From; Oxygen3 24h-365d: "Knowledge is true opinion." Plato (428 - 347 BC), Greek philosopher. - Critical updates for Windows - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, April 14, 2004 - Microsoft has released its monthly security bulletins for April, which include four critical updates that fix multiple vulnerabilities in Windows. The security bulletin MS04-013 MS04-011 fixes fourteen security flaws in Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0 -Terminal Server Edition-, Windows 2000, Windows XP and Windows Server 2003. The vulnerabilities affect several Windows components and services and the most serious allow remote code to be run. More information at: http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx The security bulletin MS04-012 reports a patch that fixes vulnerabilities in Windows Remote Procedure Call (RPC) and in Distributed Component Object Model (DCOM). These security problems could allow code to be run on affected systems, which are: Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0 -Terminal Server Edition-, Windows 2000, Windows XP and Windows Server 2003. Further details at: http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx The third bulletin, MS04-013, announces the availability of a solution that resolves a vulnerability in the MHTML protocol, which affects all the applications that use it including Outlook Express and Internet Explorer. Like the previous flaws, this is a serious vulnerability, as it could allow remote code execution. The affected systems are: Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0 -Terminal Server Edition-, Windows 2000, Windows XP, Windows Server 2003, Windows 98, Windows 98 Second Edition (SE) and Windows Millennium Edition (Windows Me). More information at: http://www.microsoft.com/technet/security/bulletin/MS04-013.mspx Finally, the bulletin MS04-014 provides a patch that fixes a buffer overflow vulnerability in Jet Database Engine (Jet). This problem affects Windows NT Workstation 4.0, Windows NT Server 4.0, Windows NT Server 4.0, Terminal Server Edition, Windows 2000, Windows XP and Windows Server 2003 and could also have serious security implications. Further details at: http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx Due to the nature of the vulnerabilities fixes and the number of affected components and systems, all Windows users are advised to update their systems, either automatically -through the Windows Update service-, or manually, by downloading the corresponding patches. More information at: http://www.microsoft.com/security/security_bulletins/200404_windows.asp NOTE: The addresses above may not show up on your screen as single lines. This would prevent you from using the links to access the web pages. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member