TUCoPS :: Windows :: hack0318.htm

Unpatched - 4 new Microsoft patches, 4 old updated, 24 vulns
FW: [Unpatched] 4 new Microsoft patches, 4 old updated, 24 vulnerabilities 



-----Original Message-----
From: Thor Larholm 
To: http://unpatched.pivxlabs.com 
Subject: [Unpatched] 4 old Microsoft patches updated



4 old Microsoft patches updated

In addition to releasing 4 new patches today (see previous post on
Unpatched below), Microsoft has re-released 4 older patches without
notice. These 4 advisories now include additional patches for Exchange
5.0 and NT 4 and, if left unpatched, could allow unauthorized email
relaying, Denial of Service and code execution.

PivX Solutions would like to thank Mario Kuechler for giving us
additional information about the SMTP relaying issue in MS02-011.

The following patches have been updated today:

MS00-082 - Patch Available for 'Malformed MIME Header' Vulnerability 
http://www.microsoft.com/technet/security/Bulletin/MS00-082.mspx 

MS01-041 - Malformed RPC Request Can Cause Service Failure 
http://www.microsoft.com/technet/security/Bulletin/MS01-041.mspx 

MS02-011 - Authentication Flaw Could Allow Unauthorized Users To
Authenticate To SMTP Service 
http://www.microsoft.com/technet/security/Bulletin/MS02-011.mspx 

MS03-046 - Vulnerability in Exchange Server Could Allow Arbitrary Code
Execution (829436) 
http://www.microsoft.com/technet/security/Bulletin/MS03-046.mspx 


A broad summary for April 2004 patched can be found at 

http://www.microsoft.com/technet/security/bulletin/winapr04.mspx 





Regards

Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com 
thor@pivx.com 
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569

PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix
 

----- Original Message ----- 
From: Thor Larholm 
To: http://unpatched.pivxlabs.com 
Subject: 4 new Microsoft patches to close 20 vulnerabilities



4 new Microsoft patches to close 20 vulnerabilities

It's patch Tuesday in Redmond and this April we have seen the release of
MS04-011, MS04-012, MS04-013 and MS04-014. Microsoft has given all of
these patches an impact of "Remote Code Execution" and the affected
software ranges from Windows 98 to Windows 2003 64-Bit Edition. 

If you use Windows you will have to patch, preferable today. This week
will see a wide range of vulnerability advisories and exploit releases.
The documented functionality changes are few and minor.

Currently, these patches are not available on Windows Update (11:25AM
pacific time), but I can only imagine that it is a matter of hours. They
can be retrieved with MBSA, SMS and a wide range of patch management
applications.

The broad summary can be found at

http://www.microsoft.com/technet/security/bulletin/winapr04.mspx 

Most of these vulnerabilities are new, but some of them are already
known - as an example MS04-013 patches the massively exploited MHTML/CHM
related vulnerabilities that was used by Ibiza, Bugbear.e and a wide
range of trojans.

In all, these 4 patches fix 20 vulnerabilities and replace 19 existing
patches. 


MS04-011
========
LSASS Vulnerability - CAN-2003-0533
LDAP Vulnerability - CAN-2003-0663
PCT Vulnerability - CAN-2003-0719
Winlogon Vulnerability - CAN-2003-0806
Metafile Vulnerability - CAN-2003-0906
Help and Support Center Vulnerability - CAN-2003-0907
Utility Manager Vulnerability - CAN-2003-0908
Windows Management Vulnerability - CAN-2003-0909
Local Descriptor Table Vulnerability - CAN-2003-0910
H.323 Vulnerability* - CAN-2004-0117
Virtual DOS Machine Vulnerability - CAN-2004-0118
Negotiate SSP Vulnerability - CAN-2004-0119
SSL Vulnerability - CAN-2004-0120
ASN.1 "Double Free" Vulnerability - CAN-2004-0123

MS04-012
========
RPC Runtime Library Vulnerability - CAN-2003-0813
RPCSS Service Vulnerability - CAN-2004-0116
COM Internet Services (CIS) - RPC over HTTP Vulnerability -
CAN-2003-0807
Object Identity Vulnerability - CAN-2004-0124

MS04-013
========
MHTML URL Processing Vulnerability - CAN-2004-0380

MS04-014
========
Jet Vulnerability - CAN-2004-0197


PivX Solutions is currently investigating these patches further.



Regards

Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com 
thor@pivx.com 
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569

PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH