lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <8B32EDC90D8F4E4AB40918883281874D5231F2@pivxwin2k1.secnet.pivx.com>
Date: Tue, 13 Apr 2004 12:08:52 -0700
From: "Thor Larholm" <thor@...x.com>
To: <bugtraq@...urityfocus.com>
Subject: 4 new Microsoft patches to close 20 vulnerabilities


4 new Microsoft patches to close 20 vulnerabilities

It's patch Tuesday in Redmond and this April we have seen the release of
MS04-011, MS04-012, MS04-013 and MS04-014. Microsoft has given all of
these patches an impact of "Remote Code Execution" and the affected
software ranges from Windows 98 to Windows 2003 64-Bit Edition. 

If you use Windows you will have to patch, preferable today. This week
will see a wide range of vulnerability advisories and exploit releases.
The documented functionality changes are few and minor.

Currently, these patches are not available on Windows Update (11:25AM
pacific time), but I can only imagine that it is a matter of hours. They
can be retrieved with MBSA, SMS and a wide range of patch management
applications.

The broad summary can be found at

http://www.microsoft.com/technet/security/bulletin/winapr04.mspx

Most of these vulnerabilities are new, but some of them are already
known - as an example MS04-013 patches the massively exploited MHTML/CHM
related vulnerabilities that was used by Ibiza, Bugbear.e and a wide
range of trojans.

In all, these 4 patches fix 20 vulnerabilities and replace 19 existing
patches. 


MS04-011
========
LSASS Vulnerability - CAN-2003-0533
LDAP Vulnerability - CAN-2003-0663
PCT Vulnerability - CAN-2003-0719
Winlogon Vulnerability - CAN-2003-0806
Metafile Vulnerability - CAN-2003-0906
Help and Support Center Vulnerability - CAN-2003-0907
Utility Manager Vulnerability - CAN-2003-0908
Windows Management Vulnerability - CAN-2003-0909
Local Descriptor Table Vulnerability - CAN-2003-0910
H.323 Vulnerability* - CAN-2004-0117
Virtual DOS Machine Vulnerability - CAN-2004-0118
Negotiate SSP Vulnerability - CAN-2004-0119
SSL Vulnerability - CAN-2004-0120
ASN.1 "Double Free" Vulnerability - CAN-2004-0123

MS04-012
========
RPC Runtime Library Vulnerability - CAN-2003-0813
RPCSS Service Vulnerability - CAN-2004-0116
COM Internet Services (CIS) - RPC over HTTP Vulnerability -
CAN-2003-0807
Object Identity Vulnerability - CAN-2004-0124

MS04-013
========
MHTML URL Processing Vulnerability - CAN-2004-0380

MS04-014
========
Jet Vulnerability - CAN-2004-0197


PivX Solutions is currently investigating these patches further.



Regards

Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com
thor@...x.com
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569

PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix
<http://www.qwik-fix.net>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ