-=PCTechTalk=- Re: Win ME Patch error

Oooops. I meant to type MICROSOFF, not Mocrosoff.

Gee.

Robert



At 2/27/2003 11:06 PM, you wrote:

>Mike-
>
>I don't see this as disagreeing at all. I see it as clarifying what I am
>encouraging. Remember, I said these people got it from MOCROSOFF (two
>"F"s). Thanks for jumping in!
>
>Btw, does anyone know how I can subscribe to Technet? Sounds like a good
>resource.
>
>Robert
>
>At 2/27/2003 08:58 PM, you wrote:
>
> >Hi Robert,
> >I hate to disagree but MS does send out patch notifications to Technet
> >subscribers;
> >I recieved this one yesterday
> ><http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur 
> ity/>bulletin/MS03-006.asp>
> >
> >it is on my web page now Quote;
> >
> >Microsoft Security Bulletin MS03-006
> >Security Update for Microsoft Windows Millennium Edition (Windows Me):
> >
> >http://www.microsoft.com/security/security_bulletins/ms03-006.asp
> >
> >WHY WE ARE ISSUING THIS UPDATE:
> >An identified security issue in the Microsoft Windows(R) Millennium Edition
> >(Windows Me) Help and Support Center could enable an attacker to read files
> >or run programs on a computer that visited a malicious Web site. You can
> >help protect your computer by installing this update from Microsoft.
> >
> >PRODUCT AFFECTED:
> >Microsoft Windows Millennium Edition (Windows Me)
> >
> >You can learn more about Microsoft software distribution policies here:
> >http://www.microsoft.com/technet/security/policy/swdist.asp
> >______________________________________________________
> >______________________________________________________
> >Panda also sent out a notice on it today;
> >
> >Oxygen3
> >  http://www.pandasoftware.com/about/press/oxygen3/oxygen.asp
> >
> >  Important Update for Windows Me
> >
> >
> >"Thought is the steed; reason the rider."
> >George Sand (1804-1876); French writer.
> >
> >
> >Madrid, February 27 2003 - Microsoft has released an update for Windows Me
> >to fix a critical vulnerability that could be used to run arbitrary code.
> >
> >The problem stems from a buffer overflow vulnerability related to the "Help
> >and Support Center" (HSP), which uses the prefix "hcp://" instead of
> >"http://"; in URL links. As the URL Handler for the "hcp://" prefix contains
> >an unchecked buffer, if an attacker were to craft a special URL they could
> >provoke a buffer overflow. If a user were to click on the link constructed
> >by the attacker, code would be executed in the Local Computer security
> >context.
> >++ There is more on the web site.
> >
> >___________________________________________________
> >___________________________________________________
> >
> >Mike ~ It is a good day if I learned something new.
> >Editor MikesWhatsNews see a sample on my web page
> >http://www.mwn.ca/ ***UPDATED 27/02/03
> ><mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
> >See my Anti-Virus pages
> ><http://www3.telus.net/mikebike/mikes_virus_page.htm>
> ><virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
> >A Technical Support Alliance Charter Member
> >http://groups.yahoo.com/group/techsupportalliance/
> >*********** REPLY SEPARATOR  ***********
> >
> >On 27/02/2003 at 6:28 PM Robert Wiens wrote:
> >
> >Also Microsoft will never send out patch notifications
> >by e-mail (or any other method). If there is a patch
> >you must find out about it and get it yourself
> >
> >--- Robert Carneal <carnealr@xxxxxxxxxxxx> wrote:
> > >
> > > Several people have written to me saying they
> > > downloaded a patch for
> > > Windows ME. It has a virus.  After I pinned a few of
> > > them down, two of
> > > admitted they did not obtain the download from
> > > Microsoft. They downloaded
> > > it because they received an email from Microsoff
> > > saying they HAD to. They
> > > clicked on the link provided and did not observe the
> > > link re-directed them
> > > to web site where the supposed patch downloaded
> > > automatically.
> > >
> > > Please people, updates and upgrades for Windows
> > > comes from Microsoft, not
> > > Mircrosff (The second name as two "Fs" in it.).
> > > Please be careful.
> > >
> > > Robert Carneal
> > > carnealr@xxxxxxxxxxxx
>
>
>To unsub or change your email settings:
>http://www.freelists.org/webpage/pctechtalk
>
>To access our Archives:
>http://groups.yahoo.com/group/PCTechTalk/messages/
>http://www.freelists.org/archives/pctechtalk/
>
>For more info:
>http://www.freelists.org/cgi-bin/list?list_id=pctechtalk

Robert Carneal
carnealr@xxxxxxxxxxxx

We are changing the world of genealogy!
http://www.LegacyFamilyTree.com/Index.asp?mid=32E9Wai



To unsub or change your email settings:
http://www.freelists.org/webpage/pctechtalk

To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/

For more info:
http://www.freelists.org/cgi-bin/list?list_id=pctechtalk

Other related posts: