J
Jerry Bryant [MSFT]
Follow up set to microsoft.public.security...
Today Microsoft released the following Security Bulletins.
Note: »www.microsoft.com/technet/security and »www.microsoft.com/security
are authoritative in all matters concerning Microsoft Security Bulletins!
ANY e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the
individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft
security notices, it is recommended that you physically type the URLs into
your web browser and not click on the hyperlinks provided.
Bulletins Summaries:
ISA Server: http://www.microsoft.com/technet/security/bulletin/isajan04.asp
Exchange: http://www.microsoft.com/technet/security/bulletin/excjan04.asp
Windows (MDAC):
http://www.microsoft.com/technet/security/bulletin/winjan04.asp
Critical Bulletins:
MS04-001 - Vulnerability in Microsoft Internet Security and Acceleration
Server 2000 H.323 Filter Could Allow Remote Code Execution (816458)
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
Important Bulletins:
MS04-003 - Buffer Overrun in MDAC Function Could Allow Code Execution
(832483)
http://www.microsoft.com/technet/security/bulletin/MS04-003.asp
MS03-045 - Re-Release: Buffer Overrun in the ListBox and in the ComboBox
Control Could Allow Code Execution (824141)
http://www.microsoft.com/technet/security/bulletin/MS03-045.asp
Reason for re-release: V4.0 January 13, 2004: Bulletin updated to reflect
the release of updated Windows NT 4.0 Workstation and Server updates for
Arabic, Hebrew, and Thai languages only.
Moderate Bulletins:
MS04-002 - Vulnerability in Exchange Server 2003 Could Lead to Privilege
Escalation (832759)
http://www.microsoft.com/technet/security/bulletin/MS04-002.asp
This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.
--
Regards,
Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities
Get Secure! www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
Today Microsoft released the following Security Bulletins.
Note: »www.microsoft.com/technet/security and »www.microsoft.com/security
are authoritative in all matters concerning Microsoft Security Bulletins!
ANY e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the
individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft
security notices, it is recommended that you physically type the URLs into
your web browser and not click on the hyperlinks provided.
Bulletins Summaries:
ISA Server: http://www.microsoft.com/technet/security/bulletin/isajan04.asp
Exchange: http://www.microsoft.com/technet/security/bulletin/excjan04.asp
Windows (MDAC):
http://www.microsoft.com/technet/security/bulletin/winjan04.asp
Critical Bulletins:
MS04-001 - Vulnerability in Microsoft Internet Security and Acceleration
Server 2000 H.323 Filter Could Allow Remote Code Execution (816458)
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
Important Bulletins:
MS04-003 - Buffer Overrun in MDAC Function Could Allow Code Execution
(832483)
http://www.microsoft.com/technet/security/bulletin/MS04-003.asp
MS03-045 - Re-Release: Buffer Overrun in the ListBox and in the ComboBox
Control Could Allow Code Execution (824141)
http://www.microsoft.com/technet/security/bulletin/MS03-045.asp
Reason for re-release: V4.0 January 13, 2004: Bulletin updated to reflect
the release of updated Windows NT 4.0 Workstation and Server updates for
Arabic, Hebrew, and Thai languages only.
Moderate Bulletins:
MS04-002 - Vulnerability in Exchange Server 2003 Could Lead to Privilege
Escalation (832759)
http://www.microsoft.com/technet/security/bulletin/MS04-002.asp
This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.
--
Regards,
Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities
Get Secure! www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.