FW: [Unpatched] 4 new Microsoft patches, 4 old updated, 24 vulnerabilities
-----Original Message-----
From: Thor Larholm
To: http://unpatched.pivxlabs.com
Subject: [Unpatched] 4 old Microsoft patches updated
4 old Microsoft patches updated
In addition to releasing 4 new patches today (see previous post on
Unpatched below), Microsoft has re-released 4 older patches without
notice. These 4 advisories now include additional patches for Exchange
5.0 and NT 4 and, if left unpatched, could allow unauthorized email
relaying, Denial of Service and code execution.
PivX Solutions would like to thank Mario Kuechler for giving us
additional information about the SMTP relaying issue in MS02-011.
The following patches have been updated today:
MS00-082 - Patch Available for 'Malformed MIME Header' Vulnerability
http://www.microsoft.com/technet/security/Bulletin/MS00-082.mspx
MS01-041 - Malformed RPC Request Can Cause Service Failure
http://www.microsoft.com/technet/security/Bulletin/MS01-041.mspx
MS02-011 - Authentication Flaw Could Allow Unauthorized Users To
Authenticate To SMTP Service
http://www.microsoft.com/technet/security/Bulletin/MS02-011.mspx
MS03-046 - Vulnerability in Exchange Server Could Allow Arbitrary Code
Execution (829436)
http://www.microsoft.com/technet/security/Bulletin/MS03-046.mspx
A broad summary for April 2004 patched can be found at
http://www.microsoft.com/technet/security/bulletin/winapr04.mspx
Regards
Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com
thor@xxxxxxxx
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569
PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix
<http://www.qwik-fix.net>
----- Original Message -----
From: Thor Larholm
To: http://unpatched.pivxlabs.com
Subject: 4 new Microsoft patches to close 20 vulnerabilities
4 new Microsoft patches to close 20 vulnerabilities
It's patch Tuesday in Redmond and this April we have seen the release of
MS04-011, MS04-012, MS04-013 and MS04-014. Microsoft has given all of
these patches an impact of "Remote Code Execution" and the affected
software ranges from Windows 98 to Windows 2003 64-Bit Edition.
If you use Windows you will have to patch, preferable today. This week
will see a wide range of vulnerability advisories and exploit releases.
The documented functionality changes are few and minor.
Currently, these patches are not available on Windows Update (11:25AM
pacific time), but I can only imagine that it is a matter of hours. They
can be retrieved with MBSA, SMS and a wide range of patch management
applications.
The broad summary can be found at
http://www.microsoft.com/technet/security/bulletin/winapr04.mspx
Most of these vulnerabilities are new, but some of them are already
known - as an example MS04-013 patches the massively exploited MHTML/CHM
related vulnerabilities that was used by Ibiza, Bugbear.e and a wide
range of trojans.
In all, these 4 patches fix 20 vulnerabilities and replace 19 existing
patches.
MS04-011
========
LSASS Vulnerability - CAN-2003-0533
LDAP Vulnerability - CAN-2003-0663
PCT Vulnerability - CAN-2003-0719
Winlogon Vulnerability - CAN-2003-0806
Metafile Vulnerability - CAN-2003-0906
Help and Support Center Vulnerability - CAN-2003-0907
Utility Manager Vulnerability - CAN-2003-0908
Windows Management Vulnerability - CAN-2003-0909
Local Descriptor Table Vulnerability - CAN-2003-0910
H.323 Vulnerability* - CAN-2004-0117
Virtual DOS Machine Vulnerability - CAN-2004-0118
Negotiate SSP Vulnerability - CAN-2004-0119
SSL Vulnerability - CAN-2004-0120
ASN.1 "Double Free" Vulnerability - CAN-2004-0123
MS04-012
========
RPC Runtime Library Vulnerability - CAN-2003-0813
RPCSS Service Vulnerability - CAN-2004-0116
COM Internet Services (CIS) - RPC over HTTP Vulnerability -
CAN-2003-0807
Object Identity Vulnerability - CAN-2004-0124
MS04-013
========
MHTML URL Processing Vulnerability - CAN-2004-0380
MS04-014
========
Jet Vulnerability - CAN-2004-0197
PivX Solutions is currently investigating these patches further.
Regards
Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com
thor@xxxxxxxx
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569
PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix
<http://www.qwik-fix.net>