[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 574/03 - Seven Microsoft Security Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 574/03 dated 16.10.03  Time: 09:20
 UNIRAS is part of NISCC(National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Seven Microsoft Security Advisories:

1. MS03-041 - Vulnerability in Authenticode Verification Could Allow
              Remote Code Execution (823182)

2. MS03-042 - Buffer Overflow in Windows Troubleshooter ActiveX Control 
              Could Allow Code Execution (826232)

3. MS03-043 - Buffer Overrun in Messenger Service Could Allow Code 
              Execution (828035)
  
4. MS03-044 - Buffer Overrun in Windows Help and Support Center Could 
              Lead to System Compromise (825119)   

5. MS03-045 - Buffer Overrun in the ListBox and in the ComboBox Control Could Allow
                          Code Execution (824141)

6. MS03-046 - Vulnerability in Exchange Server Could Allow Arbitrary Code 
              Execution(829436)   

7. MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow
              Cross-Site Scripting Attack (828489)
    
  
Detail
====== 

1. The Microsoft Security Response Center has released Microsoft Security Bulletin 
MS03-041 which concerns a vulnerability in the listed versions of Windows. 
http://www.microsoft.com/technet/security/bulletin/MS03-041.asp

2. The Microsoft Security Response Center has released Microsoft Security Bulletin 
MS03-042 which concerns a vulnerability in the listed versions of Windows.
http://www.microsoft.com/technet/security/bulletin/MS03-042.asp

3. The Microsoft Security Response Center has released Microsoft Security Bulletin
MS03-043 which concerns a vulnerability in the products listed.
http://www.microsoft.com/technet/security/bulletin/MS03-043.asp

4. The Microsoft Security Response Center has released Microsoft Security Bulletin 
MS03-044 which concerns a vulnerability in the listed versions of Windows.
http://www.microsoft.com/technet/security/bulletin/MS03-044.asp 

5. The Microsoft Security Response Center has released Microsoft Security Bulletin 
MS03-045 which concerns a vulnerability in the listed versions of Windows.
http://www.microsoft.com/technet/security/bulletin/MS03-045.asp

6. The Microsoft Security Response Center has released Microsoft Security Bulletin
MS03-046 which concerns a vulnerability in versions of Microsoft Exchange Server.
http://www.microsoft.com/technet/security/bulletin/MS03-046.asp

7. The Microsoft Security Response Center has released Microsoft Security Bulletin 
MS03-047 which concerns a vulnerability in Exchange Server 5.5 Outlook Web Access.
http://www.microsoft.com/technet/security/bulletin/MS03-047.asp



1.          ESB-2003.0723 -- Microsoft Security Bulletin MS03-041
           Vulnerability in Authenticode Verification Could Allow
                       Remote Code Execution (823182)
                              16 October 2003


Product:                Authenticode
Publisher:              Microsoft
Operating System:       Windows NT Workstation 4.0, Service Pack 6a
                        Windows NT Server 4.0, Service Pack 6a
                        Windows NT Server 4.0, TSE, Service Pack 6
                        Windows 2000, Service Pack 2
                        Windows 2000, Service Pack 3, Service Pack 4
                        Windows XP Gold, Service Pack 1
                        Windows XP 64-bit Edition
                        Windows XP 64-bit Edition Version 2003
                        Windows Server 2003
                        Windows Server 2003 64-bit Edition
Impact:                 Execute Arbitrary Code/Commands
Access Required:        Remote
CVE Names:              CAN-2003-0660

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Vulnerability in Authenticode Verification Could Allow Remote
Code Execution (823182)
Date: October 15, 2003
Software: Microsoft Windows NT Workstation 4.0, Service Pack 6a;
Microsoft Windows NT Server 4.0, Service Pack 6a; Microsoft Windows
NT Server 4.0, Terminal Server Edition, Service Pack 6; Microsoft
Windows 2000, Service Pack 2; Microsoft Windows 2000, Service Pack 3,
Service Pack 4; Microsoft Windows XP Gold, Service Pack 1; Microsoft
Windows XP 64-bit Edition; Microsoft Windows XP 64-bit Edition
Version 2003; Microsoft Windows Server 2003; Microsoft Windows Server
2003 64-bit Edition
Impact: Remote Code Execution
Maximum Severity Rating: Critical
Bulletin: MS03-041

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-041

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-044 which concerns a vulnerability in the
above listed versions of Windows.  Customers are advised to review
the information in the bulletin, test and deploy the patch
immediately in their environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-041.asp

If you have any questions regarding the patch or its implementation
after reading the above listed bulletin you should contact Product
Support Services in the United States at 1-866-PCSafety
(1-866-727-2338).  International customers should contact their local
subsidiary.



2.  
           ESB-2003.0724 -- Microsoft Security Bulletin MS03-042
   Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow
                          Code Execution (826232)
                              16 October 2003


Product:                Windows Troubleshooter ActiveX Control
Publisher:              Microsoft
Operating System:       Windows 2000, Service Pack 2
                        Windows 2000, Service Pack 3, Service Pack 4
Impact:                 Execute Arbitrary Code/Commands
Access Required:        Remote
CVE Names:              CAN-2003-0661

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Buffer Overflow in Windows Troubleshooter ActiveX Control
Could Allow Code Execution (826232)
Date: October 15, 2003
Software: 
Microsoft Windows 2000, Service Pack 2 
Microsoft Windows 2000, Service Pack 3, Service Pack 4

Impact: Remote Code Execution.
Maximum Severity Rating: CRITICAL
Bulletin: MS03-042

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-042

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-037 which concerns a vulnerability in products
listed above.  Customers are advised to review the information in the
bulletin, test and deploy the patch immediately in their
environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-042.asp
If you have any questions regarding the patch or its implementation
after reading the above listed bulletin you should contact Product
Support Services in the United States at 1-866-PCSafety
(1-866-727-2338).  International customers should contact their local
subsidiary.



3. 
           ESB-2003.0725 -- Microsoft Security Bulletin MS03-043
  Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
                              16 October 2003

Product:                Microsoft Windows Messenger Service
Publisher:              Microsoft
Operating System:       Windows Server 2003
                        Windows 2000
                        Windows XP
                        Windows NT Server 4.0, Terminal Server Edition
                        Windows NT 4.0 Workstation
                        Windows NT Server 4.0
Impact:                 Administrator Compromise
Access Required:        Remote
CVE Names:              CAN-2003-0717

Ref:                    AL-2003.22

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Buffer Overrun in Messenger Service Could Allow Code Execution
(828035)
Date: October 15, 2003
Software: 
Microsoft Windows NT Server 4.0 
Microsoft Windows NT 4.0 Workstation 
Microsoft Windows NT Server 4.0, Terminal Server Edition 
Microsoft Windows XP 
Microsoft Windows 2000 
Microsoft Windows Server 2003

Impact: Allow attacker to execute arbitrary code.
Maximum Severity Rating: CRITICAL
Bulletin: MS03-043

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-043

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-043 which concerns a vulnerability in products
listed above.  Customers are advised to review the information in the
bulletin, test and deploy the patch immediately in their
environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-043.asp

If you have any questions regarding the patch or its implementation
after reading the above listed bulletin you should contact Product
Support Services in the United States at 1-866-PCSafety
(1-866-727-2338).  International customers should contact their local
subsidiary.



4. 
           ESB-2003.0726 -- Microsoft Security Bulletin MS03-044
  Buffer Overrun in Windows Help and Support Center Could Lead to System
                            Compromise (825119)
                              16 October 2003


Product:                Windows Help and Support Center
Publisher:              Microsoft
Operating System:       Windows Server 2003 64-bit Edition
                        Windows Server 2003
                        Windows XP 64-bit Edition Version 2003
                        Windows XP 64-bit Edition
                        Windows XP Gold, Service Pack 1
                        Windows 2000, Service Pack 3, Service Pack 4
                        Windows 2000, Service Pack 2
                        Windows NT Server 4.0, TSE, Service Pack 6
                        Windows NT Server 4.0, Service Pack 6a
                        Windows NT Workstation 4.0, Service Pack 6a
                        Windows Millennium Edition
Impact:                 Administrator Compromise
Access Required:        Remote
CVE Names:              CAN-2003-0711

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Buffer Overrun in Windows Help and Support Center Could Lead
to System Compromise (825119)
Date: October 15, 2003
Software: Microsoft Windows Millennium Edition; Microsoft Windows NT
Workstation 4.0, Service Pack 6a; Microsoft Windows NT Server 4.0,
Service Pack 6a; Microsoft Windows NT Server 4.0, Terminal Server
Edition, Service Pack 6; Microsoft Windows 2000, Service Pack 2;
Microsoft Windows 2000, Service Pack 3, Service Pack 4; Microsoft
Windows XP Gold, Service Pack 1; Microsoft Windows XP 64-bit Edition;
Microsoft Windows XP 64-bit Edition Version 2003; Microsoft Windows
Server 2003; Microsoft Windows Server 2003 64-bit Edition
Impact: Remote Code Execution
Maximum Severity Rating: Critical
Bulletin: MS03-044

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-044

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-044 which concerns a vulnerability in the
above listed versions of Windows.  Customers are advised to review
the information in the bulletin, test and deploy the patch
immediately in their environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-044.asp

If you have any questions regarding this alert please contact your
Technical Account Manager or Application Development Consultant.



5.            ESB-2003.0727 -- Microsoft Security Bulletin MS03-045
   Buffer Overrun in the ListBox and in the ComboBox Control Could Allow
                          Code Execution (824141)
                              16 October 2003

Product:                ListBox and ComboBox Control
Publisher:              Microsoft
Operating System:       Windows Server 2003 64-bit Edition
                        Windows Server 2003
                        Windows XP 64-bit Edition Version 2003
                        Windows XP 64-bit Edition
                        Windows XP Gold, Service Pack 1
                        Windows 2000, Service Pack 3, Service Pack 4
                        Windows 2000, Service Pack 2
                        Windows NT Server 4.0, TSE, Service Pack 6
                        Windows NT Server 4.0, Service Pack 6a
                        Windows NT Workstation 4.0, Service Pack 6a
Impact:                 Increased Privileges
Access Required:        Existing Account
CVE Names:              CAN-2003-0659

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Buffer Overrun in the ListBox and in the ComboBox Control
Could Allow Code Execution (824141)
Date: October 15, 2003
Software: Microsoft Windows NT Workstation 4.0, Service Pack 6a;
Microsoft Windows NT Server 4.0, Service Pack 6a; Microsoft Windows
NT Server 4.0, Terminal Server Edition, Service Pack 6; Microsoft
Windows 2000, Service Pack 2; Microsoft Windows 2000 Service Pack 3,
Service Pack 4; Microsoft Windows XP Gold, Service Pack 1; Microsoft
Windows XP 64 bit Edition; Microsoft Windows XP 64 bit Edition
Version 2003; 
Microsoft Windows Server 2003; Microsoft Windows Server 2003 64 bit
Edition; 
Impact: Local Elevation of Privilege
Maximum Severity Rating: Important
Bulletin: MS03-045

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-045

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-045 which concerns a vulnerability in the
above listed versions of Windows.  Customers are advised to review
the information in the bulletin, test and deploy the patch
immediately in their environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-045.asp

If you have any questions regarding this alert please contact your
Technical Account Manager or Application Development Consultant.



6.                 Vulnerability in Exchange Server Could Allow
                      Arbitrary Code Execution(829436)
                   Microsoft Security Bulletin MS03-046
                              16 October 2003
Product:                Microsoft Exchange Server 5.5, Service Pack 4
                        Microsoft Exchange 2000 Server, Service Pack 3
Publisher:              Microsoft
Operating System:       Windows
Impact:                 Administrator Compromise
                        Denial of Service
Access Required:        Remote
CVE Names:              CAN-2003-0714

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Vulnerability in Exchange Server Could Allow Arbitrary Code
Execution (829436)
Date: October 15, 2003
Software: Microsoft Exchange Server 5.5, Service Pack 4; Microsoft
Exchange 2000 Server, Service Pack 3
Impact: Remote Code Execution
Maximum Severity Rating: Critical
Bulletin: MS03-046

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-046

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-046 which concerns a vulnerability in the
versions of Microsoft Exchange Server listed above.  Customers are
advised to review the information in the bulletin, test and deploy
the patch immediately in their environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-046.asp 

If you have any questions regarding this alert please contact your
Technical Account Manager or Application Development Consultant.



7.  
           ESB-2003.0728 -- Microsoft Security Bulletin MS03-047
    Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow
                   Cross-Site Scripting Attack (828489)
                              16 October 2003


Product:                Exchange Server 5.5
Publisher:              Microsoft
Operating System:       Windows
Impact:                 Execute Arbitrary Code/Commands
Access Required:        Remote
CVE Names:              CAN-2003-0712

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: Vulnerability in Exchange Server 5.5 Outlook Web Access Could
Allow Cross-Site Scripting Attack (828489)
Date: October 15, 2003
Software: Microsoft Exchange Server 5.5, Service Pack 4
Impact: Remote Code Execution
Maximum Severity Rating: Moderate
Bulletin: MS03-047

The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-047

What Is It?
The Microsoft Security Response Center has released Microsoft
Security Bulletin MS03-047 which concerns a vulnerability in Exchange
Server 5.5 Outlook Web Access.  Customers are advised to review the
information in the bulletin and test and deploy the patch in their
environments, if applicable.

More information is now available at 
http://www.microsoft.com/technet/security/bulletin/MS03-047.asp 

If you have any questions regarding this alert please contact your
Technical Account Manager or Application Development Consultant.






- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via EMail to:
uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Microsoft for the information
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBP45Yyopao72zK539AQG5qAP8CVhp+/XpmeGiQeBoJNalLWOBR08oy/HF
jBUW5hbTWLJpMY+zSXE35ZBFp4OpMjVDPeZgfuU0N5Igxl0UoRpi3CgfMjMA7Rl5
E+R9WcpaWmmOyO9Tap8cUkBD8d7pv5Pi1rv3LEqF4VVg6ZC2ZKp+hLwEr9Gp311w
XIag5qvqa7k=
=qCAo
-----END PGP SIGNATURE-----