From; Microsoft: -----BEGIN PGP SIGNED MESSAGE----- - -------------------------------------------------------------------- Title: Microsoft Windows Security Bulletin Summary for April 2004 Issued: April 13, 2004 Version Number: 1.0 Bulletin: http://www.microsoft.com/technet/security/bulletin/winapr04.asp - -------------------------------------------------------------------- Summary: =3D=3D=3D=3D=3D=3D=3D=3D Included in this advisory are updates for newly discovered vulnerabilities in Microsoft Windows. These vulnerabilities, broken down by severity are: ** Critical Security Bulletins MS04-011 - Security Update for Microsoft Windows (835732) - Affected Software: - Windows NT Workstation 4.0 Service Pack 6a - Windows NT Server 4.0 Service Pack 6a - Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Windows 2000 Service Pack 2 - Windows 2000 Service Pack 3 - Windows 2000 Service Pack 4 - Windows XP and Windows XP Service Pack 1 - Windows XP 64-Bit Edition Service Pack 1 - Windows XP 64-Bit Edition Version 2003 - Windows Server 2003 - Windows Server 2003 64-Bit Edition - Microsoft NetMeeting - Review the FAQ section of bulletin MS04-011 for information about these operating systems: - Microsoft Windows 98 - Microsoft Windows 98 Second Edition (SE) - Microsoft Windows Millennium Edition (ME) - Impact: Remote Code Execution - Version Number: 1.0 MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741) - Affected Software: - Windows NT Workstation 4.0 Service Pack 6a - Windows NT Server 4.0 Service Pack 6a - Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Windows 2000 Service Pack 2 - Windows 2000 Service Pack 3 - Windows 2000 Service Pack 4 - Windows XP and Windows XP Service Pack 1 - Windows XP 64-Bit Edition Service Pack 1 - Windows XP 64-Bit Edition Version 2003 - Windows Server 2003 - Windows Server 2003 64-Bit Edition - Review the FAQ section of bulletin MS04-012 for information about these operating systems: - Microsoft Windows 98 - Microsoft Windows 98 Second Edition (SE) - Microsoft Windows Millennium Edition (ME) - Impact: Remote Code Execution - Version Number: 1.0 MS04-013 - Cumulative Security Update for Outlook Express (837009) - Affected Software: - Windows NT Workstation 4.0 Service Pack 6a - Windows NT Server 4.0 Service Pack 6a - Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Windows 2000 Service Pack 2 - Windows 2000 Service Pack 3 - Windows 2000 Service Pack 4 - Windows XP and Windows XP Service Pack 1 - Windows XP 64-Bit Edition Service Pack 1 - Windows XP 64-Bit Edition Version 2003 - Windows Server 2003 - Windows Server 2003 64-Bit Edition - Review the FAQ section of bulletin MS04-013 for information about these operating systems: - Microsoft Windows 98 - Microsoft Windows 98 Second Edition (SE) - Microsoft Windows Millennium Edition (ME) - Impact: Remote Code Execution - Version Number: 1.0 ** Important Security Bulletins MS04-014 - Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001) - Affected Software: - Windows NT Workstation 4.0 Service Pack 6a - Windows NT Server 4.0 Service Pack 6a - Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Windows 2000 Service Pack 2 - Windows 2000 Service Pack 3 - Windows 2000 Service Pack 4 - Windows XP and Windows XP Service Pack 1 - Windows XP 64-Bit Edition Service Pack 1 - Windows XP 64-Bit Edition Version 2003 - Windows Server 2003 - Windows Server 2003 64-Bit Edition - Review the FAQ section of bulletin MS04-014 for information about these operating systems: - Microsoft Windows 98 - Microsoft Windows 98 Second Edition (SE) - Microsoft Windows Millennium Edition (ME) - Impact: Remote Code Execution - Version Number: 1.0 Update Availability: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Updates are available to fix these vulnerabilities. For additional information, including Technical Details, Workarounds, answers to Frequently Asked Questions, and Update Deployment Information please read the Microsoft Windows Security Bulletin Summary for April at: http://www.microsoft.com/technet/security/bulletin/winapr04.asp Support: =3D=3D=3D=3D=3D=3D=3D=3D Technical support is available from Microsoft Product Support Services at 1-866-PC SAFETY (1-866-727-2338). There is no charge for support calls associated with security updates. International customers can get support from their local Microsoft subsidiaries. Phone numbers for international support can be found at: http://support.microsoft.com/common/international.aspx Additional Resources: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * Microsoft has created a free monthly e-mail newsletter containing valuable information to help you protect your network. This newsletter provides practical security tips, topical security guidance, useful resources and links, pointers to helpful community resources, and a forum for you to provide feedback and ask security-related questions. You can sign up for the newsletter at: http://www.microsoft.com/technet/security/secnews/default.mspx * Microsoft has created a free e-mail notification service that serves as a supplement to the Security Notification Service (this e-mail). It provides timely notification of any minor changes or revisions to previously released Microsoft Security Bulletins. This new service provides notifications that are written for IT professionals and contain technical information about the revisions to security bulletins. Visit http://www.microsoft.com to subscribe to this service: - Click on Subscribe at the top of the page. - This will direct you via Passport to the Subscription center. - Under Newsletter Subscriptions you can sign up for the "Microsoft Security Notification Service: Comprehensive Version". * Join Microsoft's webcast for a live discussion of the technical details of the April security bulletins and steps you can take to protect your environment. Details about the live webcast can be found at: http://go.microsoft.com/fwlink/?LinkId=3D25390 The on-demand version of the webcast will be available 24 hours after the live webcast at: http://go.microsoft.com/fwlink/?LinkId=3D25390 * Protect your PC: Microsoft has provided information on how you can help protect your PC at the following locations: http://www.microsoft.com/security/protect/ If you receive an e-mail that claims to be distributing a Microsoft security update, it is a hoax that may be distributing a virus. Microsoft does not distribute security updates via e-mail. You can learn more about Microsoft's software distribution policies here: http://www.microsoft.com/technet/security/topics/policy/swdist.mspx Acknowledgments: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Microsoft thanks the following for working with us to protect customers: - - Carlos Sarraute of Core Security Technologies (http://www.coresecurity.com) for reporting the LDAP Vulnerability (CAN-2003-0663). - - Internet Security Systems (http://www.iss.net) for reporting the PCT Vulnerability (CAN-2003-0719). - - Ondrej Sevecek (http://www.sevecek.com) for reporting the Winlogon Vulnerability (CAN-2003-0806). - - iDefense (http://www.idefense.com)and Jouko Pynn=F6nen (http://jouko.iki.fi) for reporting the Help and Support Vulnerability (CAN-2003-0907). - - Brett Moore of Security-Assessment.com (http://www.security- assessment.com), Cesar Cerrudo (cesarc56@xxxxxxxxx) and Ben Pryor (pryorb@xxxxxxxxxxx) for reporting the Utility Manager Vulnerability (CAN-2003-0908). - - Erik Kamphuis of LogicaCMG (http://www.logicacmg.com) working on behalf of the Dutch Tax Office for reporting the Windows Management Vulnerability (CAN-2003-0909). - - NSFOCUS Security Team (http://www.nsfocus.com) for reporting the Negotiate SSP Vulnerability (CAN-2004-0119). - - John Lampe of Tenable Network Security (http://www.tenablesecurity.com) for reporting the SSL Vulnerability (CAN-2004-0120) - - Foundstone, Inc (http://www.foundstone.com) and Qualys (http://www.qualys.com) for reporting the ASN.1 'Double Free' Vulnerability (CAN-2004-0123). - - eEye Digital Security (http://www.eeye.com) for reporting the LSASS Vulnerability (CAN-2003-0533), Metafile Vulnerability (CAN- 2003-0906), Local Descriptor Table Vulnerability (CAN-2003-0910), Virtual DOS Machine Vulnerability (CAN-2004-0118), RPC Runtime Library Vulnerability (CAN-2003-0813) and the RPCSS Service Vulnerability (CAN-2004-0116). - - Qualys (http://www.qualys.com)for reporting the CIS - RPC over HTTP Vulnerability (CAN-2003-0807). - - Todd Sabin of BindView (http://www.bindview.com) for reporting the Object Identity Vulnerability (CAN-2004-0124). - - Matt Thompson of Aberdeen IT (http://www.aberdeenit.com) for reporting the Jet Vulnerability (CAN-2004-0197) Revisions: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * V1.0 April 13, 2004: Bulletin Created. ******************************************************************** Protect your PC: Microsoft has provided information on how you can help protect your PC at the following locations: http://www.microsoft.com/security/protect/ If you receive an e-mail that claims to be distributing a Microsoft security update, it is a hoax that may be distributing a virus. Microsoft does not distribute security updates via e-mail. You can learn more about Microsoft's software distribution policies here: http://www.microsoft.com/technet/security/topics/policy/swdist.mspx ******************************************************************** - -------------------------------------------------------------------- THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQEVAwUBQHwTQY0ZSRQxA/UrAQFptQf/eKH8z5J1vJDSN1aARgP16n5sPLfEkuVC uWEipj3CA77qX2VTI3ffGpVV3yPtXAM3S/alMpEIPRWY7a758Z9WbSSNeEKgtQ/Z CgHPmZu9yuDcQx3g1IaIjGtatdpXfoC+8cYXyqf9WSvorgcD07YauhkMajxPp0Cp cQOlzjOau/ZAf/LAI4Xc8llPIwZpMA2rtd0dxZjHQGhadMpLC+n163sbu0P2MYlh 2sg5VqRN4aejN2EjZXkRAzGUN+EhQA8rVcoEFmWnZQfII2cuVk7WlryR3c0uOAEC wwLU6wxLPnQ1/WbgVrJk9OFcUznFYq6QzarLSNEM3Ne85SYT8gpkKw=3D=3D =3DjKpa -----END PGP SIGNATURE----- ************************************************************* You have received this e-mail bulletin because of your subscription to the Microsoft Product Security Notification Service. For more information on this service, please visit http://www.microsoft.com/technet/security/notify.asp. To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security. ______________________________________________________________ Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=3Dsubscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=3Dsubscribe> A Technical Support Alliance and OWTA Charter Member