[BigFix-Announcements] Fwd: BES Auto Notification: New Fixlets
Published in Fixlet Site: EnterpriseSecurity
Jonathan Fan
jonathan_fan at bigfix.com
Wed Oct 13 09:23:37 PDT 2004
The following were not sent out to this list with the rest of the new
Fixlet messages this morning.
> Fixlet Site - EnterpriseSecurity
> Current Version: 481 Published: Wed, 13 Oct 2004 00:11:12 GMT
>
>
> ***************************************************************
> Title: MS04-029: Vulnerability in RPC - Windows NT Server
> Severity: Important
> Fixlet ID: 402901
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-030.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in RPC. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-029: Vulnerability in RPC - Windows NT Terminal Server
> Severity: Important
> Fixlet ID: 402903
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-030.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in RPC. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-030: Vulnerability in WebDAV XML Message Handler - Windows
> 2000
> Severity: Moderate
> Fixlet ID: 403001
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-030.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in ; the WebDAV XML Handler for Windows 2000.
> An attacker who successfully exploited this vulnerability could cause
> WebDAV to consume all available memory and CPU time on an affected
> server. This behavior could cause a denial of service. The IIS service
> would have to be restarted to restore functionality.
>
> ***************************************************************
> Title: MS04-030: Vulnerability in WebDAV XML Message Handler - Windows
> Server 2003
> Severity: Moderate
> Fixlet ID: 403003
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-030.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in the WebDAV XML Handler for Windows Server
> 2003. An attacker who successfully exploited this vulnerability could
> cause WebDAV to consume all available memory and CPU time on an
> affected server. This behavior could cause a denial of service. The
> IIS service would have to be restarted to restore functionality.
>
> ***************************************************************
> Title: MS04-030: Vulnerability in WebDAV XML Message Handler - Windows
> XP
> Severity: Moderate
> Fixlet ID: 403005
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-030.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in the WebDAV XML Handler for Windows XP. An
> attacker who successfully exploited this vulnerability could cause
> WebDAV to consume all available memory and CPU time on an affected
> server. This behavior could cause a denial of service. The IIS service
> would have to be restarted to restore functionality.
>
> ***************************************************************
> Title: MS04-032: Security Update for Windows Kernel - Windows Server
> 2003
> Severity: Critical
> Fixlet ID: 403201
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in its Windows Kernel. After downloading and
> installing this patch, affected computers will no longer be
> susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-032: Security Update for Windows Kernel - Windows XP
> Severity: Critical
> Fixlet ID: 403203
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in its Windows Kernel. After downloading and
> installing this patch, affected computers will no longer be
> susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-032: Security Update for Windows Kernel - Windows 2000
> Severity: Critical
> Fixlet ID: 403205
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in its Windows Kernel. After downloading and
> installing this patch, affected computers will no longer be
> susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-032: Security Update for Windows Kernel - Windows NT Server
> Severity: Critical
> Fixlet ID: 403207
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in its Windows Kernel. After downloading and
> installing this patch, affected computers will no longer be
> susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-032: Security Update for Windows Kernel - Windows NT
> Terminal Server
> Severity: Critical
> Fixlet ID: 403209
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in its Windows Kernel. After downloading and
> installing this patch, affected computers will no longer be
> susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-033: Vulnerability in Microsoft Excel Could Allow Remote
> Code Execution - Office XP (Local/Network Install)
> Severity: Critical
> Fixlet ID: 403301
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in Excel. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-033: Vulnerability in Microsoft Excel Could Allow Remote
> Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Network
> Install)
> Severity: Critical
> Fixlet ID: 403304
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in Excel. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-033: Vulnerability in Microsoft Excel Could Allow Remote
> Code Execution - Office 2000 - Windows 95/98/ME (Network Install)
> Severity: Critical
> Fixlet ID: 403305
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in Excel. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-033: Vulnerability in Microsoft Excel Could Allow Remote
> Code Execution - Office 2000 (Local Install)
> Severity: Critical
> Fixlet ID: 403306
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in Excel. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-033: Vulnerability in Microsoft Excel Could Allow Remote
> Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Administrative
> Install)
> Severity: Critical
> Fixlet ID: 403307
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in Excel. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-033: Vulnerability in Microsoft Excel Could Allow Remote
> Code Execution - Office 2000 - Windows 95/98/ME (Administrative
> Install)
> Severity: Critical
> Fixlet ID: 403308
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in Excel. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-034: Vulnerability in Compressed Folders Could Allow
> Remote Code Execution - Windows XP
> Severity: Critical
> Fixlet ID: 403401
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-034.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in compressed (zipped) folders. An attacker
> could exploit this vulnerability by constructing a malicious
> compressed file that could potentially allow remote code execution.
> After downloading and installing this patch, affected computers will
> no longer be susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-034: Vulnerability in Compressed Folders Could Allow
> Remote Code Execution - Windows Server 2003
> Severity: Critical
> Fixlet ID: 403403
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-034.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in compressed (zipped) folders. An attacker
> could exploit this vulnerability by constructing a malicious
> compressed file that could potentially allow remote code execution.
> After downloading and installing this patch, affected computers will
> no longer be susceptible to this vulnerability.
>
> ***************************************************************
> Title: MS04-035: Vulnerability in SMTP Could Allow Remote Code
> Execution - Windows Server 2003
> Severity: Critical
> Fixlet ID: 403501
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/ms04-035.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> security vulnerability in the Simple Mail Transfer Protocol (SMTP)
> component that is provided as part of Windows Server 2003. An attacker
> who successfully exploited this vulnerability could take complete
> control of an affected system, including installing programs; viewing,
> changing, or deleting data; or creating new accounts that have full
> privileges.
>
> ***************************************************************
> Title: MS04-036: Vulnerability in NNTP Could Allow Remote Code
> Execution - Windows 2000 SP3/SP4
> Severity: Critical
> Fixlet ID: 403601
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> remote code execution vulnerability within the Network News Transfer
> Protocol (NNTP) component of Windows operating systems. An attacker
> who successfully exploited this vulnerability could take complete
> control of an affected system. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-036: Vulnerability in NNTP Could Allow Remote Code
> Execution - Windows Server 2003
> Severity: Important
> Fixlet ID: 403603
> Fixlet Link:
> http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx
>
> Fixlet Description: Microsoft has released a patch eliminating a
> remote code execution vulnerability within the Network News Transfer
> Protocol (NNTP) component of Windows operating systems. An attacker
> who successfully exploited this vulnerability could take complete
> control of an affected system. After downloading and installing this
> patch, affected computers will no longer be susceptible to this
> vulnerability.
>
> ***************************************************************
> Title: MS04-037: Vulnerability in Windows Shell Could Allow Remote
> Code Execution - Windows XP
> Severity: Critical
> Fixlet ID: 403701
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-037.mspx
>
> Fixlet Description: Microsoft has released a security update for the
> Windows Shell. An exploitation of this vulnerabilty could allow a
> remote user to gain complete control of a machine. Microsoft
> recommends that you patch all affected machines immediately.
>
> ***************************************************************
> Title: MS04-037: Vulnerability in Windows Shell Could Allow Remote
> Code Execution - Windows 2000
> Severity: Critical
> Fixlet ID: 403703
> Fixlet Link:
> http://www.microsoft.com/downloads/details.aspx?familyid=F8046E83-
> E151-4AAF-80CB-AD4F31C02EAC&displaylang=en
>
> Fixlet Description: Microsoft has released a security update for the
> Windows Shell. ; An exploitation of this vulnerabilty could allow a
> remote user to gain complete control of a machine. ; Microsoft
> recommends that you patch all affected machines immediately.
>
> ***************************************************************
> Title: MS04-037: Vulnerability in Windows Shell Could Allow Remote
> Code Execution - Windows NT Server
> Severity: Critical
> Fixlet ID: 403705
> Fixlet Link:
> http://www.microsoft.com/downloads/details.aspx?familyid=F8046E83-
> E151-4AAF-80CB-AD4F31C02EAC&displaylang=en
>
> Fixlet Description: Microsoft has released a security update for the
> Windows Shell. An exploitation of this vulnerabilty could allow a
> remote user to gain complete control of a machine. Microsoft
> recommends that you patch all affected machines immediately.
>
> ***************************************************************
> Title: MS04-037: Vulnerability in Windows Shell Could Allow Remote
> Code Execution - Windows 2003 Server
> Severity: Important
> Fixlet ID: 403709
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-037.mspx
>
> Fixlet Description: Microsoft has released a security update for the
> Windows Shell. An exploitation of this vulnerabilty could allow a
> remote user to gain complete control of a machine. Microsoft
> recommends that you patch all affected machines immediately.
>
> ***************************************************************
> Title: MS04-038: Cumulative Security Update for Internet Explorer - IE
> 5.01 SP3 for Windows 2000
> Severity: Critical
> Fixlet ID: 403801
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
>
> Fixlet Description: Microsoft has released a cumulative patch for
> Internet Explorer that eliminates newly discovered security
> vulnerabilities, as well as eliminating all vulnerabilities covered by
> earlier patches. After downloading and installing this patch, affected
> computers will no longer be susceptible to these vulnerabilities.
>
> ***************************************************************
> Title: MS04-038: Cumulative Security Update for Internet Explorer - IE
> 5.01 SP4 for Windows 2000
> Severity: Critical
> Fixlet ID: 403803
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
>
> Fixlet Description: Microsoft has released a cumulative patch for
> Internet Explorer that eliminates newly discovered security
> vulnerabilities, as well as eliminating all vulnerabilities covered by
> earlier patches. After downloading and installing this patch, affected
> computers will no longer be susceptible to these vulnerabilities.
>
> ***************************************************************
> Title: MS04-038: Cumulative Security Update for Internet Explorer - IE
> 6 for Windows Server 2003
> Severity: Critical
> Fixlet ID: 403815
> Fixlet Link:
> http://www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
>
> Fixlet Description: Microsoft has released a cumulative patch for
> Internet Explorer that eliminates newly discovered security
> vulnerabilities, as well as eliminating all vulnerabilities covered by
> earlier patches. After downloading and installing this patch, affected
> computers will no longer be susceptible to these vulnerabilities.
More information about the BigFix-Announcements
mailing list