Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OCTOBER 2004 - MICROSOFT SECURITY BULLETINS


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:05:24 PM

Posted 12 October 2004 - 01:02 PM

There are 10 updates for October (7 Critical and 3 Important)

OCTOBER 2004 - MICROSOFT SECURITY BULLETINS
http://www.microsoft.com/technet/security/...n/ms04-oct.mspx


3 BULLETINS RATED AS IMPORTANT

MS04-029 -- Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)

Executive Summary: An information disclosure and denial of service vulnerability exists that could cause the affected system

to stop responding or could potentially read portions of active memory content.


MS04-030 -- Vulnerability in WebDav XML Message Handler Could Lead to a Denial of Service (824151)

Executive Summary: A Denial of Service vulnerability exists that could cause the affected system to stop responding to requests.


MS04-031 -- Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

Executive Summary: A remote code execution vulnerability exists in the NetDDE services because of an unchecked buffer.



BULLETINS RATED AS CRITICAL


MS04-032 -- Security Update for Microsoft Windows (840987)

Executive Summary: A remote code execution vulnerability, two elevation of privilege vulnerabilities, and a denial of service

vulnerability exist in Windows. The most severe vulnerability could allow remote code execution on an affected system.


MS04-033 -- Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)

Executive Summary: A vulnerability exists in Microsoft Excel that could allow remote code execution on an affected system.


MS04-034 -- Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)

Executive Summary: A vulnerability exists in the way that Windows processes Compressed (zipped) Folders that could allow remote code execution on an affected system.


MS04-035 -- Vulnerability in SMTP Could Allow Remote Code Execution (885881)

Executive Summary: A vulnerability exists in the Windows SMTP component and Exchange Server Routing Engine component that could allow remote code execution on an affected system.


MS04-036 -- Vulnerability in NNTP Could Allow Remote Code Execution (883935)

Executive Summary: A vulnerability exists in the Windows NNTP Component that could allow remote code execution on an affected system.


MS04-037 -- Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

Executive Summary: A vulnerability exists in the way that the Windows Shell launches applications. A vulnerability exists in Program Group Converter because of the way that it handles specially crafted requests. Both could allow remote code execution on an affected system.


MS04-038 -- Cumulative Security Update for Internet Explorer (834707)

Executive Summary: Five remote code execution and three information disclosure vulnerabilities exist in Internet Explorer.

Edited by harrywaldron, 12 October 2004 - 01:03 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users