View Full Version : computers on the patch

19-10-03, 04:42
By Web Watch
Sunday, October 19, 2003; Page F07

Microsoft announced earlier this month that it will switch to issuing security patches for its software once a month (except in emergencies), saying that this approach will make things more predictable and manageable for customers. The first was released this week, and it was a doozy.

The company says it fixes five vulnerabilities it deems "critical." Three of these flaws could be used against any recent release of Windows, while the other two apply to Windows 2000, used mostly by corporate customers, and versions of Microsoft's Exchange Server products. The flaws could be used by malicious coders to create new worms or "Trojan horse" attacks, but Microsoft said it doesn't believe any hackers have taken advantage of the security flaws . . . yet.

Dan Ingevaldson, engineering manager at Internet Security Systems Inc., an Atlanta software firm, recommended that Windows XP users download and install the 2.7-megabyte patch (windowsupdate.microsoft.com) immediately. "This affects a lot of home users," he said.

19-10-03, 10:30
more tales of woe (http://news.bbc.co.uk/1/hi/technology/3196494.stm)

Hi 'Bella! Don't you just get fed up with MS regulary releasing the news of their ineptitude. Can you imagine if it was a Mini car, that had to be recalled every 5 minutes due to some new fault being discovered? ;)

19-10-03, 10:48
Microsoft? WindowsXP?? Problems???
Come on now, What's the odd problem between friends?

See Below

October 2003

MS03-045 : Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

MS03-044 : Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)

MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

September 2003

MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105)

July 2003

MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696)

MS03-027 : Unchecked Buffer in Windows Shell Could Enable System Compromise (821557)

MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)

MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

April 2003

MS03-013 : Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)

MS03-011 : Flaw in Microsoft VM Could Enable System Compromise (816093)

March 2003

MS03-010 : Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)

MS03-008 : Flaw in Windows Script Engine could allow code execution (814078)

MS03-007 : Unchecked Buffer In Windows Component Could Cause Server Compromise (815021)

February 2003

MS03-005 : Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)

January 2003

MS03-001 : Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)

December 2002

MS02-072 : Unchecked Buffer in Windows Shell Could Enable System Compromise (Q329390)

MS02-071 : Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310)

MS02-070 : Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)

MS02-069 : Flaw in Microsoft VM Could Enable System Compromise (810030)

October 2002

MS02-063 : Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)

MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)

MS02-054 : Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)

September 2002

MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)

February 2002

MS02-008 : XMLHTTP Control Can Allow Access to Local Files

19-10-03, 11:35

19-10-03, 13:46
Although it's a good idea to update Windows regularly, you can avoid 99% of the browser security problems, as well as most of the e-mail viruses, worms and trojans, by switching to the open source code Mozilla 1.5. It's free, and is generally regarded as superior to IE (I think so). For example, you can switch between open pages in one window by clicking tabs at the top of the page. Mozilla includes form manager, image manager, download manager, popup manager, cookie manager, password manager, etc. Need I say more?


19-10-03, 14:04
Hehe :D

To avoid the ineptitude of Window$, don't use it http://www.tombraiderforums.com/images/smilies/tongue.gif