[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 562/04 - Microsoft - October Microsoft Security Bulletin Release



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 562/04 dated 12.10.04  Time: 19:45
 UNIRAS is part of NISCC(National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====
October 2004 Microsoft Security Bulletin Release

Detail
====== 
Microsoft is releasing 10 security bulletins for newly discovered
vulnerabilities in Microsoft Office, Microsoft Windows and Microsoft
Exchange.

Important MS04-029 Microsoft Windows  Information Disclosure and Denial of Service
Important MS04-030 Microsoft Windows  Denial of Service
Important MS04-031 Microsoft Windows  Remote Code Execution
Critical  MS04-032 Microsoft Windows  Remote Code Execution
Critical  MS04-033 Microsoft Office   Code Execution
Critical  MS04-034 Microsoft Windows  Remote Code Execution
Critical  MS04-035 Microsoft Windows  Remote Code Execution
                   Microsoft Exchange
Critical  MS04-036 Microsoft Windows  Remote Code Execution
                   Microsoft Exchange
Critical  MS04-037 Microsoft Windows  Remote Code Execution
Critical  MS04-038 Microsoft Windows  Remote Code Execution

Summaries for these new bulletins may be found at the following pages:
 - http://www.microsoft.com/technet/security/bulletin/ms04-oct.mspx

Re-issued Updates
In addition, Microsoft is re-releasing updates for Microsoft Office XP.

Critical	MS04-028	Microsoft Office XP, Project 2002, Visio
2002,Windows Journal Viewer	Remote Code Execution

This revised update is ONLY for customers running Office XP, Visio 2002
and Project 2002 on Windows XP Service Pack 2. This re-release does not
affect any other products. This re-release also does not affect
customers running Office XP, Visio 2002 and Project 2002 on platforms
other than Windows XP Service Pack 2, including Windows XP SP1.

This new update is for Windows Journal Viewer ONLY.

Information on this re-released bulletin and these tools may be found at
the following pages:
 - http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

Customers are advised to review the information in the bulletins, test
and deploy the updates immediately in their environments, if applicable.

RESOURCES RELATED TO THIS ALERT

 - Note: Some Knowledge Base articles may take up to 24 hours to appear.

 - Microsoft Knowledge Base Article 885876 documents the issues around
the original release of this security update for Office XP, Visio 2002
and Project 2002 on Windows XP Service Pack 2.
http://support.microsoft.com/?kbid=885876

 - Microsoft Knowledge Base Article 886988 documents the MS04-028
Enterprise Scanning Tool. 
http://support.microsoft.com/?kbid=886988

 - Information about MS04-028 for ISVs and developers is available here:
http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/gdiplus10security.asp

 - Please visit http://www.microsoft.com/technet/security for the most
current information on this alert.

Microsoft will host a webcast tomorrow to address customer questions on
these bulletins. For more information on this webcast please see below:
 - Information about Microsoft's October Security Bulletins
 - Wednesday, October 13, 2004 11:00 AM (GMT-08:00) Pacific Time (US &
Canada)
 -
http://msevents.microsoft.com/cui/WebCastEventDetails.aspx?EventID=1032259702&Culture=en-US

The on-demand version of the webcast will be available 24 hours after
the live webcast at: 
 -
http://msevents.microsoft.com/cui/WebCastEventDetails.aspx?EventID=1032259702&Culture=en-US


**********************************************************************
TECHNICAL DETAILS

MS04-029
Title:  Vulnerability in RPC Runtime Library Could Allow Information
Disclosure and Denial of Service (873350)

Affected Software: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a
 - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

Impact of Vulnerability:  Information Disclosure and Denial of Service

Maximum Severity Rating:  Important

Restart required:  In some cases, this update does not require a
restart. The installer stops the needed services, applies the update,
and then restarts the services. However, if the required services cannot
be stopped for any reason or if required files are in use, this update
will require a restart. If this occurs, a message appears that advises
you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-029.mspx

**********************************************************************
MS04-030
Title:  Vulnerability in WebDav XML Message Handler Could Lead to a
Denial of Service (824151)

Affected Software: 
 - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
 - Microsoft Windows XP, Microsoft Windows XP Service Pack 1 and
Microsoft Windows XP Service Pack 2
 - Microsoft Windows XP 64-Bit Edition Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server(tm) 2003
 - Microsoft Windows Server 2003 64-Bit Edition

Affected Components: 
 - Internet Information Server 5.0
 - Internet Information Services 5.1
 - Internet Information Server 6.0

Impact of Vulnerability:  Denial of Service

Maximum Severity Rating:  Important

Restart required: In some cases, this update does not require a restart.
The installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be
stopped for any reason or if required files are in use, this update will
require a restart. If this occurs, a message appears that advises you to
restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-030.mspx

**********************************************************************
MS04-031
Title:  Vulnerability in NetDDE Could Allow Remote Code Execution
(841533)

Affected Software: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a
 - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
6
 - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
 - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server 2003
 - Microsoft Windows Server 2003 64-Bit Edition
 - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Important

Restart required: In some cases, this update does not require a restart.
The installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be
stopped for any reason or if required files are in use, this update will
require a restart. If this occurs, a message appears that advises you to
restart.

Update can be uninstalled:  Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx

**********************************************************************
MS04-032
Title:  Security Update for Microsoft Windows (840987)

Affected Software: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a
 - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
6
 - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
 - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server(tm) 2003
 - Microsoft Windows Server 2003 64-Bit Edition
 - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Critical

Restart required: In some cases, this update does not require a restart.
The installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be
stopped for any reason or if required files are in use, this update will
require a restart. If this occurs, a message appears that advises you to
restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-032.mspx

**********************************************************************
MS04-033
Title:  Vulnerability in Microsoft Excel Could Allow Code
Execution(886836)

Affected Software: 
 - Microsoft Office 2000 Service Pack 3 Software: Excel 2000
 - Microsoft Office XP Software: Excel 2002
 - Microsoft Office 2001 for Mac:  Microsoft Excel 2001 for Mac
 - Microsoft Office v. X for Mac: Microsoft Excel v. X for Mac

Impact of Vulnerability:  Code Execution

Maximum Severity Rating:  Critical

Restart required: No

Update can be uninstalled: No

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-033.mspx

**********************************************************************
MS04-034
Title:  Vulnerability in Compressed (zipped) Folders Could Allow Code
Execution (873376)

Affected Software: 
 - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server 2003
 - Microsoft Windows Server 2003 64-Bit Edition

Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Critical

Restart required:  In some cases, this update does not require a
restart. The installer stops the required services, applies the update,
and then restarts the services. However, if the required services cannot
be stopped for any reason or if required files are in use, this update
will require a restart. If this occurs, a message appears that advises
you to restart.

Update can be uninstalled:  Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-034.mspx

**********************************************************************
MS04-035
Title:  Vulnerability in SMTP Could Allow Remote Code Execution (885881)

Affected Software: 
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server 2003
 - Microsoft Windows Server 2003 64-Bit Edition
 - Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003
Service Pack 1 when installed on Microsoft Windows Server 2003 (uses the
Windows 2003 SMTP component)
 - Microsoft Exchange Server 2003 when installed on Microsoft Windows
2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4

Affected Components: 
 - Microsoft Windows XP 64-Bit Edition Version 2003 SMTP component
 - Microsoft Windows Server(tm) 2003 SMTP component
 - Microsoft Windows Server 2003 64-Bit Edition SMTP component
 - Microsoft Exchange Server 2003 Routing Engine component

Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Critical

Restart required:  You must restart your system after you apply this
security update.

Update can be uninstalled: 

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-035.mspx

**********************************************************************
MS04-036
Title:  Vulnerability in NNTP Could Allow Code Execution (883935)

Affected Software: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a
 - Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows
2000 Server Service Pack 4
 - Microsoft Windows Server(tm) 2003
 - Microsoft Windows Server 2003 64-Bit Edition
 - Microsoft Exchange 2000 Server Service Pack 3 (Uses Windows 2000 NNTP
Component)
 - Microsoft Exchange Server 2003 (Uses Windows 2000 or Windows Server
2003 NNTP Component)

Affected Components: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a NNTP Component
 - Microsoft Windows 2000 Server Service Pack 3 NNTP Component and
Microsoft Windows 2000 Server Service Pack 4 NNTP Component
 - Microsoft Windows Server(tm) 2003 NNTP Component
 - Microsoft Windows Server 2003 64-Bit Edition NNTP Component

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating:  Critical

Restart required:  In some cases, this update does not require a
restart. The installer stops the required services, applies the update,
and then restarts the services. However, if the required services cannot
be stopped for any reason or if required files are in use, this update
will require a restart. If this occurs, a message appears that advises
you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx

**********************************************************************
MS04-037
Title:  Vulnerability in Windows Shell Could Allow Remote Code Execution
(841356)

Affected Software: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a
 - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
6
 - Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service
Pack 4
 - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server 2003
 - Microsoft Windows Server 2003 64-Bit Edition
 - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.
Impact of Vulnerability:  Remote Code Execution

Maximum Severity Rating:  Critical

Restart required:  In some cases, this update does not require a
restart. The installer stops the required services, applies the update,
and then restarts the services. However, if the required services cannot
be stopped for any reason or if required files are in use, this update
will require a restart. If this occurs, a message appears that advises
you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-037.mspx

**********************************************************************
MS04-038
Title: Cumulative Security Update for Internet Explorer (834707)  

Affected Software: 
 - Microsoft Windows NT Server 4.0 Service Pack 6a
 - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
6
 - Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000
Service Pack 4
 - Microsoft Windows XP, Microsoft Windows XP Service Pack 1, and
Microsoft Windows XP Service Pack 2
 - Microsoft Windows XP 64-Bit Edition Service Pack 1
 - Microsoft Windows XP 64-Bit Edition Version 2003
 - Microsoft Windows Server 2003
 - Microsoft Windows Server 2003 64-Bit Edition
 - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Affected Components: 
 - Internet Explorer 5.01 Service Pack 3
 - Internet Explorer 5.01 Service Pack 4
 - Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Me
 - Internet Explorer 6
 - Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service
Pack 3, Microsoft Windows Service Pack 4, Microsoft Windows XP,
Microsoft Windows XP Service Pack 1
 - Internet Explorer 6 Service Pack 1 on Microsoft Windows NT Server 4.0
Service Pack 6a, Microsoft Windows NT Server 4.0 Terminal Service
Edition Service Pack 6, Microsoft Windows 98, Microsoft Windows 98 SE,
and Microsoft Windows Me
 - Internet Explorer 6 Service Pack 1 (64-Bit Edition)
 - Internet Explorer 6 for Windows Server 2003
 - Internet Explorer 6 for Windows Server 2003 (64-Bit Edition)
 - Internet Explorer 6 for Windows XP Service Pack 2

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating:  Critical

Restart required: You must restart your system after you apply this
security update. You do not have to use an administrator logon after the
computer restarts for any version of this update.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx

**********************************************************************
MS04-028
Title:  Buffer Overrun in JPEG Processing Could Allow Code Execution
(833987)

Affected Software (Re-release only): 
 - Microsoft Office XP Service Pack 3
 - Microsoft Word 2002
 - Microsoft Excel 2002
 - Microsoft Outlook 2002
 - Microsoft PowerPoint 2002
 - Microsoft Project 2002 (All Versions)
 - Microsoft Visio 2002 (All Versions)

Affected Component (New release only): 
 - Windows Journal Viewer
	
Reason for Re-issue: After the release of the MS04-028 security
bulletin, Microsoft was made aware of an issue affecting customers
deploying the Office XP, Visio 2002, and Project 2002 updates on Windows
XP Service Pack 2 based systems. This issue caused the security updates
to appear to install correctly, when in fact they did not. This is an
issue with the installer used in the security update. The updated
versions of the affected files do successfully address this
vulnerability. Although Windows XP Service Pack 2 already contains the
security update addressing the vulnerability in the JPEG Parsing Engine
that is supplied by the operating system, customers still need to
successfully apply the security update for Office XP, Vision 2002, and
Project 2002 in order to be protected from this vulnerability when using
these applications. For more technical details on this issue, see
Microsoft Knowledge Base Article 885876.

More information on this re-issued bulletin is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

Information on Windows Journal Viewer: The Windows Journal Viewer makes
it possible for users who do not have a system running Windows XP Tablet
PC Edition to view files that were created in Windows Journal on a
Tablet PC. The Windows Journal Viewer is vulnerable to the security
vulnerability discussed in this bulletin. However, when used on Windows
XP based systems, the Windows Journal Viewer uses the operating system
supplied version of the affected component. When the Windows XP
operating system update is applied on Windows XP and Windows XP Service
Pack 1 based systems the Windows Journal Viewer is no longer vulnerable
to this issue. Windows XP Service Pack 2 is not vulnerable to this
issue, therefore the Windows Journal Viewer when used on Windows XP
Service Pack 2 based systems is not vulnerable to this issue. We have
now released a security update for Windows Journal Viewer that will help
protect Windows 2000-based systems that may have installed the Windows
Journal Viewer. 

Even if you have installed all of the previously available security
updates on Windows 2000, if you have installed the Windows Journal
Viewer, it is important that you also install this security update.
Windows Update will offer this update only to Windows 2000-based systems
that have installed the Windows Journal Viewer. If you are using Windows
XP or have not installed the Windows Journal Viewer on Windows 2000, you
do not need this security update. This program is not supported on
Windows Server 2003. However, if it were installed on Windows Server
2003, it would also use the operating system version of the vulnerable
component. If you are using this program on Windows Server 2003 make
sure that you install the Windows Server 2003 security update. 

PLEASE VISIT http://www.microsoft.com/technet/security FOR THE MOST
CURRENT INFORMATION ON THESE ALERTS.

If you have any questions regarding the security updates or its
implementation after reading the above listed bulletin you should
contact Product Support Services in the United States at 1-866-PCSafety
(1-866-727-2338).  International customers should contact their local
subsidiary.

Thank you,
Microsoft PSS Security Team

- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via EMail to:
uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Microsoft for the information
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQWwn5Ypao72zK539AQE/ZgQAo6IZg7u5fLkSbZv/g9h1uYmNyg56eijl
LmAQutKWSFuxVdj2lyi6JvpSbjEmMYMGy6kT2vuhvEAD8qCZjSpUos8+yYxExNcb
57otob/ubCjB1FzApTYU5d0MEY67bX4C8763joBqnFe0HkjGdV1Y50Wnzgf9/fB5
4kePSiLnbXQ=
=vVhY
-----END PGP SIGNATURE-----