Threats to Windows, IIS, and Outlook Express:
"Get the details on Microsoft Security Bulletins MS04-018, MS04-019, MS04-020, MS04-021, MS04-024. "
MS04-018, “Cumulative Security Update for Outlook Express,” is caused by a failure of Outlook express to properly handle some specifically malformed e-mail headers. This is a DoS threat and Microsoft reports having seen published exploits but hasn't received any reports from customers that have been compromised by the exploit. This threat is covered by CAN-2004-0215
MS04-019, “Vulnerability in Utility Manager Could Allow Code Execution,” is a local elevation of privilege threat that can’t be exploited remotely. MSBA will report if your system needs this update and Systems Management Server (SMS) can help deploy it.
MS04-020, “Vulnerability in POSIX Could Allow Code Execution,” is an unchecked buffer vulnerability in the Portable Operating System Interface for UNIX. MSBA will report if your system needs this update and SMS can help deploy it. This threat is covered by CAN-2004-0210.
MS04-021, “Security Update for IIS 4.0,” is a buffer overrun vulnerability in the redirect function that can allow remote execution. MSBA will report if your system needs this update and SMS can help deploy it. This threat is covered by CAN-2004-0205.
MS04-024, “Vulnerability in Windows Shell Could Allow Remote Code Execution,” replaces MS03-027 for Windows XP (but not for the other affected operating systems). This threat is covered by CAN-2004-0420.
…
http://www.microsoft.com/technet/security/bulletin/ms04-018.mspx
http://www.microsoft.com/technet/security/bulletin/ms04-019.mspx
http://www.microsoft.com/technet/security/bulletin/ms04-020.mspx
http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx
http://www.microsoft.com/technet/security/bulletin/ms04-027.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0215
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0210
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0205
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0420
http://techrepublic.com.com/5102-6264-5284223.html
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment