Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Posted 12 October 2004 - 01:02 PM
There are 10 updates for October (7 Critical and 3 Important)
OCTOBER 2004 - MICROSOFT SECURITY BULLETINS
http://www.microsoft.com/technet/security/...n/ms04-oct.mspx
3 BULLETINS RATED AS IMPORTANT
MS04-029 -- Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
Executive Summary: An information disclosure and denial of service vulnerability exists that could cause the affected system
to stop responding or could potentially read portions of active memory content.
MS04-030 -- Vulnerability in WebDav XML Message Handler Could Lead to a Denial of Service (824151)
Executive Summary: A Denial of Service vulnerability exists that could cause the affected system to stop responding to requests.
MS04-031 -- Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
Executive Summary: A remote code execution vulnerability exists in the NetDDE services because of an unchecked buffer.
BULLETINS RATED AS CRITICAL
MS04-032 -- Security Update for Microsoft Windows (840987)
Executive Summary: A remote code execution vulnerability, two elevation of privilege vulnerabilities, and a denial of service
vulnerability exist in Windows. The most severe vulnerability could allow remote code execution on an affected system.
MS04-033 -- Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)
Executive Summary: A vulnerability exists in Microsoft Excel that could allow remote code execution on an affected system.
MS04-034 -- Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)
Executive Summary: A vulnerability exists in the way that Windows processes Compressed (zipped) Folders that could allow remote code execution on an affected system.
MS04-035 -- Vulnerability in SMTP Could Allow Remote Code Execution (885881)
Executive Summary: A vulnerability exists in the Windows SMTP component and Exchange Server Routing Engine component that could allow remote code execution on an affected system.
MS04-036 -- Vulnerability in NNTP Could Allow Remote Code Execution (883935)
Executive Summary: A vulnerability exists in the Windows NNTP Component that could allow remote code execution on an affected system.
MS04-037 -- Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
Executive Summary: A vulnerability exists in the way that the Windows Shell launches applications. A vulnerability exists in Program Group Converter because of the way that it handles specially crafted requests. Both could allow remote code execution on an affected system.
MS04-038 -- Cumulative Security Update for Internet Explorer (834707)
Executive Summary: Five remote code execution and three information disclosure vulnerabilities exist in Internet Explorer.
OCTOBER 2004 - MICROSOFT SECURITY BULLETINS
http://www.microsoft.com/technet/security/...n/ms04-oct.mspx
3 BULLETINS RATED AS IMPORTANT
MS04-029 -- Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
Executive Summary: An information disclosure and denial of service vulnerability exists that could cause the affected system
to stop responding or could potentially read portions of active memory content.
MS04-030 -- Vulnerability in WebDav XML Message Handler Could Lead to a Denial of Service (824151)
Executive Summary: A Denial of Service vulnerability exists that could cause the affected system to stop responding to requests.
MS04-031 -- Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
Executive Summary: A remote code execution vulnerability exists in the NetDDE services because of an unchecked buffer.
BULLETINS RATED AS CRITICAL
MS04-032 -- Security Update for Microsoft Windows (840987)
Executive Summary: A remote code execution vulnerability, two elevation of privilege vulnerabilities, and a denial of service
vulnerability exist in Windows. The most severe vulnerability could allow remote code execution on an affected system.
MS04-033 -- Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)
Executive Summary: A vulnerability exists in Microsoft Excel that could allow remote code execution on an affected system.
MS04-034 -- Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)
Executive Summary: A vulnerability exists in the way that Windows processes Compressed (zipped) Folders that could allow remote code execution on an affected system.
MS04-035 -- Vulnerability in SMTP Could Allow Remote Code Execution (885881)
Executive Summary: A vulnerability exists in the Windows SMTP component and Exchange Server Routing Engine component that could allow remote code execution on an affected system.
MS04-036 -- Vulnerability in NNTP Could Allow Remote Code Execution (883935)
Executive Summary: A vulnerability exists in the Windows NNTP Component that could allow remote code execution on an affected system.
MS04-037 -- Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
Executive Summary: A vulnerability exists in the way that the Windows Shell launches applications. A vulnerability exists in Program Group Converter because of the way that it handles specially crafted requests. Both could allow remote code execution on an affected system.
MS04-038 -- Cumulative Security Update for Internet Explorer (834707)
Executive Summary: Five remote code execution and three information disclosure vulnerabilities exist in Internet Explorer.
This post has been edited by harrywaldron: 12 October 2004 - 01:03 PM
Back to top
