Bulletin ID: MS03-008 |
Title: Flaw in Windows Script Engine Could Allow Code Execution (814078) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-21 |
Description: The Windows Script Engine provides Windows operating systems with the ability to execute script code. Script code can be used to add functionality to web pages, or to automate tasks within the operating system or within a program. Script code can be written in several different scripting languages, such as Visual Basic Script, or JScript. | ||||
Vulnerabilities: |
Included Updates: 814078 |
Applies to: Windows 2000 Windows XP |
Bulletin ID: MS02-072 |
Title: Unchecked Buffer in Windows Shell Could Enable System Compromise (329390) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-21 |
Description: The Windows Shell is responsible for providing the basic framework of the Windows user interface experience. It is most familiar to users as the Windows Desktop, but also provides a variety of other functions to help define the user's computing session, including organizing files and folders, and providing the means to start applications. | ||||
Vulnerabilities: |
Included Updates: 329390 |
Applies to: Windows XP |
Bulletin ID: MS03-031 |
Title: Cumulative Patch for Microsoft SQL Server (815495) |
Update Type: Security Update |
Severity: Important |
Date: 2003-11-14 |
Description: This is a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0, SQL Server 2000, MSDE 1.0, and MSDE 2000. In addition, it eliminates three newly discovered vulnerabilities. | ||||
Vulnerabilities: |
Included Updates: 815495 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition |
Bulletin ID: MS03-026 |
Title: Buffer Overrun In RPC Interface Could Allow Code Execution (823980) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-14 |
Description: Microsoft originally released this bulletin and patch on July 16, 2003 to correct a security vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. Subsequent to the release of this bulletin Microsoft has been made aware that additional ports involving RPC can be used to exploit this vulnerability. Information regarding these additional ports has been added to the mitigating factors and the Workaround section of the bulletin. In addition, Microsoft has released security bulletin MS03-039 and an updated scanning tool which supersedes this bulletin and the original scanning tool provided with it. | ||||
Vulnerabilities: |
Included Updates: 823980 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP |
Bulletin ID: MS03-023 |
Title: Buffer Overrun In HTML Converter Could Allow Code Execution (823559) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-14 |
Description: Subsequent to the original release of this bulletin Microsoft extended the support of Windows NT Workstation 4.0 and Windows 2000 Service Pack 2. The existing Windows NT 4.0 Server security update will install successfully on Windows NT 4.0 Workstation and is officially supported on that operating system version. The existing Windows 2000 security update will install successfully on Windows 2000 Service Pack 2 and is officially supported on that operating system version. | ||||
Vulnerabilities: |
Included Updates: 823559 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP |
Bulletin ID: MS02-070 |
Title: Flaw in SMB Signing Could Enable Group Policy to be Modified (329170) |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-11-14 |
Description: Subsequent to releasing this bulletin it was determined that the fix that eliminates the vulnerability was not included in Microsoft Windows XP Service Pack 1. The bulletin has been updated to reflect this fact, and the patch has been updated so that it installs on Windows XP Service Pack 1 systems. Customers who are currently running XP Service Pack 1 with SMB signing enabled should apply the patch. | ||||
Vulnerabilities: |
Included Updates: 329170 |
Applies to: Windows XP |
Bulletin ID: MS02-053 |
Title: Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-14 |
Description: The SmartHTML Interpreter (shtml.dll) is part of the FrontPage Server Extensions (FPSE) and Microsoft SharePoint Team Services, and provides support for web forms and other FrontPage-based dynamic content. The interpreter contains a flaw that could be exposed when processing a request for a particular type of web file, if the request had certain specific characteristics. This flaw affects the two versions of FrontPage Server Extensions differently. On FrontPage Server Extensions 2000, such a request would cause the interpreter to consume most or all CPU availability until the web service was restarted. An attacker could use this vulnerability to conduct a denial of service attack against an affected web server. On FrontPage Server Extensions 2002 and SharePoint Team Services 2002, the same type of request could cause a buffer overrun, potentially allowing an attacker to run code of his choice. | ||||
Vulnerabilities: |
Included Updates: 324096 |
Applies to: Windows XP |
Bulletin ID: MS02-048 |
Title: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-14 |
Description: All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow web-based certificate enrollments. The control is used to submit PKCS #10 compliant certificate requests, and upon receiving the requested certificate, stores it in the user's local certificate store. | ||||
Vulnerabilities: |
Included Updates: 323172 |
Applies to: Windows XP |
Bulletin ID: MS02-045 |
Title: Unchecked Buffer in Network Share Provider Can Lead to Denial of Service (Q326830) |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-11-14 |
Description: SMB (Server Message Block) is the protocol Microsoft uses to share files, printers, serial ports, and also to communicate between computers using named pipes and mail slots. In a networked environment, servers make file systems and resources available to clients. Clients make SMB requests for resources and servers make SMB responses in what described as a client server, request-response protocol. | ||||
Vulnerabilities: |
Included Updates: 326830 |
Applies to: Windows 2000 |
Bulletin ID: MS03-049 |
Title: Buffer Overrun in the Workstation Service Could Allow Code Execution (828749) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-11-06 |
Description: A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. | ||||
Vulnerabilities: |
Included Updates: 828749 |
Applies to: Windows 2000 |
Bulletin ID: MS02-065 |
Title: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-10-21 |
Description: Microsoft Data Access Components (MDAC) is a collection of components used to provide database connectivity on Windows platforms. MDAC is a ubiquitous technology, and it is likely to be present on most Windows systems: | ||||
Vulnerabilities: |
Included Updates: 329414 |
Applies to: Windows 2000 |
Bulletin ID: MS02-042 |
Title: Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-10-21 |
Description: The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. Among the functions of the NCM is to call a handler routine whenever a network connection has been established. | ||||
Vulnerabilities: |
Included Updates: 326886 |
Applies to: Windows 2000 |
Bulletin ID: MS02-024 |
Title: Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-10-21 |
Description: The Windows debugging facility provides a means for programs to perform diagnostic and analytic functions on applications as they are running on the operating system. One of these capabilities allows for a program, usually a debugger, to connect to any running program, and to take control of it. The program can then issue commands to the controlled program, including the ability to start other programs. These commands would then execute in the same security context as the controlled program. | ||||
Vulnerabilities: |
Included Updates: 320206 |
Applies to: Windows 2000 |
Bulletin ID: MS02-008 |
Title: XMLHTTP Control Can Allow Access to Local Files |
Update Type: Security Update |
Severity: Critical |
Date: 2003-10-21 |
Description: Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources. | ||||
Vulnerabilities: |
Included Updates: 317244 318202 318203 |
Applies to: Windows XP |
Bulletin ID: MS02-060 |
Title: Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940) |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-10-16 |
Description: Help and Support Center provides a centralized facility through which users can obtain assistance on a variety of topics. For instance, it provides product documentation, assistance in determining hardware compatibility, access to Windows Update, online help from Microsoft, and other assistance. | ||||
Vulnerabilities: |
Included Updates: 328940 |
Applies to: Windows XP |
Bulletin ID: MS03-041 |
Title: Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-10-13 |
Description: There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog. | ||||
Vulnerabilities: |
Included Updates: 823182 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP |
Bulletin ID: MS03-005 |
Title: Unchecked buffer in Windows redirector may permit privilege elevation (810577) |
Update Type: Security Update |
Severity: Important |
Date: 2003-10-13 |
Description: The Windows Redirector is used by a Windows client to access files, whether local or remote, regardless of the underlying network protocols in use. For example, the "Add a Network Place" Wizard or the NET USE command can be used to map a network share as a local drive, and the Windows Redirector will handle the routing of information to and from the network share. | ||||
Vulnerabilities: |
Included Updates: 810577 |
Applies to: Microsoft Windows XP |
Bulletin ID: MS02-054 |
Title: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048) |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-10-13 |
Description: Zipped files (files having a .zip extension) provide a means to store information in a way that uses less space on a hard disk. This is accomplished by compressing the files that are put into in the zipped file. On Windows 98 with Plus! Pack, Windows Me and Windows XP, the Compressed Folders feature allows zipped files to be treated as folders. The Compressed Folders feature can be used to create, add files to, and extract files from zipped files. | ||||
Vulnerabilities: |
Included Updates: 329048 |
Applies to: Windows XP |
Bulletin ID: MS03-034 |
Title: Flaw in NetBIOS Could Lead to Information Disclosure (824105) |
Update Type: Security Update |
Severity: Low |
Date: 2003-09-09 |
Description: Subsequent to the original release of this bulletin Microsoft extended the support of Windows NT Workstation 4.0 and Windows 2000 Service Pack 2. A security update is now available from Microsoft Product Support Services for customers running these operating systems. Contact Microsoft Product Support Services to obtain these additional security updates. | ||||
Vulnerabilities: |
Included Updates: 824105 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP |
Bulletin ID: MS02-062 |
Title: Cumulative Patch for Internet Information Service (Q327696) |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-08-20 |
Description: It would run using the security settings on the user's machine that were appropriate to Web Site A. | ||||
Vulnerabilities: |
Included Updates: 327696 |
Applies to: Windows 2000 Windows XP |
Bulletin ID: MS02-029 |
Title: Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-08-05 |
Description: On June 12, 2002, Microsoft released the original version of this bulletin. On July 2, 2002, the bulletin was updated to reflect the availability of a revised patch. Although the original patch completely eliminated the vulnerability, it had the side effect of preventing non-administrative users from making VPN connections in some cases. The revised patch correctly handles VPN connections. The revised patch is immediately available from the Download Center and will be soon made available via WindowsUpdate. | ||||
Vulnerabilities: |
Included Updates: 318138 |
Applies to: Windows XP |
Bulletin ID: MS02-032 |
Title: 26 June 2002 Cumulative Patch for Windows Media Player (Q320920) |
Update Type: Security Update |
Severity: Critical |
Date: 2003-06-18 |
Description: On June 26, 2002, Microsoft released the original version of this bulletin, which described the patch it provided as being cumulative. We subsequently discovered that a file had been inadvertently omitted from the patch. While the omission had no effect on the effectiveness of the patch against the new vulnerabilities discussed below, it did mean that the patch was not cumulative. Specifically, the original patch did not include all of the fixes discussed in Microsoft Security Bulletin MS01-056. We have repackaged the patch to include the file and are re-releasing it to ensure that it truly is cumulative. | ||||
Vulnerabilities: |
Included Updates: 320920 |
Applies to: Windows XP |
Bulletin ID: MS02-006 |
Title: Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-05-06 |
Description: On February 12 2002, Microsoft released the original version of this bulletin. In it, we detailed a work-around procedure that customers could implement to protect themselves against a publicly disclosed vulnerability. An updated version of this bulletin was released on February 15, 2002, to announce the availability of the patch for Windows 2000 and Windows XP and to advise customers that the work-around procedure is no longer needed on those platforms. Patches for additional platforms are forthcoming and this bulletin will be re-released to annouce their availability. | ||||
Vulnerabilities: |
Included Updates: 314147 |
Applies to: Windows XP |
Bulletin ID: MS02-017 |
Title: Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution (Q311967) |
Update Type: Security Update |
Severity: Moderate |
Date: 2003-02-18 |
Description: The Multiple UNC Provider (MUP) is a Windows service that assists in locating network resources that are identified via UNC (uniform naming convention). The MUP receives commands containing UNC names from applications and sends the name to each registered UNC provider, LAN Manager workstation, and any others that are installed. When a provider identifies a UNC name as its own, the MUP automatically redirects future instances of that name to that provider. | ||||
Vulnerabilities: |
Included Updates: 311967 |
Applies to: Windows XP |
Bulletin ID: MS02-009 |
Title: Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files |
Update Type: Security Update |
Severity: Critical |
Date: 2003-02-18 |
Description: Frames are used in Internet Explorer to provide for a fuller browsing experience. By design, scripts in the frame of one site or domain should be prohibited from accessing the content of frames in another site or domain. However, a flaw exists in how VBScript is handled in IE relating to validating cross-domain access. This flaw can allow scripts of one domain to access the contents of another domain in a frame. | ||||
Vulnerabilities: |
Included Updates: 318089 |
Applies to: Windows 2000 |
Bulletin ID: MS01-059 |
Title: Unchecked Buffer in Universal Plug and Play can Lead to System Compromise |
Update Type: Security Update |
Severity: Critical |
Date: 2003-02-18 |
Description: Universal Plug and Play (UPnP) allows computers to discover and use network-based devices. Windows ME and XP include native UPnP support; Windows 98 and 98SE do not include native UPnP support, but it can be installed via the Internet Connection Sharing client that ships with Windows XP. This bulletin discusses two vulnerabilities affecting these UPnP implementations. Although the vulnerabilities are unrelated, both involve how UPnP-capable computers handle the discovery of new devices on the network. | ||||
Vulnerabilities: |
Included Updates: 315000 |
Applies to: Windows XP |