that could allow
Information
Disclosure and Denial of Service attacks on an affected system.
Maximum Severity Rating:
Moderate
Impact of Vulnerability: Information Disclosure and Denial
of Service
Affected Software: Visual Studio .NET 2003, Outlook 2003
with Business
Contact Manager, Microsoft Business
Microsoft July 2004 Security Bulletin
Releases
Microsoft July 2004 Security Bulletin
Releases
07/13/2004 05:18 PMMicrosoft Security Bulletin Re-release,
August 2004
Microsoft Security Bulletin Re-release,
August 2004
08/01/2004 11:52 AMIIS Resources Aug 1 2004 3:10PM GMT
"Microsoft Security Bulletin MS04-012:
Cumulative Update for Micro..."
"Microsoft Security Bulletin MS04-012:
Cumulative Update for Micro..."
04/16/2004 03:38 AMMicrosoft Security Bulletin Advance
Notification (April 2005)
Microsoft Security Bulletin Advance
Notification (April 2005)
04/09/2005 09:56 PMTechzonez Apr 10 2005 1:59AM GMT
Microsoft Security Bulletin MS04-020:
Vulnerability in POSIX Could Allow Code
Execution
Microsoft Security Bulletin MS04-020:
Vulnerability in POSIX Could Allow Code
Execution
08/11/2004 01:18 AMA privilege elevation vulnerability exists in the POSIX subsystem.
This vulnerability could allow a logged on user to take complete
control of the system.
Microsoft Security Bulletin MS04-016:
Vulnerability in DirectPlay Could Allow
Denial of Service (839643)
Microsoft Security Bulletin MS04-016:
Vulnerability in DirectPlay Could Allow
Denial of Service (839643)
07/13/2004 12:00 PMThis update resolves a newly-discovered, privately reported
vulnerability. A denial of service vulnerability exists in the
implementation of the IDirectPlay4 application programming interface
(API) of Microsoft DirectPlay because of a lack of robust packet
validation. The vulnerability is documented in the Vulnerability
Details section of this bulletin.
If a user is running a networked DirectPlay application, an attacker
who successfully exploited this vulnerability could cause the
DirectPlay application to fail. The user would have to restart the
application to resume functionality.
Microsoft recommends that customers should consider applying the
security update.
Microsoft Security Bulletin MS04-027:
Vulnerability in WordPerfect Converter
Could Allow Code Execution (884933)
Microsoft Security Bulletin MS04-027:
Vulnerability in WordPerfect Converter
Could Allow Code Execution (884933)
09/15/2004 01:56 AMThis update resolves a newly discovered, privately reported
vulnerability. A remote code execution vulnerability exists in the
WordPerfect 5.x Converter that is provided as part of the affected
software. The vulnerability is documented in the Vulnerability Details
section of this bulletin.
If a user is logged on with administrative privileges, an attacker who
successfully exploited this vulnerability could take complete control
of an affected system, including installing programs; viewing,
changing, or deleting data; or creating new accounts with full
privileges. Users whose accounts are configured to have fewer
privileges on the system would be at less risk than users who operate
with administrative privileges. However, user interaction is required
to exploit this vulnerability.
SMS 2003 - Microsoft KB List
SMS 2003 - Microsoft KB List
08/31/2004 07:24 PMMicrosoft Security Bulletin MS03-008:
Flaw in Windows Script Engine Could
Allow Code Execution (814078)
Microsoft Security Bulletin MS03-008:
Flaw in Windows Script Engine Could
Allow Code Execution (814078)
03/19/2003 10:25 PMMicrosoft Security Bulletin MS03-049:
Buffer Overrun in the Workstation
Service Could Allow Code Execution
(828749)
Microsoft Security Bulletin MS03-049:
Buffer Overrun in the Workstation
Service Could Allow Code Execution
(828749)
11/13/2003 12:36 AMA security vulnerability exists in the Workstation service that could
allow remote code execution on an affected system. This vulnerability
results because of an unchecked buffer in the Workstation service.
If exploited, an attacker could gain System privileges on an affected
system, or could cause the Workstation service to fail. An attacker
could take any action on the system, including installing programs,
viewing data, changing data, or deleting data, or creating new
accounts with full privileges.
"Microsoft Security Bulletin
MS04-028:
Buffer Overrun in JPEG
Processing (GDI+) Could Allow Code
Execution (833987)"
"Microsoft Security Bulletin
MS04-028:
Buffer Overrun in JPEG
Processing (GDI+) Could Allow Code
Execution (833987)"
09/15/2004 09:31 PMMicrosoft Security Bulletin MS04-028:
Buffer Overrun in JPEG Processing (GDI+)
Could Allow Code Execution (833987)
Microsoft Security Bulletin MS04-028:
Buffer Overrun in JPEG Processing (GDI+)
Could Allow Code Execution (833987)
09/15/2004 01:56 AMThis update resolves a newly-discovered, privately reported
vulnerability. A buffer overrun vulnerability exists in the processing
of JPEG image formats that could allow remote code execution on an
affected system. The vulnerability is documented in this bulletin in
its own section.
If a user is logged on with administrator privileges, an attacker who
successfully exploited this vulnerability could take complete control
of an affected system, including installing programs; viewing,
changing, or deleting data; or creating new accounts with full
privileges. Users whose accounts are configured to have fewer
privileges on the system would be at less risk than users who operate
with administrative privileges.
Microsoft Security Bulletin MS03-009:
Flaw In ISA Server DNS Intrusion
Detection Filter Can Cause Denial Of
Service (331065)
Microsoft Security Bulletin MS03-009:
Flaw In ISA Server DNS Intrusion
Detection Filter Can Cause Denial Of
Service (331065)
03/20/2003 08:33 AMMicrosoft Security Bulletin MS03-009:
Flaw In ISA Server DNS Intrusion
Detection Filter Can Cause Denial Of
Service (331065) (fwd)
Microsoft Security Bulletin MS03-009:
Flaw In ISA Server DNS Intrusion
Detection Filter Can Cause Denial Of
Service (331065) (fwd)
03/20/2003 11:48 AMDave Ahmad (Mar 20 2003)
Microsoft Puts the Final Touches on
Windows Server 2003 SP1
Microsoft Puts the Final Touches on
Windows Server 2003 SP1
03/30/2005 03:17 PMThe Redmond software vendor is expected to announce this week the
release to manufacturing of its security-laden Service Pack 1.
Microsoft Puts Final Touches on Windows
Server 2003 SP1
Microsoft Puts Final Touches on Windows
Server 2003 SP1
03/30/2005 05:24 PMMicrosoft is expected to announce this week—most likely on Thursday
morning—that it has released to manufacturing Windows Server 2003
Service Pack 1 (SP1).
SP1, the server counterpart to Windows XP Service Pack 2, is primarily
a security update. But, as was the case with XP SP2, Windows Server
2003 SP1 also will include some brand-new features. SP1 is the
foundation for Microsoft's forthcoming 64-bit Windows Server 2003
releases.
The WinBeta.com Windows enthusiast site posted a note on Tuesday
claiming that Microsoft had released Build 1830 of Windows Server 2003
SP1 to manufacturing. WinBeta also reported that Windows XP
Professional x64 also was released to manufacturing at the same time.
Microsoft Security Bulletin MS04-017:
Vulnerability in Crystal Reports Web
Viewer Could Allow Information
Disclosure and Denial of Service
(842689)
Microsoft Security Bulletin MS04-017:
Vulnerability in Crystal Reports Web
Viewer Could Allow Information
Disclosure and Denial of Service
(842689)
07/13/2004 12:00 PMThis update resolves a newly-discovered vulnerability in Crystal
Reports and Crystal Enterprise from Business Objects. Microsoft Visual
Studio .NET 2003 (all versions) and Outlook 2003 with Business Contact
Manager redistribute Crystal Reports and are therefore affected by the
vulnerability. Microsoft Business Solutions CRM 1.2 redistributes
Crystal Enterprise, which is affected in the same way. The
vulnerability is documented in the Vulnerability Details section of
this bulletin.
An attacker who successfully exploited the vulnerability could
retrieve and delete files through the Crystal Reports and Crystal
Enterprise Web viewers on an affected system. The number of files of
files that are impacted by this vulnerability would depend on the
security context of the affected component that is used by the Crystal
Web viewer.
Microsoft Puts the Final Touches on
Windows Server 2003 SP1 (Ziff Davis)
Microsoft Puts the Final Touches on
Windows Server 2003 SP1 (Ziff Davis)
03/30/2005 02:02 PMZiff Davis - The Redmond software vendor is expected to announce this
week the release to manufacturing of its security-laden Service Pack
1.
InfoWorld: Microsoft prepares security
assault on Linux: November 11, 2003: By
Kieren McCarthy, Techworld.com: Security
InfoWorld: Microsoft prepares security
assault on Linux: November 11, 2003: By
Kieren McCarthy, Techworld.com: Security
11/12/2003 10:23 PMRun Microsoft Network Security Hotfix
Checker (HFNetChk) against a list of
machines
Run Microsoft Network Security Hotfix
Checker (HFNetChk) against a list of
machines
06/07/2004 07:22 AMGrok Description matches for 2003 Microsoft Security Bulletin List - Final
GrokA matches for 2003 Microsoft Security Bulletin List - Final
2003 Microsoft Security Bulletin List - Final
