Thread: Run up for plug clearing
View Single Post
  #76  
Old October 13th 04, 06:04 PM
Larry Dighera
external usenet poster
  
Posts: n/a
Default
On Sat, 9 Oct 2004 11:48:55 -0700, "Peter Duniho"
wrote in
::

I'll say this much for you...you certainly don't miss a chance to express
your anti-Microsoft religious views.


My views are supported by Microsoft itself as evidenced by their
security patches released yesterday:


http://entmag.com/news/article.asp?EditorialsID=6403

News

Microsoft Releases 10 Security Bulletins

by Scott Bekker

October 12, 2004

In one of its biggest monthly "Patch Tuesday" events yet, Microsoft
posted 10 new security bulletins, seven of them for critical flaws
that could allow attackers to remotely take control of a computer.
The new bulletins are Microsoft's 29th through 38th of the year. They
follow a month when Microsoft released only one bulletin for flaw in
Microsoft's component for processing JPEG images. Microsoft also on
Tuesday released an updated version of its tool for detecting programs
that require the patch for the JPEG component.


http://www.microsoft.com/technet/sec.../ms04-oct.mspx
Summary
Included in this advisory are updates for newly discovered
vulnerabilities. These vulnerabilities, broken down by severity a

Critical (7)


Bulletin Identifier Microsoft Security Bulletin MS04-032
Bulletin Title
Security Update for Microsoft Windows (840987)

Executive Summary
A remote code execution vulnerability, two elevation of privilege
vulnerabilities, and a denial of service vulnerability exist in
Windows. The most severe vulnerability could allow remote code
execution on an affected system.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Windows. For more information, see the Affected Software and Download
Locations section.

Bulletin Identifier Microsoft Security Bulletin MS04-033
Bulletin Title
Vulnerability in Microsoft Excel Could Allow Remote Code Execution
(886836)

Executive Summary
A vulnerability exists in Microsoft Excel that could allow remote
code execution on an affected system.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Office, Excel, Office for Mac, Excel for Mac. For more information,
see the Affected Software and Download Locations section.

Bulletin Identifier Microsoft Security Bulletin MS04-034
Bulletin Title
Vulnerability in Compressed (zipped) Folders Could Allow Remote Code
Execution (873376)

Executive Summary
A vulnerability exists in the way that Windows processes Compressed
(zipped) Folders that could allow remote code execution on an affected
system.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Windows. For more information, see the Affected Software and Download
Locations section.

Bulletin Identifier Microsoft Security Bulletin MS04-035
Bulletin Title
Vulnerability in SMTP Could Allow Remote Code Execution (885881)

Executive Summary
A vulnerability exists in the Windows SMTP component and Exchange
Server Routing Engine component that could allow remote code execution
on an affected system.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Windows and Exchange. For more information, see the Affected Software
and Download Locations section.

Bulletin Identifier Microsoft Security Bulletin MS04-036
Bulletin Title
Vulnerability in NNTP Could Allow Remote Code Execution (883935)

Executive Summary
A vulnerability exists in the Windows NNTP Component that could allow
remote code execution on an affected system.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Windows and Exchange. For more information, see the Affected Software
and Download Locations section.

Bulletin Identifier Microsoft Security Bulletin MS04-037
Bulletin Title
Vulnerability in Windows Shell Could Allow Remote Code Execution
(841356)

Executive Summary
A vulnerability exists in the way that the Windows Shell launches
applications. A vulnerability exists in Program Group Converter
because of the way that it handles specially crafted requests. Both
could allow remote code execution on an affected system.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Windows. For more information, see the Affected Software and Download
Locations section.

Bulletin Identifier Microsoft Security Bulletin MS04-038
Bulletin Title
Cumulative Security Update for Internet Explorer (834707)

Executive Summary
Five remote code execution and three information disclosure
vulnerabilities exist in Internet Explorer.

Maximum Severity Rating
Critical

Impact of Vulnerability
Remote Code Execution

Affected Software
Windows, Internet Explorer. For more information, see the Affected
Software and Download Locations section.