Tuesday 13 July 2004

MS Security Bulletins - 13 July 2004

Seven MS Security Bulletins issued today.

Microsoft Security Bulletin MS04-018

Cumulative Security Update for Outlook Express

This bulletin replaces MS04-013: Cumulative Update for Outlook Express and any prior Cumulative Security Updates for Outlook Express.

If a user is running Outlook Express and receives a specially crafted e-mail message, Outlook Express would fail. If the preview pane is enabled, the user would have to manually remove the message, and then restart Outlook Express to resume functionality.

References:

Microsoft Security Bulletin MS04-019

Vulnerability in Utility Manager Could Allow Code Execution

This update resolves a newly-discovered, privately reported vulnerability. A privilege elevation vulnerability exists in the way that Utility Manager launches applications. A logged-on user could force Utility Manager to start an application with system privileges and could take complete control of the system.

References:

Microsoft Security Bulletin MS04-020

Vulnerability in POSIX Could Allow Code Execution

This update resolves a newly-discovered, privately reported vulnerability. A privilege elevation vulnerability exists in the POSIX operating system component (subsystem).

References:

Microsoft Security Bulletin MS04-021

Security Update for IIS 4.0

This update resolves a newly-discovered, privately reported buffer overrun vulnerability. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

The vulnerability is caused by an unchecked buffer in the IIS 4.0 redirect function.

References:

Microsoft Security Bulletin MS04-022

Vulnerability in Task Scheduler Could Allow Code Execution

This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Task Scheduler because of the way that it handles application name validation. There are many ways that a system could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.

References:

Microsoft Security Bulletin MS04-023

Vulnerability in HTML Help Could Allow Code Execution

This update resolves two newly-discovered vulnerabilities. The HTML Help vulnerability was privately reported and the showHelp vulnerability is public.

A remote code execution vulnerability exists in the processing of a specially crafted showHelp URL. The vulnerability could allow malicious code to run in the Local Machine security zone in Internet Explorer, which could allow an attacker to take complete control of an affected system.

A remote code execution vulnerability exists in HTML Help that could allow remote code execution on an affected system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

References:

Microsoft Security Bulletin MS04-024

Vulnerability in Windows Shell Could Allow Remote Code Execution

This update resolves a newly-discovered, publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows Shell launches applications. An attacker could exploit the vulnerability if a user visited a malicious Web site. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

References:

Related News

Related Tools

Related Entries