microsoft security bulletin ms00
Microsoft Security Bulletin (MS00-082) 2.0
Patch Available for Malformed MIME Header Vulnerability more>> Microsoft? has released a patch that eliminates a security vulnerability in Exchange Server 5.0 and Exchange Server 5.5. The vulnerability could enable a malicious user to cause an Exchange server to fail.<<less
Microsoft Security Bulletin MS01-033
Unchecked Buffer in Index Server ISAPI Extension more>> This update resolves the "Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise" security vulnerability in Windows 2000 computers running Internet Information Service (IIS) 5.0, and is discussed in Microsoft Security Bulletin MS01-033. Download now to prevent a malicious user from taking control of your Web server.<<less
Microsoft Security Bulletin MS07-002 2
Microsoft Security Bulletin MS07-002 is a useful program which can substitute a prior security update. more>>
Microsoft Security Bulletin MS07-002 2 is a useful program which can substitute a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list. Microsoft Knowledge Base Article 927198 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.
Microsoft Security Bulletin Q320920
Cumulative Patch for Windows Media Player more>> Summary
Who should read this bulletin: Customers using Microsoft? Windows Media? Player 6.4, 7.1 or Windows Media Player for Windows XP.
Impact of vulnerability: Three new vulnerabilities, the most serious of which could be used to run code of attackers choice.
Maximum Severity Rating: Critical
Recommendation: Customers running affected products should apply the patch immediately.
Affected Software:
Microsoft Windows Media Player 6.4
Microsoft Windows Media Player 7.1
Microsoft Windows Media Player for Windows XP
Microsoft Security Bulletin MS04-020 2.0
Microsoft Security Bulletin MS04-020 Vulnerability in POSIX Could Allow Code Execution Vulnerability Identifiers: POSIX Vulnerability - CAN-2004-0210 - A privilege elevation vulnerability exists in more>> Microsoft Security Bulletin MS04-020
Vulnerability in POSIX Could Allow Code Execution
Vulnerability Identifiers: POSIX Vulnerability - CAN-2004-0210 - A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Impact of Vulnerability: Privilege Elevation
Windows NT4: Important
Windows 2000: Important
<<lessMicrosoft Security Bulletin MS02-058 Q328676
Unchecked Buffer in Outlook Express S/MIME Parsing more>> This update resolves the "Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)" vulnerability in Outlook Express. Download now to keep your computer secure.<<less
Microsoft Security Bulletin MS03-039 824146
Critical update for NT/2000/XP/2003 more>> A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft Windows and gain complete control over it. You can help protect your computer by installing this update from Microsoft.
Note: Windows 98, Windows 98 Second Edition (SE), and Windows 95 also are not affected by this issue. However, these products are no longer supported. Users of these products are strongly encouraged to upgrade to later versions.
<<lessMicrosoft Security Bulletin MS03-043 828035
Buffer Overrun in Could Allow Code Execution more>> A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. The vulnerability results because the Messenger Service does not properly validate the length of a message before passing it to the allocated buffer.
An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail. The attacker could then take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges.
<<lessMicrosoft Security Bulletin MS03-005 810577
Unchecked Buffer in Windows Redirector more>> The Windows Redirector is used by a Windows client to access files, whether local or remote, regardless of the underlying network protocols in use. For example, the "Add a Network Place" Wizard or the NET USE command can be used to map a network share as a local drive, and the Windows Redirector will handle the routing of information to and from the network share.
A security vulnerability exists in the implementation of the Windows Redirector on Windows XP because an unchecked buffer is used to receive parameter information. By providing malformed data to the Windows Redirector, an attacker could cause the system to fail, or if the data was crafted in a particular way, could run code of the attacker?s choice.
<<lessMicrosoft Security Bulletin Q322273
Unchecked Buffer in Profile Service of Commerce Server more>> Summary:
Who should read this bulletin: System administrators using Microsoft? Commerce Server 2000 or Commerce Server 2002
Impact of vulnerability: Four vulnerabilities, each of which could run code of attacker?s choice.
Maximum Severity Rating: Critical
Recommendation: System administrators should install the patch immediately.
Affected Software:
Microsoft Commerce Server 2000 Microsoft Commerce Server 2002
<<lessMicrosoft Security Bulletin MS02-042 Q326886
Privilege elevation flaw in Network Connection Manager more>> The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. Among the functions of the NCM is to call a handler routine whenever a network connection has been established.
By design, this handler routine should run in the security context of the user. However, a flaw could make it possible for an unprivileged user to cause the handler routine to run in the security context of LocalSystem, though a very complex process. An attacker who exploited this flaw could specify code of his or her choice as the handler, then establish a network connection in order to cause that code to be invoked by the NCM. The code would then run with full system privileges.
<<lessMicrosoft Security Bulletin MS05-053 - 896424 1.0
Microsoft Security Bulletin MS05-053 - 896424 is an advanced program which satisfies you with vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424) more>>
Microsoft Security Bulletin MS05-053 - 896424 1.0 is an advanced program which satisfies you with vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
- Affected Software:
- Windows 2000 Service Pack 4
- Windows XP Service Pack 1
- Windows XP Service Pack 2
- Windows XP 64-Bit Edition Version 2003 (Itanium)
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Review the FAQ section of bulletin MS05-053 for information about these operating systems:
- Windows 98
- Windows 98 Second Edition (SE)
- Windows Millennium Edition (ME)
- Impact: Remote Code Execution
- Version Number: 1.0
Microsoft Security Bulletin Summary for August 1.0
Bulletin Identifier Microsoft Security Bulletin MS04-026 Bulletin Title Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436) more>> Bulletin Identifier
Microsoft Security Bulletin MS04-026
Bulletin Title
Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436)
Executive Summary
A cross-site scripting and spoofing vulnerability exists in OWA for Exchange Server 5.5 that could cause a user to run script on the attackers behalf.
Maximum Severity Rating
Moderate
Impact of Vulnerability
Remote Code Execution
Affected Software
Microsoft Exchange, Outlook Web Access. For more information, see the Affected Software and Download Locations section.
Microsoft Security Bulletin Summary for December 1.0
Bulletin Identifier: Microsoft Security Bulletin MS04-040 Bulletin Title: Cumulative Security Update for Internet Explorer (889293) Executive Summary: A vulnerability exists in Internet Explorer that more>>
- Bulletin Identifier: Microsoft Security Bulletin MS04-040
- Bulletin Title: Cumulative Security Update for Internet Explorer (889293)
- Executive Summary: A vulnerability exists in Internet Explorer that could allow remote code execution on an affected system.
- Maximum Severity Rating: Critical
- Impact of Vulnerability: Remote Code Execution
- Affected Software: Windows, Internet Explorer. For more information, see the Affected Software and Download Locations section.
Microsoft Security Bulletin Summary for August, 2006 1.0
Microsoft Security Bulletin Summary for August, is created to be an updated which can give you so much useful information. more>>
Microsoft Security Bulletin Summary for August, 2006 1.0 is created to be an updated which can give you so much useful information.
- Bulletin Identifier: Microsoft Security Bulletin MS06-040
- Bulletin Title: Vulnerability in Server Service Could Allow Remote Code Execution (921883)
- Bulletin Identifier: Microsoft Security Bulletin MS06-041
- Bulletin Title: Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)
- Bulletin Identifier: Microsoft Security Bulletin MS06-042
- Bulletin Title: Cumulative Security Update for Internet Explorer (918899)
- Bulletin Identifier: Microsoft Security Bulletin MS06-043
- Bulletin Title: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)
- Bulletin Identifier: Microsoft Security Bulletin MS06-044
- Bulletin Title: Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)
- Bulletin Identifier: Microsoft Security Bulletin MS06-046
- Bulletin Title: Vulnerability in HTML Help Could Allow Remote Code Execution (922616)
- Bulletin Identifier: Microsoft Security Bulletin MS06-047
- Bulletin Title: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
- Bulletin Identifier: Microsoft Security Bulletin MS06-048
- Bulletin Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)
- Bulletin Identifier: Microsoft Security Bulletin MS06-051
- Bulletin Title: Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)
- Important
- Bulletin Identifier: Microsoft Security Bulletin MS06-045
- Bulletin Title: Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)
- Bulletin Identifier: Microsoft Security Bulletin MS06-049
- Bulletin Title: Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)
- Bulletin Identifier: Microsoft Security Bulletin MS06-050
- Bulletin Title: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
