LanGuard reports



Supported Microsoft Security Bulletins


More information on 2003 updates



Bulletin ID:
MS03-008
Title:
Flaw in Windows Script Engine Could Allow Code Execution (814078)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-21
Description:
The Windows Script Engine provides Windows operating systems with the ability to execute script code. Script code can be used to add functionality to web pages, or to automate tasks within the operating system or within a program. Script code can be written in several different scripting languages, such as Visual Basic Script, or JScript.
Vulnerabilities:

Included Updates:
814078
Applies to:
Windows 2000
Windows XP

Bulletin ID:
MS02-072
Title:
Unchecked Buffer in Windows Shell Could Enable System Compromise (329390)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-21
Description:
The Windows Shell is responsible for providing the basic framework of the Windows user interface experience. It is most familiar to users as the Windows Desktop, but also provides a variety of other functions to help define the user's computing session, including organizing files and folders, and providing the means to start applications.
Vulnerabilities:

Included Updates:
329390
Applies to:
Windows XP

Bulletin ID:
MS03-031
Title:
Cumulative Patch for Microsoft SQL Server (815495)
Update Type:
Security Update
Severity:
Important
Date:
2003-11-14
Description:
This is a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0, SQL Server 2000, MSDE 1.0, and MSDE 2000. In addition, it eliminates three newly discovered vulnerabilities.
Vulnerabilities:

Included Updates:
815495
Applies to:
Windows Server 2003
Windows Server 2003, Datacenter Edition

Bulletin ID:
MS03-026
Title:
Buffer Overrun In RPC Interface Could Allow Code Execution (823980)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-14
Description:
Microsoft originally released this bulletin and patch on July 16, 2003 to correct a security vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. Subsequent to the release of this bulletin Microsoft has been made aware that additional ports involving RPC can be used to exploit this vulnerability. Information regarding these additional ports has been added to the mitigating factors and the Workaround section of the bulletin. In addition, Microsoft has released security bulletin MS03-039 and an updated scanning tool which supersedes this bulletin and the original scanning tool provided with it.
Vulnerabilities:

Included Updates:
823980
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP

Bulletin ID:
MS03-023
Title:
Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-14
Description:
Subsequent to the original release of this bulletin Microsoft extended the support of Windows NT Workstation 4.0 and Windows 2000 Service Pack 2. The existing Windows NT 4.0 Server security update will install successfully on Windows NT 4.0 Workstation and is officially supported on that operating system version. The existing Windows 2000 security update will install successfully on Windows 2000 Service Pack 2 and is officially supported on that operating system version.
Vulnerabilities:

Included Updates:
823559
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP

Bulletin ID:
MS02-070
Title:
Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
Update Type:
Security Update
Severity:
Moderate
Date:
2003-11-14
Description:
Subsequent to releasing this bulletin it was determined that the fix that eliminates the vulnerability was not included in Microsoft Windows XP Service Pack 1. The bulletin has been updated to reflect this fact, and the patch has been updated so that it installs on Windows XP Service Pack 1 systems. Customers who are currently running XP Service Pack 1 with SMB signing enabled should apply the patch.
Vulnerabilities:

Included Updates:
329170
Applies to:
Windows XP

Bulletin ID:
MS02-053
Title:
Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-14
Description:
The SmartHTML Interpreter (shtml.dll) is part of the FrontPage Server Extensions (FPSE) and Microsoft SharePoint Team Services, and provides support for web forms and other FrontPage-based dynamic content. The interpreter contains a flaw that could be exposed when processing a request for a particular type of web file, if the request had certain specific characteristics. This flaw affects the two versions of FrontPage Server Extensions differently. On FrontPage Server Extensions 2000, such a request would cause the interpreter to consume most or all CPU availability until the web service was restarted. An attacker could use this vulnerability to conduct a denial of service attack against an affected web server. On FrontPage Server Extensions 2002 and SharePoint Team Services 2002, the same type of request could cause a buffer overrun, potentially allowing an attacker to run code of his choice.
Vulnerabilities:

Included Updates:
324096
Applies to:
Windows XP

Bulletin ID:
MS02-048
Title:
Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-14
Description:
All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow web-based certificate enrollments. The control is used to submit PKCS #10 compliant certificate requests, and upon receiving the requested certificate, stores it in the user's local certificate store.
Vulnerabilities:

Included Updates:
323172
Applies to:
Windows XP

Bulletin ID:
MS02-045
Title:
Unchecked Buffer in Network Share Provider Can Lead to Denial of Service (Q326830)
Update Type:
Security Update
Severity:
Moderate
Date:
2003-11-14
Description:
SMB (Server Message Block) is the protocol Microsoft uses to share files, printers, serial ports, and also to communicate between computers using named pipes and mail slots. In a networked environment, servers make file systems and resources available to clients. Clients make SMB requests for resources and servers make SMB responses in what described as a client server, request-response protocol.
Vulnerabilities:

Included Updates:
326830
Applies to:
Windows 2000

Bulletin ID:
MS03-049
Title:
Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)
Update Type:
Security Update
Severity:
Critical
Date:
2003-11-06
Description:
A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service.
Vulnerabilities:

Included Updates:
828749
Applies to:
Windows 2000

Bulletin ID:
MS02-065
Title:
Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
Update Type:
Security Update
Severity:
Critical
Date:
2003-10-21
Description:
Microsoft Data Access Components (MDAC) is a collection of components used to provide database connectivity on Windows platforms. MDAC is a ubiquitous technology, and it is likely to be present on most Windows systems:
Vulnerabilities:

Included Updates:
329414
Applies to:
Windows 2000

Bulletin ID:
MS02-042
Title:
Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886)
Update Type:
Security Update
Severity:
Critical
Date:
2003-10-21
Description:
The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. Among the functions of the NCM is to call a handler routine whenever a network connection has been established.
Vulnerabilities:

Included Updates:
326886
Applies to:
Windows 2000

Bulletin ID:
MS02-024
Title:
Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206)
Update Type:
Security Update
Severity:
Critical
Date:
2003-10-21
Description:
The Windows debugging facility provides a means for programs to perform diagnostic and analytic functions on applications as they are running on the operating system. One of these capabilities allows for a program, usually a debugger, to connect to any running program, and to take control of it. The program can then issue commands to the controlled program, including the ability to start other programs. These commands would then execute in the same security context as the controlled program.
Vulnerabilities:

Included Updates:
320206
Applies to:
Windows 2000

Bulletin ID:
MS02-008
Title:
XMLHTTP Control Can Allow Access to Local Files
Update Type:
Security Update
Severity:
Critical
Date:
2003-10-21
Description:
Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources.
Vulnerabilities:

Included Updates:
317244
318202
318203
Applies to:
Windows XP

Bulletin ID:
MS02-060
Title:
Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)
Update Type:
Security Update
Severity:
Moderate
Date:
2003-10-16
Description:
Help and Support Center provides a centralized facility through which users can obtain assistance on a variety of topics. For instance, it provides product documentation, assistance in determining hardware compatibility, access to Windows Update, online help from Microsoft, and other assistance.
Vulnerabilities:

Included Updates:
328940
Applies to:
Windows XP

Bulletin ID:
MS03-041
Title:
Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)
Update Type:
Security Update
Severity:
Critical
Date:
2003-10-13
Description:
There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.
Vulnerabilities:

Included Updates:
823182
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP

Bulletin ID:
MS03-005
Title:
Unchecked buffer in Windows redirector may permit privilege elevation (810577)
Update Type:
Security Update
Severity:
Important
Date:
2003-10-13
Description:
The Windows Redirector is used by a Windows client to access files, whether local or remote, regardless of the underlying network protocols in use. For example, the "Add a Network Place" Wizard or the NET USE command can be used to map a network share as a local drive, and the Windows Redirector will handle the routing of information to and from the network share.
Vulnerabilities:

Included Updates:
810577
Applies to:
Microsoft Windows XP

Bulletin ID:
MS02-054
Title:
Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)
Update Type:
Security Update
Severity:
Moderate
Date:
2003-10-13
Description:
Zipped files (files having a .zip extension) provide a means to store information in a way that uses less space on a hard disk. This is accomplished by compressing the files that are put into in the zipped file. On Windows 98 with Plus! Pack, Windows Me and Windows XP, the Compressed Folders feature allows zipped files to be treated as folders. The Compressed Folders feature can be used to create, add files to, and extract files from zipped files.
Vulnerabilities:

Included Updates:
329048
Applies to:
Windows XP

Bulletin ID:
MS03-034
Title:
Flaw in NetBIOS Could Lead to Information Disclosure (824105)
Update Type:
Security Update
Severity:
Low
Date:
2003-09-09
Description:
Subsequent to the original release of this bulletin Microsoft extended the support of Windows NT Workstation 4.0 and Windows 2000 Service Pack 2. A security update is now available from Microsoft Product Support Services for customers running these operating systems. Contact Microsoft Product Support Services to obtain these additional security updates.
Vulnerabilities:

Included Updates:
824105
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP

Bulletin ID:
MS02-062
Title:
Cumulative Patch for Internet Information Service (Q327696)
Update Type:
Security Update
Severity:
Moderate
Date:
2003-08-20
Description:
It would run using the security settings on the user's machine that were appropriate to Web Site A.
Vulnerabilities:

Included Updates:
327696
Applies to:
Windows 2000
Windows XP

Bulletin ID:
MS02-029
Title:
Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
Update Type:
Security Update
Severity:
Critical
Date:
2003-08-05
Description:
On June 12, 2002, Microsoft released the original version of this bulletin. On July 2, 2002, the bulletin was updated to reflect the availability of a revised patch. Although the original patch completely eliminated the vulnerability, it had the side effect of preventing non-administrative users from making VPN connections in some cases. The revised patch correctly handles VPN connections. The revised patch is immediately available from the Download Center and will be soon made available via WindowsUpdate.
Vulnerabilities:

Included Updates:
318138
Applies to:
Windows XP

Bulletin ID:
MS02-032
Title:
26 June 2002 Cumulative Patch for Windows Media Player (Q320920)
Update Type:
Security Update
Severity:
Critical
Date:
2003-06-18
Description:
On June 26, 2002, Microsoft released the original version of this bulletin, which described the patch it provided as being cumulative. We subsequently discovered that a file had been inadvertently omitted from the patch. While the omission had no effect on the effectiveness of the patch against the new vulnerabilities discussed below, it did mean that the patch was not cumulative. Specifically, the original patch did not include all of the fixes discussed in Microsoft Security Bulletin MS01-056. We have repackaged the patch to include the file and are re-releasing it to ensure that it truly is cumulative.
Vulnerabilities:

Included Updates:
320920
Applies to:
Windows XP

Bulletin ID:
MS02-006
Title:
Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
Update Type:
Security Update
Severity:
Moderate
Date:
2003-05-06
Description:
On February 12 2002, Microsoft released the original version of this bulletin. In it, we detailed a work-around procedure that customers could implement to protect themselves against a publicly disclosed vulnerability. An updated version of this bulletin was released on February 15, 2002, to announce the availability of the patch for Windows 2000 and Windows XP and to advise customers that the work-around procedure is no longer needed on those platforms. Patches for additional platforms are forthcoming and this bulletin will be re-released to annouce their availability.
Vulnerabilities:

Included Updates:
314147
Applies to:
Windows XP

Bulletin ID:
MS02-017
Title:
Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution (Q311967)
Update Type:
Security Update
Severity:
Moderate
Date:
2003-02-18
Description:
The Multiple UNC Provider (MUP) is a Windows service that assists in locating network resources that are identified via UNC (uniform naming convention). The MUP receives commands containing UNC names from applications and sends the name to each registered UNC provider, LAN Manager workstation, and any others that are installed. When a provider identifies a UNC name as its own, the MUP automatically redirects future instances of that name to that provider.
Vulnerabilities:

Included Updates:
311967
Applies to:
Windows XP

Bulletin ID:
MS02-009
Title:
Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files
Update Type:
Security Update
Severity:
Critical
Date:
2003-02-18
Description:
Frames are used in Internet Explorer to provide for a fuller browsing experience. By design, scripts in the frame of one site or domain should be prohibited from accessing the content of frames in another site or domain. However, a flaw exists in how VBScript is handled in IE relating to validating cross-domain access. This flaw can allow scripts of one domain to access the contents of another domain in a frame.
Vulnerabilities:

Included Updates:
318089
Applies to:
Windows 2000

Bulletin ID:
MS01-059
Title:
Unchecked Buffer in Universal Plug and Play can Lead to System Compromise
Update Type:
Security Update
Severity:
Critical
Date:
2003-02-18
Description:
Universal Plug and Play (UPnP) allows computers to discover and use network-based devices. Windows ME and XP include native UPnP support; Windows 98 and 98SE do not include native UPnP support, but it can be installed via the Internet Connection Sharing client that ships with Windows XP. This bulletin discusses two vulnerabilities affecting these UPnP implementations. Although the vulnerabilities are unrelated, both involve how UPnP-capable computers handle the discovery of new devices on the network.
Vulnerabilities:

Included Updates:
315000
Applies to:
Windows XP