malicious user
Microsoft Malicious Software Removal Tool 3.1
Microsoft Malicious Software Removal Tool is a helpful tool for checking Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers to help removing infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. more>> <<less
by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helpsMicrosoft Malicious Software Removal Tool 2Microsoft Windows Malicious Software Removal Tool 3.2
Microsoft Windows Malicious Software Removal Tool is released as a functional tool which is used to check Windows XP, Windows 2000,and Windows Server 2003 computers for and help remove infections by specific, prevalent malicious software including Blaster, Sasser, and Mydoom. more>> <<less
Microsoft Windows Malicious Software ... infections by specific, prevalent malicious software including Blaster, Sasser, and MydoomNTLM Authentication Vulnerability N/A
Web Client NTLM Authentication Vulnerability bug repair. more>> Microsoft has released a patch that eliminates a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me. The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a web server.<<less
Microsoft Outlook Express Security Update 1
This update resolves the Persistent Mail Browser Link, Cache Bypass, and Malformed E-mail Header security vulnerabilities in Outlook Express. Download now to prevent a malicious user from reading e-ma more>>
Microsoft Security Bulletin (MS00-082) 2.0
Patch Available for Malformed MIME Header Vulnerability more>> Microsoft? has released a patch that eliminates a security vulnerability in Exchange Server 5.0 and Exchange Server 5.5. The vulnerability could enable a malicious user to cause an Exchange server to fail.<<less
Microsoft Outlook Express Patch: Security vulnerab
Computers running Outlook Express 5.5 are not vulnerable to this issue. Outlook Express 5.5 includes this update more>> Computers running Outlook Express 5.5 are not vulnerable to this issue. Outlook Express 5.5 includes this update. This update resolves the "Persistent Mail Browser Link," "Cache Bypass," and "Malformed E-mail Header" security vulnerabilities in Outlook Express. Download now to prevent a malicious user from reading e-mails and files on your computer, or using your computer to send damaging e-mails to others. These vulnerabilities do not give a malicious user the ability to add, change, or delete files on your computer.<<less
Microsoft Media Player 6.4 Patch 33995
Microsoft Media Player is a patch which is to assist the use of Active Stream Redirector (.ASX) files for playing streaming media that resides on intranet or Internet sites. more>>
Microsoft Media Player 6.4 Patch 33995 is a patch which is to assist the use of Active Stream Redirector (.ASX) files for playing streaming media that resides on intranet or Internet sites. However, the code that parses .ASX files has an unchecked buffer, and this could potentially enable a malicious user to run code of his choice on the machine of another user. The malicious user could either send an affected file to another user and entice her to run or preview it, or he could host such a file on a web site and cause it to launch automatically whenever a user visited the site. The code could take any action on the machine that the legitimate user herself could take.
Microsoft Windows 2000 Patch: Reset Browser Frame
This update resolves the ResetBrowser Frame and HostAnnouncement Flooding security vulnerabilities in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-036 more>> This update resolves the "ResetBrowser Frame" and "HostAnnouncement Flooding" security vulnerabilities in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-036. Download now to prevent a malicious user from denying network users the ability to locate services or other computers on the network. Without this update, a malicious user may also be able to provide inaccurate information to network users.
For more information about this vulnerability, read Microsoft Security Bulletin MS00-036.
<<lessMicrosoft Windows 2000 Patch: Still Image Service
This update resolves the Still Image Service Privilege Escalation security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-065 more>> This update resolves the "Still Image Service Privilege Escalation" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-065. Download now to prevent a malicious user from logging on to a Windows 2000 computer interactively and running a program that could enable the malicious user to obtain administrative privileges on the host computer.
The Still Image Service is automatically installed when a still image device (such as a digital camera or scanner) is attached to the Windows 2000 host. There is an unchecked buffer in the Still Image Service that could allow a malicious program to obtain LocalSystem privileges.
For more information about this vulnerability, read Microsoft Security Bulletin MS00-065.
<<lessMicrosoft Windows 98 Update: Legacy Credential Cac
This update eliminates the Legacy Credential Caching vulnerability in Microsoft Windows? 98. Installing this update will prevent a malicious user from acquiring your network password more>> This update eliminates the "Legacy Credential Caching" vulnerability in Microsoft Windows? 98. Installing this update will prevent a malicious user from acquiring your network password.
Note: This vulnerability does not exist in Windows 98 Second Edition.
For more information on this vulnerability, please visit Microsoft Security Bulletin MS99-052.
<<lessMicrosoft Internet Information Server 5.0 Patch: M
This update resolves the Malformed Extension Data in URL security vulnerability in Internet Information Server (IIS) 5.0 and IIS 4.0 more>> This update resolves the "Malformed Extension Data in URL" security vulnerability in Internet Information Server (IIS) 5.0 and IIS 4.0. Installing this update will prevent a malicious user from slowing or temporarily stopping performance on your Web server. If the URL used by a malicious user to request a file on your Web server contained malformed file extension data, the server could become unresponsive. The vulnerability does not cause the server to fail, nor does it allow a malicious user to compromise data on the computer or to take administrative control over it.<<less
IIS 5.0 Cumulative Security Update MS01-044
Prevent malicious users from disrupting the service of IIS 5.0. more>>
IIS 5.0 Cumulative Security Update MS01-044 is a software which includes every update released for Internet Information Server (IIS) 5.0 and is discussed in Microsoft Security Bulletin MS01-044. This update addresses four new vulnerabilities: two security vulnerabilities that could enable a malicious user to temporarily disrupt the service of IIS 5.0; and two security vulnerabilities that could enable a malicious user to gain unauthorized privileges on your Web server.
Instructions:
- Click the Download link to start the download, or choose a different language from the drop-down list and click Go.Do one of the following:
- To start the installation immediately, click Open or Run this program from its current location.
- To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
- Once saved you will need to open the .exe file to run the program.
Requirements: Windows 2000
Microsoft Internet Information Server 5.0 Patch: U
This update resolves the Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise security vulnerability in Windows 2000 computers running Internet Information Service more>> This update resolves the "Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise" security vulnerability in Windows 2000 computers running Internet Information Service (IIS) 5.0, and is discussed in Microsoft Security Bulletin MS01-033. Download now to prevent a malicious user from taking control of your Web server.
Important A new version of this update is now available. Microsoft recommends that you download Security Update, August 17, 2001, as it eliminates the vulnerability discussed in this update, and all known variants of the vulnerability.
The Indexing Service ISAPI (Indexing Service Application Programming Interface) extension, idq.dll file, which installs as part of Indexing Service in Windows 2000 has an unchecked buffer (a temporary data storage area that has a limited capacity) in the code that handles incoming requests. A specifically malformed request from a malicious user can cause the buffer to overflow. Doing so grants the malicious user Local System privileges, allowing him or her to take complete control of the Web server. This update eliminates the vulnerability by ensuring that the ISAPI extension checks input correctly.
Note Although the functionality provided by idq.dll supports Indexing Service, idq.dll is installed with IIS 5.0, and the vulnerability is present only when IIS 5.0 is running.
<<lessMicrosoft Windows 2000 Patch: Indexing Service Cro
This update resolves the Indexing Services Cross Site Scripting vulnerability in Indexing Services for Windows 2000 and is discussed in Microsoft Security Bulletin MS00-084 more>> This update resolves the "Indexing Services Cross Site Scripting" vulnerability in Indexing Services for Windows 2000 and is discussed in Microsoft Security Bulletin MS00-084. Download now to prevent a malicious user from introducing code on your Web server and returning it as a Web page to a visiting browser.
Indexing Services is a search engine that is integrated with Internet Information Services (IIS) 5.0 and Windows 2000 that allows browsers to perform full-text searches of Web sites. Indexing Services does not properly validate all search inputs before processing them, and is consequently vulnerable to Cross-Site Scripting (CSS). CSS allows a malicious user to "inject" code into another persons Web session. If a malicious user is successful in exploiting this vulnerability, he or she can use a Web site hosted by your server to run code on a visting users browser each time it returns to your Web site.
Note Indexing Services ships and installs with Windows 2000, but is not enabled by default. If you are running Web servers on Windows 2000 and you have enabled Indexing Services, Microsoft recommends that you apply this update.
For more information about this vulnerability, read Microsoft Security Bulletin MS00-084.
<<lessMicrosoft Internet Explorer 5.01 Security Patch
Outlook Express update more>> Computers running Outlook Express 5.5 are not vulnerable to this issue. Outlook Express 5.5 includes this update.
This update resolves the "Persistent Mail Browser Link," "Cache Bypass," and "Malformed E-mail Header" security vulnerabilities in Outlook Express. Download now to prevent a malicious user from reading e-mails and files on your computer, or using your computer to send damaging e-mails to others. These vulnerabilities do not give a malicious user the ability to add, change, or delete files on your computer.
<<less
