Seite 1 von 17 1234511 ... LetzteLetzte
Ergebnis 1 bis 15 von 255
Thema: Microsoft Security Bulletin informiert/Download - ---------------------------------------------------------------------- Title: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048) Date: 02 October 2002 Software: ...
  1. #1
    Brummelchen

    Microsoft Security Bulletin informiert/Download

    - ----------------------------------------------------------------------
    Title: Unchecked Buffer in File Decompression Functions Could
    Lead to Code Execution (Q329048)
    Date: 02 October 2002
    Software: Microsoft Windows 98 with Plus! Pack, Windows Me,
    or Windows XP
    Impact: Two vulnerabilities, the most serious of which could
    run code of attacker?s choice
    Max Risk: Moderate
    Bulletin: MS02-054

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-054.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    Zipped files (files having a .zip extension) provide a means to
    store information in a way that uses less space on a hard disk. This
    is accomplished by compressing the files that are put into in the
    zipped file. On Windows 98 with Plus! Pack, Windows Me and Windows
    XP, the Compressed Folders feature allows zipped files to be treated
    as folders. The Compressed Folders feature can be used to create,
    add files to, and extract files from zipped files.

    Two vulnerabilities exist in the Compressed Folders function:

    - An unchecked buffer exists in the programs that handles the
    decompressing of files from a zipped file. A security
    vulnerability results because attempts to open a file with
    a specially malformed filename contained in a zipped file could
    possibly result in Windows Explorer failing, or in code of the
    attacker?s choice being run.
    - The decompression function could place a file in a directory
    that was not the same as, or a child of, the target directory
    specified by the user as where the decompressed zip files should
    be placed. This could allow an attacker to put a file in a known
    location on the users system, such as placing a program in a
    startup directory

    Mitigating Factors:
    ====================
    - The vulnerabilities could not be exploited without user
    intervention. The attacker would need to entice the user to
    receive, store, and open the zipped file provided by the
    attacker.
    - The vulnerabilities could not be exploited remotely. An attacker
    would need to lure a user into receiving the zipped file onto
    the user?s machine. Best practices suggest users not accept
    e-mail attachments from people who are not trusted, and not to
    download files from untrusted Internet sites.
    - On Windows 98 and Windows Me, the Compressed Folders feature is
    not installed by default. Users who had not installed this
    feature would not be vulnerable.

    Risk Rating:
    ============
    - Internet systems: Low
    - Intranet systems: Low
    - Client systems: Moderate

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-054.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Joe Testa of Rapid7, Inc. (http://www.rapid7.com/) for reporting
    the Unchecked Buffer in Zipped File Handling vulnerability.
    - zen-parse for reporting the Incorrect Target Path for Zipped
    File Decompression vulnerability.

    - ---------------------------------------------------------------------
    Win XP Download englisch:
    http://download.microsoft.com/downlo...P2_x86_ENU.exe

    WinXP Download deutsch:
    http://download.microsoft.com/downlo...P2_x86_DEU.exe

    Win98 PlusPack Download deutsch:
    http://download.microsoft.com/downlo...329048GER8.EXE


    - ----------------------------------------------------------------------
    Title: Cumulative Patch for SQL Server (Q316333)
    Date: 02 October 2002
    Software: Microsoft SQL Server 7.0
    Microsoft Data Engine (MSDE) 1.0
    Microsoft SQL Server 2000
    Microsoft Desktop Engine (MSDE) 2000
    Impact: Four vulnerabilities, the most serious of which could
    enable an attacker to gain control over an affected
    server.
    Max Risk: Critical
    Bulletin: MS02-056

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-056.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    This is a cumulative patch that includes the functionality of all
    previously released patches for SQL Server 7.0, SQL Server 2000, and

    Microsoft Data Engine (MSDE) 1.0, Microsoft Desktop Engine (MSDE)
    2000. In addition, it eliminates four newly discovered vulner-
    abilities.
    * A buffer overrun in a section of code in SQL Server 2000
    (and MSDE 2000) associated with user authentication. By
    sending a specially malformed login request to an affected
    server, an attacker could either cause the server to fail or
    gain the ability to overwrite memory on the server, thereby
    potentially running code on the server in the security context
    of the SQL Server service. It would not be necessary for the
    user to successfully authenticate to the server or to be able
    to issue direct commands to it in order to exploit the
    vulnerability.
    * A buffer overrun vulnerability that occurs in one of the
    Database Console Commands (DBCCs) that ship as part of SQL
    Server 7.0 and 2000. In the most serious case, exploiting
    this vulnerability would enable an attacker to run code in
    the context of the SQL Server service, thereby giving the
    attacker complete control over all databases on the server.
    * A vulnerability associated with scheduled jobs in SQL Server
    7.0 and 2000. SQL Server allows unprivileged users to create
    scheduled jobs that will be executed by the SQL Server Agent.
    By design, the SQL Server Agent should only perform job
    steps that are appropriate for the requesting user's priv-
    ileges. However, when a job step requests that an output file
    be created, the SQL Server Agent does so using its own priv-
    ileges rather than the job owners privileges. This creates a
    situation in which an unprivileged user could submit a job
    that would create a file containing valid operating system
    commands in another user's Startup folder, or simply over-
    write system files in order to disrupt system operation

    The patch also changes the operation of SQL Server, to prevent
    non-administrative users from running ad hoc queries against
    non-SQL OLEDB data sources. Although the current operation does
    not represent a security vulnerability, the new operation makes
    it more difficult to misuse poorly coded data providers that might
    be installed on the server.

    Mitigating Factors:
    ====================
    Unchecked buffer in SQL Server 2000 authentication function:
    * This vulnerability on affects SQL Server 2000 and MSDE 2000.
    Neither SQL Server 7.0 nor MSDE 1.0 are affected.
    * If the SQL Server port (port 1433) were blocked at the firewall,
    the vulnerability could not be exploited from the Internet.
    * Exploiting this vulnerability would allow the attacker to
    escalate privileges to the level of the SQL Server service
    account. By default, the service runs with the privileges of a
    domain user, rather than with system privileges.
    Unchecked buffer in Database Console Commands:
    * Exploiting this vulnerability would allow the attacker to
    escalate privileges to the level of the SQL Server service
    account. By default, the service runs with the privileges of a
    domain user, rather than with system privileges.
    * The vulnerability could only be exploited by an attacker who
    could authenticate to an affected SQL Server or has permissions
    to execute queries directly to the server
    * The vulnerability could only be exploited by an attacker who
    could authenticate to an affected SQL Server.
    Flaw in output file handling for scheduled jobs:
    * The vulnerability could only be exploited by an attacker who
    could authenticate to an affected SQL server.

    Risk Rating:
    ============
    - Internet systems: Critical
    - Intranet systems: Critical
    - Client systems: None

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-056.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===================
    * Issue regarding ad hoc queries against non-SQL OLEDB data
    sources:
    sk@scan-associates.net and pokleyzz@scan-associates.net
    * Unchecked buffer in Database Console Commands:
    Martin Rakhmanoff (jimmers@yandex.ru)


    - ---------------------------------------------------------------------
    Download nicht weiter verfolgt.


    - ----------------------------------------------------------------------
    Title: Unchecked Buffer in Windows Help Facility Could
    Enable Code Execution (Q323255)
    Date: 02 October 2002
    Software: Microsoft Windows 98
    Microsoft Windows 98 Second Edition
    Microsoft Windows Millennium Edition
    Microsoft Windows NT 4.0
    Microsoft Windows NT 4.0, Terminal Server Edition
    Microsoft Windows 2000
    Microsoft Windows XP
    Impact: Attacker could gain control over user's system
    Max Risk: Critical
    Bulletin: MS02-055

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-055.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    The HTML Help facility in Windows includes an ActiveX control that
    provides much of its functionality. One of the functions exposed via
    the control contains an unchecked buffer, which could be exploited by
    a web page hosted on an attacker's site or sent to a user as an HTML
    mail. An attacker who successfully exploited the vulnerability would
    be able to run code in the security context of the user, thereby
    gaining the same privileges as the user on the system.

    A second vulnerability exists because of flaws associated with the
    handling of compiled HTML Help (.chm) files that contain shortcuts.
    Because shortcuts allow HTML Help files to take any desired action on
    the system, only trusted HTML Help files should be allowed to use
    them. Two flaws allow this restriction to be bypassed. First, the
    HTML Help facility incorrectly determines the Security Zone in the
    case where a web page or HTML mail delivers a .chm file to the
    Temporary Internet Files folder and subsequently opens it. Instead of
    handling the .chm file in the correct zone - the one associated with
    the web page or HTML mail that delivered it - the HTML Help facility
    incorrectly handles it in the Local Computer Zone, thereby
    considering it trusted and allowing it to use shortcuts. This error
    is compounded by the fact that the HTML Help facility doesn't
    consider what folder the content resides in. Were it to do so, it
    could recover from the first flaw, as content within the Temporary
    Internet Folder is clearly not trusted, regardless of the Security
    Zone it renders in.

    The attack scenario for this vulnerability would be complex, and
    involves using an HTML mail to deliver a .chm file that contains a
    shortcut, then making use of the flaws to open it and allow the
    shortcut to execute. The shortcut would be able to perform any action
    the user had privileges to perform on the system.

    Before deploying the patch, customers should familiarize themselves
    with the caveats discussed in the FAQ and in the Caveats section
    below.

    Mitigating Factors:
    ====================
    Buffer Overrun in HTML Help ActiveX Control:
    - The HTML mail-based attack vector could not be exploited on
    systems where Outlook 98 or Outlook 2000 were used in conjunction
    with the Outlook Email Security Update, or Outlook Express 6 or
    Outlook 2002 were used in their default configurations.
    - The vulnerability would convey only the user's privileges on
    the system. Users whose accounts are configured to have few
    privileges on the system would be at less risk than ones who
    operate with administrative privileges.

    Code Execution via Compiled HTML Help File:
    - The vulnerability could only be exploited if the attacker
    were able to determine the exact location of the Temporary
    Internet Files folder. By design, this should not be possible, and
    Microsoft is unaware of any means for doing so which has not
    already been patched.
    - The vulnerability would convey only the user's privileges on
    the system. Users whose accounts are configured to have few
    privileges on the system would be at less risk than ones who
    operate with administrative privileges.

    Risk Rating:
    ============
    - Internet systems: Moderate
    - Intranet systems: Moderate
    - Client systems: Critical

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-055.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - David Litchfield of Next Generation Security Software Ltd.
    (http://www.nextgenss.com/)and Thor Larholm, Security Researcher,
    PivX Solutions, LLC (http://www.pivx.com) for reporting the
    Buffer Overrun in HTML Help ActiveX Control.

    - ---------------------------------------------------------------------
    Win98 Download deutsch:
    http://download.microsoft.com/downlo...323255GER8.EXE

    Win2k DL deutsch:
    http://download.microsoft.com/downlo...SP4_X86_DE.exe

    WinXP DL deutsch:
    http://download.microsoft.com/downlo...P2_x86_DEU.exe

    WinXP DL englisch:
    http://download.microsoft.com/downlo...P2_x86_ENU.exe
    Geändert von Brummelchen (27.01.08 um 11:51 Uhr)

  2.   Anzeige

     
  3. #2
    Brummelchen

    Update-Patch: S/MIME-Sicherheitsleck in Outlook Express

    --- Patch: S/MIME-Sicherheitsleck in Outlook Express ---
    In den Versionen 5.5 und 6.0 des Mail-Programms Outlook Express steckt
    ein Sicherheitsleck beim Umgang mit S/MIME-signierten E-Mails. Gemaess
    einem aktuellen Security Bulletin kann ein Angreifer darueber
    Programmcode auf dem betreffenden System ausfuehren oder den E-Mail-
    Client zum Absturz bringen. Fuer beide Programmversionen bietet
    Microsoft passende Patches an.
    http://www.golem.de/0210/22098.html
    im O-Ton

    - ----------------------------------------------------------------------
    Title: Unchecked Buffer in Outlook Express S/MIME Parsing
    Could Enable System Compromise (Q328676)
    Date: 10 October 2002
    Software: Outlook Express
    Impact: Run code of attacker's choice.
    Max Risk: Critical
    Bulletin: MS02-058

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-058.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    To allow for verification of the authenticity of mail messages,
    Microsoft Outlook Express supports digital signing of
    messages through S/MIME. A buffer overrun vulnerability lies in the
    code that generates the warning message when a particular
    error condition associated with digital signatures occurs.

    By creating a digitally signed email and editing it to introduce
    specific data, then sending it to another user, an attacker
    could cause either of two effects to occur if the recipient opened or
    previewed it. In the less serious case, the attacker
    could cause the mail client to fail. If this happened, the recipient
    could resume normal operation by restarting the mail
    client and deleting the offending mail. In the more serious case, the
    attacker could cause the mail client to run code of
    their choice on the user's machine. Such code could take any desired
    action, limited only by the permissions of the recipient
    on the machine.

    This vulnerability could only affect messages that are signed using
    S/MIME and sent to an Outlook Express user. Users of
    Microsoft Outlook products are not affected by this vulnerability.

    Mitigating Factors:
    ====================
    - Microsoft Outlook is not affected by this vulnerability.
    - Outlook Express runs in the context of the user. Exploiting this
    vulnerability would in the worst case scenario allow an attacker
    to run arbitrary code in the context of the users' privileges
    only. Any restrictions on the users' account would apply to
    the attackers code.

    Risk Rating:
    ============
    - Internet systems: Low
    - Intranet systems: Low
    - Client systems: Critical

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-058.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Noam Rathaus of Beyond Security Ltd.
    (http://www.beyondsecurity.com)

    - ---------------------------------------------------------------------
    Download (deutsch)
    Outlook Express 6 (alle OS)
    Q328676: Outlook Express Update
    656 KB file, 3 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328676.exe

    Outlook Express 5.5 SP2 (kein XP)
    Q328389: Outlook Express Update
    873 KB file, 4 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328389.exe
    Geändert von Brummelchen (27.01.08 um 11:51 Uhr)

  4. #3
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    Info zum Update oben:

    Es wird eine MSOE.DLL ersetzt mit der Versionsnummer 6.00.2720.3000 - das IE6SP1 enthält aber schon Version 6.00.2800.1106.

    Benutzer des IE6SP1 dürften daher die Meldung
    "Für dieses Update muß der IE 6.0 installiert sein!"
    bekommen.
    Geändert von Brummelchen (27.01.08 um 11:51 Uhr)

  5. #4
    Moderator Avatar von hexxxlein
    Registriert seit
    29.04.01
    Ort
    Hogwarts
    Beiträge
    21.625

    AW: Microsoft Security Bulletin informiert/Download

    Original geschrieben von Brummelchen
    Info zum Update oben:

    Benutzer des IE6SP1 dürften daher die Meldung
    "Für dieses Update muß der IE 6.0 installiert sein!"
    bekommen.
    Ganz genau so!

  6. #5
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    Es geht weiter:

    - ----------------------------------------------------------------------
    Title: Flaw in Word Fields and Excel External Updates Could
    Lead to Information Disclosure (Q330008)
    Date: 16 October 2002
    Software: Microsoft(r) Word and Microsoft(r) Excel
    Impact: Information Disclosure
    Max Risk: Moderate
    Bulletin: MS02-059

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-059.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    Word and Excel provide a mechanism through which data from one
    document can be inserted to and updated in another document. This
    mechanism, known as field codes in Word and external updates in
    Excel, can be automated to reduce the amount of manual effort
    required by a user. An example of the use of Word field codes could
    be the automatic insertion of a standard disclaimer paragraph in a
    legal document. An example of the use of external updates in Excel
    could be the automatic updating of a chart in one spreadsheet using
    data in a different spreadsheet.

    A vulnerability exists because it is possible to maliciously use
    field codes and external updates to steal information from a user
    without the user being aware. Certain events can trigger field code
    and external update to be updated, such as saving a document or by
    the user manually updating the links. Normally the user would be
    aware of these updates occurring, however a specially crafted field
    code or external update can be used to trigger an update without any
    indication to the user. This could enable an attacker to create a
    document that, when opened, would update itself to include the
    contents of a file from the user's local computer.

    In order for an attacker to take advantage of this vulnerability,
    the attacker would need to perform the following steps:

    -Craft a Word or Excel document that exploits the vulnerability
    -Deliver it to the user, via email or some other method
    -Entice the user to open the document
    -Return the document to the attacker. (Microsoft is aware of one
    case in which it would not be necessary for the user to do this.
    There is one method through which the attacker's document could
    post information directly to a web site, but it would only allow
    the first line of the file to be sent)

    Mitigating Factors:
    ====================
    - - The attacker would need to know the location of the file that he or
    she wanted to steal. If the correct filename were not presented,
    the attack would fail and an invalid field error message would be
    present in the document.
    - - The user could always view the field codes or external updates. The
    field codes or external updates used in the attack can be revealed,
    as they are only hidden to prevent cluttering the document when it
    is being viewed or edited. A method of checking documents for
    additional undesired information is described in the Frequently
    Asked Questions below.
    - - Although the attacker could take some steps to obscure the stolen
    information, the attacker would leave a clear audit trail. Since
    the field codes or external updates can be viewed, even if an attack
    is successful, the attacker would leave clear evidence in the
    document in the form of the stolen information and the malicious
    field codes used. This evidence could be used by law enforcement
    agencies if required
    - - The vulnerability would not enable the attacker to delete, modify
    or add any files to the user's local system.
    - - In virtually all circumstances, the attacker would need to entice
    the user into returning the document. No information would be
    revealed unless the user returned the document to the attacker.

    Risk Rating:
    ============
    - Internet systems: None
    - Intranet systems: None
    - Client systems: Moderate

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-059.asp
    for information on obtaining this patch.

    - ---------------------------------------------------------------------


    Besprochen werden kann das auch hier
    https://www.supernature-forum.de/sho...threadid=17056

    Links folgen

    Dann nochmal die MS Hilfe:

    - ----------------------------------------------------------------------
    Title: Flaw in Windows XP Help and Support Center Could Enable
    File Deletion (Q328940)
    Date: 16 October 2002
    Software: Microsoft Windows XP
    Impact: Delete files on the user's system
    Max Risk: Moderate
    Bulletin: MS02-060

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-060.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    Help and Support Center provides a centralized facility through which
    users can obtain assistance on a variety of topics. For instance, it
    provides product documentation, assistance in determining hardware
    compatibility, access to Windows Update, online help from Microsoft,
    and other assistance.

    A security vulnerability is present in the Windows XP version of Help
    and Support Center, and results because a file intended only for use
    by the system is instead available for use by any web page. The
    purpose of the file is to enable anonymous upload of hardware
    information, with the user's permission, so that Microsoft can
    evaluate which devices users are not currently finding device drivers
    for. This information is then used to work with hardware vendors and
    device teams to improve the quality and quantity of drivers available
    in Windows. By design, after attempting to upload an XML file
    containing the hardware information, the system deletes it.

    An attacker could exploit the vulnerability by constructing a web
    page that, when opened, would call the errant function and supply the
    name of an existing file or folder as the argument. The attempt to
    upload the file or folder would fail, but the file nevertheless would
    be deleted. The page could be hosted on a web site in order to attack
    users visiting the site, or could be sent as an HTML mail in order to
    attack the recipient when it was opened.


    Mitigating Factors:
    ====================
    - - Customers who have applied Windows XP Service Pack 1 are at no risk
    from the vulnerability.

    - - The vulnerability could not be exploited without some degree of
    user interaction. Even in the most attacker-favorable case, the
    Help and Support Center window would appear unexpectedly and the
    file deletion could not occur until the user responded. (Even
    selecting Cancel, though, would enable the deletion to occur). If
    the user killed the process rather than responding, the deletion
    could not occur.

    - - For an attack to be successful, the user would need to visit a
    website under the attacker's control or receive an HTML e-mail
    from the attacker.

    - - The vulnerability would not enable an attacker to take any action
    other than deleting files. It would not grant any form of
    administrative control over the system, nor would it enable the
    attacker to read or modify files.

    - - The Help and Support Center function could not be started
    automatically in Outlook Express or Outlook if the user is running
    Internet Explorer 6.0 Service Pack 1, or in Outlook 2002 if "Read
    as Plain Text" is enabled.

    - - In order to delete a file, the attacker would need to know its
    exact file and path name. To delete a folder, the attacker would
    need to know its exact path.

    - - If the attacker used the vulnerability to disrupt system
    operation, Automatic System Recovery would provide a means of
    restoring normal operation. In addition, Windows XP will
    automatically restore many system files if deleted.

    Risk Rating:
    ============
    - Internet systems: Low
    - Intranet systems: Low
    - Client systems: Moderate

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-060.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Shane Hird of the Distributed Systems Technology Centre
    (http://security.dstc.edu.au)

    - ---------------------------------------------------------------------


    Downloads (1.3meg)
    english
    http://download.microsoft.com/downlo...P1_x86_ENU.exe

    deutsch
    http://download.microsoft.com/downlo...P1_x86_DEU.exe
    Geändert von Brummelchen (27.01.08 um 11:52 Uhr)

  7. #6
    Brummelchen

    Patch für Fernwartungsfunktion von Windows 2000 und XP

    Patch für Fernwartungsfunktion von Windows 2000 und XP

    Besonders Server-Systeme von der Sicherheitslücke betroffen

    In einem aktuellen Security Bulletin beschreibt Microsoft eine Sicherheitslücke im PPTP-Service, der für Fernwartungen genutzt wird und Bestandteil von Windows 2000 und XP ist. Dieser Dienst kann auch zusätzlich auf Systemen mit Windows 98, 98SE, Millennium und NT 4.0 verwendet werden, soll da aber nicht von dem Sicherheitsleck betroffen sein. Microsoft bietet einen passenden Patch zum Download an.

    Sowohl Windows 2000 als auch Windows XP enthalten das Point-to-Point Tunneling Protocol (PPTP), das als Teil der Remote Access Services (RAS) arbeitet und ein Sicherheitsleck besitzt. Dies erlaubt einem Angreifer, ein System über speziell formatierte PPTP-Daten gezielt zum Absturz zu bringen. Während ein solcher Angriff auf einem Server jederzeit möglich ist, gilt dies für Client-Systeme nur, wenn eine aktive PPTP-Verbindung besteht.

    Microsoft bietet über das entsprechende Security Bulletin passende Patches für Windows 2000 und XP zum Download an.
    - ----------------------------------------------------------------------
    Title: Unchecked Buffer in PPTP Implementation Could Enable
    Denial of Service Attacks (Q329834)
    Date: 30 October 2002
    Software: Windows 2000, Windows XP
    Impact: Denial of Service
    Max Risk: Critical
    Bulletin: MS02-063

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-063.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    Windows 2000 and Windows XP natively support Point-to-Point Tunneling
    Protocol (PPTP), a Virtual Private Networking technology that is
    implemented as part of Remote Access Services (RAS). PPTP support is
    an optional component in Windows NT 4.0, Windows 98, Windows 98SE,
    and Windows ME.

    A security vulnerability results in the Windows 2000 and Windows XP
    implementations because of an unchecked buffer in a section of code
    that processes the control data used to establish, maintain and tear
    down PPTP connections. By delivering specially malformed PPTP control
    data to an affected server, an attacker could corrupt kernel memory
    and cause the system to fail, disrupting any work in progress on the
    system.

    The vulnerability could be exploited against any server that offers
    PPTP. If a workstation had been configured to operate as a RAS server
    offering PPTP services, it could likewise be attacked. Workstations
    acting as PPTP clients could only be attacked during active PPTP
    sessions. Normal operation on any attacked system could be restored
    by restarting the system.

    Mitigating Factors:
    ====================
    - As discussed in more detail in the FAQ, Microsoft has only
    successfully demonstrated denial of service attacks via this
    vulnerability. Because of how the overrun occurs, it does not
    appear that that there is any reliable means of using it to gain
    control over a system.
    - Servers would only be at risk from the vulnerability if they
    had been specifically configured to offer PPTP services. PPTP does
    not run by default on any Windows system. Likewise, although it
    is possible to configure a workstation to offer PPTP services,
    none operate in this capacity by default.
    - Exploiting the vulnerability against a PPTP client could be
    difficult. PPTP is typically used in scenarios in which the client
    IP address changes frequently (e.g., because the client system is
    mobile). Not only would an attacker need to learn the IP address,
    but he or she would also need to mount an attack while the client
    had an active PPTP session underway.

    Risk Rating:
    ============
    - Internet systems: Critical
    - Intranet systems: Low
    - Client systems: Low

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-063.asp
    for information on obtaining this patch.

    - ---------------------------------------------------------------------
    Download deutsch Win2k
    Q329834: Security Update 195 KB file
    http://download.microsoft.com/downlo...SP4_X86_DE.exe

    Download deutsch WinXP 32bit
    Q329834_WXP_SP2_x86_ENU.exe - 210 Kb
    http://download.microsoft.com/downlo...P2_x86_DEU.exe
    (DL englisch)
    http://download.microsoft.com/downlo...P2_x86_ENU.exe

    - ----------------------------------------------------------------------
    Title: Cumulative Patch for Internet Information Service
    (Q327696)
    Date: 30 October 2002
    Software: Internet Information Service
    Impact: Four vulnerabilities, the most serious of which
    could enable applications on a server to gain
    system-level privileges.
    Max Risk: Moderate
    Bulletin: MS02-062

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-062.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    This patch is a cumulative patch that includes the functionality of
    all security patches released for IIS 4.0 since Windows
    NT 4.0 Service Pack 6a, and all security patches released to date for
    IIS 5.0 and 5.1. A complete listing of the patches
    superseded by this patch is provided below, in the section titled
    "Additional information about this patch". Before applying
    the patch, system administrators should take note of the caveats
    discussed in the same section.

    In addition to including previously released security patches, this
    patch also includes fixes for the following newly
    discovered security vulnerabilities affecting IIS 4.0, 5.0 and/or
    5.1:
    - A privilege elevation vulnerability affecting the way ISAPIs
    are launched when an IIS 4.0, 5.0 or 5.1 server is configured
    to run them out of process. By design, the hosting process
    (dllhost.exe) should run only in the security context of the
    IWAM_computername account; however, it can actually be made to
    acquire LocalSystem privileges under certain circumstances,
    thereby enabling an ISAPI to do likewise.
    - A denial of service vulnerability that results because of a flaw
    in the way IIS 5.0 and 5.1 allocate memory for WebDAV requests.
    If a WebDAV request were malformed in a particular way, IIS would
    allocate an extremely large amount of memory on the server. By
    sending several such requests, an attacker could cause the server
    to fail.
    - A vulnerability involving the operation of the script source
    access permission in IIS 5.0. This permission operates in
    addition to the normal read/write permissions for a virtual
    directory, and regulates whether scripts, .ASP files and
    executable file types can be uploaded to a write-enabled virtual
    directory. A typographical error in the table that defines the
    file types subject to this permission has the effect of omitting
    .COM files from the list of files subject to the permission. As a
    result, a user would need only write access to upload such a file.
    - A pair of Cross-Site Scripting (CSS) vulnerabilities affecting
    IIS 4.0, 5.0 and 5.1, and involving administrative web page. Each
    of these vulnerabilities have the same scope and effect: an
    attacker who was able to lure a user into clicking a link on his
    web site could relay a request containing script to a third-party
    web site running IIS, thereby causing the third-party site's
    response (still including the script) to be sent to the user.
    The script would then render using the security settings of
    the third-party site rather than the attacker's.

    In addition, the patch causes 5.0 and 5.1 to change how frequently
    the socket backlog list - which, when all connections on a
    server are allocated, holds the list of pending connection requests -
    is purged. The patch changes IIS to purge the list more
    frequently in order to make it more resilient to flooding attacks.
    The backlog monitoring feature is not present in IIS 4.0.

    Mitigating Factors:
    ====================
    Out of Process Privilege Elevation:
    - This vulnerability could only be exploited by an attacker
    who already had the ability to load and execute applications
    on an affected web server. Normal security practices recommend
    that untrusted users not be allowed to load applications onto
    a server, and that even trusted users' applications be
    scrutinized before allowing them to be loaded.

    WebDAV Denial of Service:
    - The vulnerability does not affect IIS 4.0, as WebDAV is not
    supported in this version of IIS.
    - The vulnerability could only be exploited if the server allowed
    WebDAV requests to be levied on it. The IIS Lockdown Tool

    (http://www.microsoft.com/technet/sec...s/locktool.asp),
    if deployed in its default configuration, disables such requests.

    Script Source Access Vulnerability:
    - The vulnerability could only be exploited if the administrator
    had granted all users write and execute permissions to one or
    more virtual directories on the server. Default configurations of
    IIS would be at no risk from this vulnerability.
    - The vulnerability does not affect IIS 4.0, as WebDAV is not
    supported in this version of IIS.
    - The vulnerability could only be exploited if the server allowed
    WebDAV requests to be levied on it. The IIS Lockdown Tool, if
    deployed in its default configuration, disables such requests.

    Cross-site Scripting in IIS Administrative Pages:
    - The vulnerabilities could only be exploited if the attacker
    could entice another user into visiting a web page and clicking
    a link on it, or opening an HTML mail.
    - By default, the pages containing the vulnerability are restricted
    to local IP address. As a result, the vulnerability could only
    be exploited if the client itself were running IIS.

    Aggregate Risk Rating:
    ============
    - Internet systems: Moderate
    - Intranet systems: Moderate
    - Client systems: Low

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-062.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Li0n of A3 Security Consulting Co., Ltd. (http://www.a3sc.co.kr)
    for reporting the Out of process privilege elevation
    vulnerability.
    - Mark Litchfield of Next Generation Security Software Ltd.
    (http://www.nextgenss.com) for reporting the WebDAV denial
    of service vulnerability.
    - Luciano Martins of Deloitte & Touche Argentina
    (http://www.deloitte.com.ar) for recommending the change in the
    socket backlog list purge rate.

    - ---------------------------------------------------------------------
    DL hier
    http://www.microsoft.com/technet/sec...n/ms02-062.asp

    - ----------------------------------------------------------------------
    Title: Windows 2000 Default Permissions Could Allow Trojan Horse
    Program (Q327522)
    Date: 30 October 2002
    Software: Windows 2000
    Impact: Trojan Horse program execution
    Max Risk: Moderate
    Bulletin: MS02-064

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-064.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    On Windows 2000, the default permissions provide the Everyone group
    with Full access (Everyone:F) on the system root folder
    (typically, C:\). In most cases, the system root is not in the search
    path. However, under certain conditions - for instance, during logon
    or when applications are invoked directly from the Windows desktop
    via Start | Run - it can be.

    This situation gives rise to a scenario that could enable an attacker
    to mount a Trojan horse attack against other users of the same
    system, by creating a program in the system root with the same name
    as some commonly used program, then waiting for another user to
    subsequently log onto the system and invoke the program. The Trojan
    horse program would execute with the user's own privileges, thereby
    enabling it to take any action that the user could take.

    The simplest attack scenario would be one in which the attacker knew
    that a particular system program was invoked by a logon script. In
    that case, the attacker could create a Trojan horse with the same
    name as the system program, which would then be executed by the
    logon script the next time someone logged onto the system. Other
    scenarios almost certainly would require significantly greater user
    interaction - for instance, convincing a user to start a particular
    program via Start | Run - and would necessitate the use of social
    engineering.

    The systems primarily at risk from this vulnerability would be
    workstations that are shared between multiple users, and local
    terminal server sessions. Other systems would be at significantly
    less risk:

    - Workstations that are not shared between users would be at no
    risk, because the attacker would require the ability to log onto
    the system in order to place the Trojan horse.

    - Servers would be at no risk, if standard best practices have
    been followed that advocate only allowing trusted users to log
    onto them.

    - Remote Terminal server sessions would be at little risk,
    because each user's environment is isolated. That is, the system
    root is never the current folder - instead, the user's Documents
    and Settings folder is, but the permissions on this folder would
    not enable an attacker to place a Trojan horse there.

    Mitigating Factors:
    ====================
    - An attacker would require the ability to log onto the system
    interactively in order to place the Trojan horse program. It
    could not be placed remotely

    - As discussed above, dedicated workstations, servers and remote
    terminal server sessions would be at less risk (or, in some cases,
    none at all) from the vulnerability.

    Risk Rating:
    ============
    - Internet systems: Low
    - Intranet systems: Low
    - Client systems: Moderate

    Patch Availability:
    ===================
    - This vulnerability requires an administrative procedure rather
    than a patch. The needed changes are discussed in the FAQ.
    Please read the Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-064.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Jason Miller of Security Focus (http://www.securityfocus.com)

    - ---------------------------------------------------------------------
    Diese Lücke erfordert ein administratives Verfahren anstatt eines Patches. Die erforderlichen Änderungen werden in der FAQ besprochen.
    Geändert von Brummelchen (27.01.08 um 11:52 Uhr)

  8. #7
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download



    Hab da heute nochwas gefunden (CCB/DiggnSaeg):
    http://www.computerbase.de/news.php?id=4125

    Scheinbar unbemerkt und ohne offizielle Bekanntgabe hat Microsoft DirectX 8.2 (Build 4.08.02.0134) herausgebracht. Gefunden haben es die Kollegen von xBetas auf einer CD von Microsofts Combat Flight Simulator 3. In der neuen Version wurde die DirectPlay-API einer Überarbeitung unterzogen.
    DirectX8.2 steht derzeit nur als Update von DirectX 8.1b zur Verfügung. Es sollte also die entsprechende Version vorher installiert werden. DirectX 8.1b ist u.a. Bestandteil des ServicePack1 für WindowsXP.
    Das rund 2,5MB große Update ist definitiv keine BETA und liegt in englischer Sprache vor.
    DirectX 8.2 auch offiziell bei Microsoft [Drucken]
    von Jan-Frederik Timm am 31.10.2002 17:12 Uhr

    Vor einigen Tagen war in der Betaversion des Combat Flight Simulators ein bisher nicht angekündigtes Update der Schnittstelle DirectX von Version 8.1 auf 8.2 aufgetaucht. Das File steht allerdings auch offiziell bei Microsoft zum Download bereit.
    Mit gut 27MB umfasst die Datei nicht nur das DirectPlay Update sondern auch das Grundgerüst, DirectX 8.1b. Unterstützt werden Windows 98, Windows ME, Windows 2000 und Windows XP. Wer also bereits über die letzte DirectX Version verfügt, sollte lieber zum Update greifen. Das komplette File findet sich bei Microsoft.com.
    Link zu MS
    http://www.microsoft.com/downloads/r...arch&ordinal=9

    DirectPlay 8.2

    This download contains DirectX 8.1b plus some DirectPlay fixes related to performance and connectivity issues exhibited with some online multiplayer game titles. This release of DirectX is not recommended for general installation. You should only consider installing this release if you have an online gaming problem that has been identified as being fixed with DirectX 8.2. This version of DirectX can replace all previous released versions of DirectX.

    Version - 8.2
    Release Date - 27 Sep 2002
    Estimated Download Size/Time @28.8 - 28,325,976 kb / 2237h 27min

    System Requirements

    The DirectX 8.2 release supports Windows 98, Windows ME, Windows 2000 and Windows XP. The DirectX installation process requires approximately 60 megabytes (MB) of free space on your hard drive. Once installed, you can delete the installation files. The remaining DirectX files use approximately 16 MB of hard drive space. If you had an earlier version of DirectX installed on your computer, you will see little difference in used space on your hard drive. DirectX 8.2 will overwrite the earlier versions.

    Note: After installation, the DirectX 8.2 runtime cannot be removed (uninstalled). The installation process changes core components and makes numerous registry changes within your operating system. Microsoft does not support un-installation.

    Operating System - Windows 98 & 2000 & Windows Me, Win XP
    Download (englisch)
    dplay82 update.exe - 27,663 Kb
    http://download.microsoft.com/downlo...2%20update.exe
    Geändert von Brummelchen (27.01.08 um 11:52 Uhr)

  9. #8
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    -----------------------------------------------------------------------
    Title: Buffer Overrun in Microsoft Data Access Components Could
    Lead to Code Execution (Q329414)
    Date: 20 November, 2002
    Software:
    Microsoft Data Access Components (MDAC) 2.1
    Microsoft Data Access Components (MDAC) 2.5
    Microsoft Data Access Components (MDAC) 2.6
    Microsoft Internet Explorer 5.01
    Microsoft Internet Explorer 5.5
    Microsoft Internet Explorer 6.0
    Impact: Run code of attacker?s choice
    Max Risk: Critical
    Bulletin: MS02-065

    Microsoft encourages customers to review the Security Bulletins at:
    http://www.microsoft.com/security/se...s/ms02-065.asp
    http://www.microsoft.com/technet/sec.../MS02-065.asp.
    - ----------------------------------------------------------------------

    Issue:
    ======
    Microsoft Data Access Components (MDAC) is a collection of components
    used to provide database connectivity on Windows platforms. MDAC is
    a ubiquitous technology, and it is likely to be present on most
    Windows systems:


    - - It is included by default as part of Windows XP, Windows 2000, and
    Windows Millennium.
    - - It is available for download as a stand-alone technology in its
    own right.
    - - It is either included in or installed by a number of other products
    and technologies. For instance, MDAC is included in the Windows NT
    4.0 Option Pack, and some MDAC components are present as part of
    Internet Explorer even if MDAC itself is not installed.

    MDAC provides the underlying functionality for a number of database
    operations, such as connecting to remote databases and returning data
    to a client. One of the MDAC components, known as Remote Data
    Services(RDS), provides functionality that support three-tiered
    Architectures ? that is, architectures in which a client?s requests
    for service from a back-end database are intermediated through a web
    site that applies business logic to them. A security vulnerability
    is present in the RDS implementation, specifically, in a function
    called the RDS Data Stub, whose purpose it is to parse incoming
    HTTP requests and generate RDS commands.

    The vulnerability results because of an unchecked buffer in the Data
    Stub. By sending a specially malformed HTTP request to the Data Stub,
    an attacker could cause data of his or her choice to overrun onto the
    heap. Although heap overruns are typically more difficult to exploit
    than the more-common stack overrun, Microsoft has confirmed that in
    this case it would be possible to exploit the vulnerability to run
    code of the attacker?s choice on the user?s system.

    Both web servers and web clients are at risk from the vulnerability:
    - ----------------------------------------------------------------------
    - - Web servers are at risk if a vulnerable version of MDAC is
    installed
    and running on the server. To exploit the vulnerability against
    such
    a web server, an attacker would need to establish a connection with
    the server and then send a specially malformed HTTP request to it,
    that would have the effect of overrunning the buffer with the
    attacker?s chosen data. The code would run in the security context
    of the IIS service (which, by default, runs in the LocalSystem
    context)
    - - Web clients are at risk in almost every case, as the RDS Data Stub
    is included with all current versions of Internet Explorer and
    there is no option to disable it. To exploit the vulnerability
    against a client, an attacker would need to host a web page that,
    when opened, would send an HTTP reply to the user's system and
    overrun the buffer with the attacker's chosen data. The web page
    could be hosted on a web site or sent directly to users as an HTML
    Mail. The code would run in the security context of the user.

    Clearly, this vulnerability is very serious, and Microsoft recommends
    that all customers whose systems could be affected by them take app-
    ropriate action immediately. Web server administrators should either
    install the patch, disable MDAC and/or RDS, or upgrade to MDAC 2.7,
    which is not affected by the vulnerability. Web client users should
    install the patch immediately on any system that is used for web
    browsing. It is important to stress that the latter guidance applies
    to any system used for web browsing, regardless of any other
    protective measures that have already been taken. For instance, a
    web server on which RDS had been disabled would still need the patch
    if it was occasionally used as a web client.

    Mitigating Factors:
    ====================
    Web Servers
    - - Web servers that are using MDAC version 2.7 (the version that
    shipped with Windows XP) or later are not affected by the vulner-
    ability.
    - - Even if a vulnerable version of MDAC were installed, a web server
    would only be at risk if RDS were enabled. RDS is disabled by
    default
    on clean installations of Windows XP and Windows 2000, and can be
    disabled on other systems by following the guidance in the IIS
    Security Checklist. In addition, the IIS Lockdown Tool will
    automatically disable RDS when used in its default configuration.
    - - If the URLScan tool were deployed with its default ruleset (which
    allows only ASCII data to be present in an HTTP request), it is
    likely that the vulnerability could only be used for denial of
    service attacks.
    - - IIS can be configured to run with fewer than administrative priv-
    ileges. If this has been done, it would likewise limit the
    privileges
    that an attacker could gain through the vulnerability.
    - - IP address restrictions, if applied to the RDS virtual directory,
    could enable the administrator to restrict access to only trusted
    users. This is, however, not practical for most web server
    scenarios.

    Web clients
    - - The HTML mail-based attack vector could not be exploited auto-
    matically on systems where Outlook 98 or Outlook 2000 were used
    in conjunction with the Outlook Email Security Update, or Outlook
    Express 6 or Outlook 2002 were used in their default
    configurations.
    - - Exploiting the vulnerability would convey to the attacker only the
    user?s privileges on the system. Users whose accounts are
    configured
    to have few privileges on the system would be at less risk than
    ones who operate with administrative privileges.

    Risk Rating:
    ============
    - Internet systems: Critical
    - Intranet systems: Critical
    - Client systems: Critical

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-065.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Microsoft thanks Foundstone Research Labs
    (http://www.foundstone.com/) for reporting this issue to us
    and working with us to protect customers.

    ----------------------------------------------------------------------
    Microsoft Data Access Components: Security Hotfix for Q329414

    One of the components of RDS that was delivered in MDAC 2.1, 2.5 and 2.6 contains an unchecked buffer. This patch eliminates the security vulnerability. MDAC 2.7 does not contain this vulnerability. The vulnerability does not affect Windows XP.

    For More Information - http://www.microsoft.com/technet/sec...n/MS02-065.asp
    Version - Q329414
    Release Date - 6 Nov 2002
    Estimated Download Size/Time @28.8 - 814 kb / 5min
    System Requirements

    This patch can be run against any system, whether MDAC is installed or not. It will determine which, if any, version of MDAC exists and will install the appropriate files. This patch will install on Windows 98 or greater.

    Operating System - Windows 98, NT4 & 2000, Windows Me

    Download Now
    q329414_mdacall_x86.exe - 814 Kb
    Download (alle Versionen ausser XP)
    http://download.microsoft.com/downlo...dacall_x86.exe
    Geändert von Brummelchen (27.01.08 um 11:53 Uhr)

  10. #9
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    -----------------------------------------------------------------------
    Title: Cumulative Patch for Internet Explorer (Q328970)
    Date: 20 November 2002
    Software: Internet Explorer
    Impact: Execute commands on a user's system
    Max Risk: Important
    Bulletin: MS02-066

    Microsoft encourages customers to review the Security Bulletins at:

    http://www.microsoft.com/security/se...s/ms02-066.asp
    http://www.microsoft.com/technet/sec.../MS02-066.asp.


    - ----------------------------------------------------------------------

    Issue:
    ======
    This is a cumulative patch that includes the functionality of all
    previously released patches for IE 5.01, 5.5 and 6.0. In addition,
    it eliminates the following six newly discovered vulnerabilities:


    - - A buffer overrun vulnerability that occurs because Internet
    Explorer does not correctly check the parameters of a PNG graphics
    file when it is opened. To the best of Microsoft's knowledge, this
    vulnerability could only be used to cause Internet Explorer to
    fail. The effect of exploiting the vulnerability against Internet
    Explorer would be relatively minor - the user would only need to
    restart the browser to restore normal operation. However, a number
    of other Microsoft products - notably, most Microsoft Office
    products and Microsoft Index Server - rely on Internet Explorer to
    render PNG files, and exploiting the vulnerability against such an
    application would cause them to fail as well. Because of this,
    Microsoft recommends that customers install this patch regardless
    of whether they are using Internet Explorer as their primary web
    browser.

    - - An information disclosure vulnerability related to the way that
    Internet Explorer handles encoded characters in a URL. This
    vulnerability could allow an attacker to craft a URL containing
    some encoded characters that would redirect a user to a second web
    site. If a user followed the URL, the attacker would be able to
    piggy-back the user's access to the second website. This could
    allow the attacker to access any information the user shared with
    the second web site.

    - - A vulnerability that occurs because under certain circumstances
    Internet Explorer does not correctly check the component that the
    OBJECT tag calls. This could allow an attacker to obtain the name
    of the Temporary Internet Files folder on the user's local machine.
    The vulnerability would not allow an attacker to read or modify
    any files on the user's local system, since the Temporary Internet
    Files folder resides in the Internet security zone. Knowledge of
    the name of the Temporary Internet Files folder could allow an
    attacker to identify the username of the logged-on user and read
    other information in the Temporary Internet Files folder such as
    cookies.

    - - Three vulnerabilities that although having differing root causes,
    have the same net effects. All three vulnerabilities result
    because of incomplete security checks being carried out when using
    particular programming techniques in web pages, and would have the
    effect of allowing one website to access information in another
    domain, including the user's local system. This could enable the
    web site operator to read, but not change, any file on the user's
    local computer that could be viewed in a browser window. In
    addition, this could also enable an attacker to invoke an
    executable that was already present on the local system.

    In addition, the patch sets the Kill Bit on a legacy DirectX
    ActiveX control which has been retired but which has a security
    vulnerability. This has been done to ensure that the vulnerable
    control cannot be reintroduced onto users' systems and ensures
    that users who already have the control on their system are
    protected. This is discussed further in Microsoft Knowledge Base
    Article 810202.

    The patch also makes a further refinement to cross domain
    verification check that was first introduced in Internet Explorer
    Service Pack 1.

    Mitigating Factors:
    ====================

    With the exception of the Malformed PNG Image File Failure, there
    are common mitigating factors across all of the vulnerabilities:

    - - The attacker would have to host a web site that contained a web
    page used to exploit the particular vulnerability.
    - - The attacker would have no way to force users to visit the site.
    Instead, the attacker would need to lure them there, typically by
    getting them to click on a link that would take them to the
    attacker's site.
    - - By default, Outlook Express 6.0 and Outlook 2002 open HTML mails
    in the Restricted Sites Zone. In addition, Outlook 98 and 2000
    open HTML mails in the Restricted Sites Zone if the Outlook Email
    Security Update has been installed. Customers who use any of these
    products would be at no risk from an e-mail borne attack that
    attempted to exploit these vulnerabilities.

    In addition to there are a number of individual mitigating factors:

    Malformed PNG Image File Failure

    - - Internet Explorer and other affected applications such as
    Microsoft Office and Microsoft Index Server could be successfully
    restarted after the failure.
    - - Microsoft has not identified a method by which this buffer
    overrun can be used to execute code of the attacker's choice on
    the user's system.
    - - This vulnerability is not present in Internet Explorer 6 Service
    Pack 1.

    Encoded Characters Information Disclosure

    - - The vulnerability would not enable an attacker to read, modify
    or execute any files on the local system.

    Temporary Internet Files folder Name Reading

    - - An attacker could not use this vulnerability to read, delete or
    modify any files on the user's local system other than information
    contained in the Temporary Internet Files folder.
    - - An attacker could only exploit this vulnerability by having a
    user visit a malicious web site and then follow a malformed link
    on this malicious web site to a second web site that the user
    trusted.
    - - This vulnerability is not present in Internet Explorer 6 Service
    Pack 1.

    Frames Cross Site Scripting, Cross Domain Verification via Cached
    Methods & Improper Cross Domain Security Validation with Frames

    - - The vulnerabilities would only allow an attacker to read files
    on the user's local system that can be rendered in a browser
    window, such as image files, HTML files and text files.
    - - The vulnerabilities would not provide any way for an attacker to
    put a program of their choice onto another user's system.
    - - An attacker would need to know the name and location of any file
    on the system to successfully invoke it.
    - - The vulnerabilities could only be used to view or invoke local
    executables. It could not be used to create, delete, or modify
    arbitrary or malicious files.

    Risk Rating:
    ============
    - - Important

    Patch Availability:
    ===================
    - - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-066.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - - Microsoft thanks eEye Digital Security for reporting the
    malformed PNG issue to us and working with us to protect customers.

    ----------------------------------------------------------------------
    Q328970: November 2002, Cumulative Patch for Internet Explorer German

    November 2002, Cumulative Patch for Internet Explorer (Q328970)
    Posted: November 20, 2002

    Read This First

    The "November 2002, Cumulative Patch for Internet Explorer" eliminates
    all previously addressed security vulnerabilities affecting Internet Explorer,
    as well as additional newly discovered vulnerabilities. This update includes
    the functionality of all previously released patches.
    Download now to continue keeping your computer secure.

    For more information about the vulnerabilities this update addresses,
    read the associated Microsoft Security Bulletin.
    http://www.microsoft.com/technet/sec...n/ms02-066.asp

    System Requirements
    This update applies to Internet Explorer with the following operating systems:

    Windows XP SP1 64bit
    Windows XP SP1
    Windows XP
    Windows Millennium Edition (Windows Me)
    Windows 2000 SP3
    Windows 98 SE
    Windows NT® 4.0 SP6A

    Internet Explorer 6 SP1 (32-bit)
    Security Update, 1.55 MB file, 8 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328970.exe

    Internet Explorer 6 SP1 (64-bit)
    Security Update, 3.17 MB file, 15 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328970.exe

    Internet Explorer 6
    Security Update, 2.43 MB file, 12 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328970.exe

    Internet Explorer 5.5 SP2
    Security Update, 2.15 MB file, 10 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328970.exe

    Internet Explorer 5.01 SP3
    Security Update, 1.91 MB file, 9 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q328970.exe
    Auf deutsch:
    Patch-Flut für Internet Explorer und Windows
    Microsoft hat heute gleich mehrere wichtige Sicherheits-Updates herausgebracht. Der wichtigste ist sicherlich ein neuer "Cumulative Patch" für den Internet Explorer 5.01, 5.5 und 6.0, dessen Installation Microsoft dringend empfiehlt. Aber auch für fast alle Windowssysteme gibt es neue Flicken. Ein Patch stopft eine Lücke in Zusammenhang mit digitalen Zertifikaten. Ein weiterer beseitigt eine Schwachstelle, durch die ein Angreifer seinen Programmcode auf einem attackierten System ausführen kann.
    http://www.pcwelt.de/news/viren_bugs/27468
    Geändert von Brummelchen (27.01.08 um 11:53 Uhr)

  11. #10
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    Hier die Info zu den "digitalen Zertifikaten":
    (gabs weiter oben schon mal)

    -----------------------------------------------------------------------
    Title: Certificate Validation Flaw Could Enable Identity
    Spoofing (Q329115)
    Released: 04 September 2002
    Revised: 20 November 2002 (version 4.0)
    Software: Microsoft Windows, Microsoft Office for Mac, Microsoft
    Internet Explorer for Mac, or Microsoft Outlook Express
    for Mac.
    Impact: Identity spoofing and, in some cases, ability to gain
    control over a user's system.
    Max Risk: Important

    Bulletin: MS02-050

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-050.asp.
    - ----------------------------------------------------------------------

    Reason for Revision:
    ====================
    The original version of this bulletin was released on 05 September
    2002. On 09 September 2002, we updated the bulletin to advise
    customers that a Microsoft-issued digital certificate, used to sign
    device drivers, did not meet the stricter validation standards
    established by the patch. As a result, customers who installed the
    patch could see unexpected error messages when installing new
    hardware, or in some cases might be unable to install new hardware
    altogether. On 20 November 2002, we released an updated version of
    the patch that not only eliminates this problem, but also eliminates
    a newly discovered variant of the original vulnerability.

    Issue:
    ======
    The IETF Profile of the X.509 certificate standard defines several
    optional fields that can be included in a digital certificate. One
    of these is the Basic Constraints field, which indicates the maximum
    allowable length of the certificate's chain and whether the
    certificate is a Certificate Authority or an end-entity certificate.
    However, the APIs within CryptoAPI that construct and validate
    certificate chains (CertGetCertificateChain(),
    CertVerifyCertificateChainPolicy(), and WinVerifyTrust()) do not
    check the Basic Constraints field. The same flaw, unrelated to
    CryptoAPI, is also present in several Microsoft products for
    Macintosh.

    The vulnerability identified in the original version of the bulletin
    could enable an attacker who had a valid end-entity certificate to
    issue a subordinate certificate that, although bogus, would
    nevertheless pass validation. Because CryptoAPI is used by a wide
    range of applications, this could enable a variety of identity
    spoofing attacks. These are discussed in detail in the FAQ, but
    could include:

    - Setting up a web site that poses as a different web site, and
    "proving" its identity by establishing an SSL session as the
    legitimate web site.
    - Sending emails signed using a digital certificate that
    purportedly belongs to a different user.
    - Spoofing certificate-based authentication systems to gain entry
    as a highly privileged user.
    - Digitally signing malware using an Authenticode certificate that
    claims to have been issued to a company users might trust.

    The newly discovered vulnerability announced on 20 November 2002 is
    closely related to the one discussed in the original version of the
    bulletin and, like that vulnerability, involves a flaw in the way
    certificate validation is performed. However, this vulnerability
    could enable an attacker to gain control over a user's system.
    Because a fix for this vulnerability was not included in the original
    version of the patch, Microsoft strongly recommends that customers
    install the new patch, even if they installed the original version
    of the patch. Only Microsoft Windows 98, Windows 98 Second Edition,
    Windows NT 4.0, and Windows NT 4.0, Terminal Server Edition are
    affected by this variant.


    Mitigating Factors:
    ====================
    Overall:

    - The user could always manually check a certificate chain, and
    might notice in the case of a spoofed chain that there was an
    unfamiliar intermediate CA.

    - Unless the attacker's digital certificate were issued by a CA
    in the user's trust list, the certificate would generate a
    warning when validated.

    - The attacker could only spoof certificates of the same type
    as the one he or she possessed. In the case where the attacker
    attempted an attack using a high-value certificate such as
    Authenticode certificates, this would necessitate obtaining a
    legitimate certificate of the same type - which could require
    the attacker to prove his or her identity or entitlement to the
    issuing CA.

    Web Site Spoofing:

    - The vulnerability provides no way for the attacker to cause the
    user to visit the attacker's web site. The attacker would need
    to redirect the user to a site under the attacker's control
    using a method such as DNS poisoning. As discussed in the FAQ,
    this is extremely difficult to carry out in practice.

    - The vulnerability could not be used to extract information from
    the user's computer. The vulnerability could only be used by an
    attacker as a means of convincing a user that he or she has
    reached a trusted site, in the hope of persuading the user to
    voluntarily provide sensitive data.

    Email Signing:

    - The "from" address on the spoofed mail would need to match the
    one specified in the certificate, giving rise to either of two
    scenarios if a recipient replied to the mail. In the case where
    the "from" and "reply-to" fields matched, replies would be sent
    to victim of the attack rather than the attacker. In the case
    where the fields didn't match, replies would obviously be
    addressed to someone other than ostensible sender. Either case
    could be a tip-off that an attack was underway.

    Certificate-based Authentication:

    - In most cases where certificates are used for user
    authentication, additional information contained within the
    certificate is necessary to complete the authentication. The
    type and format of such data typically varies with every
    installation, and as a result significant insider information
    would likely be required for a successful attack.

    Authenticode Spoofing:

    - To the best of Microsoft's knowledge, such an attack could not
    be carried out using any commercial CA's Authenticode
    certificates. These certificates contain policy information that
    causes the Basic Constraints field to be correctly evaluated,
    and none allow end-entity certificates to act as CAs.

    - Even if an attack were successfully carried out using an
    Authenticode certificate that had been issued by a corporate
    PKI, it wouldn't be possible to avoid warning messages, as
    trust in Authenticode is brokered on a per-certificate, not
    per-name, basis.

    Risk Rating:
    ============
    - Important

    Note: Responding to customer feedback, Microsoft updated its
    severity rating system November 18, 2002. Security bulletins that
    originally posted under the old system - before November 18,
    2002 - and are later re-released under the new system, will
    reflect the severity rating assessed under the new revised
    system Severity Rating criteria

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-050.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - UK National Infrastructure Security Co-ordination Centre (NISCC)

    ----------------------------------------------------------------------
    Downloads deutsch:

    Windows 98 / 98 SE
    http://download.microsoft.com/downlo...329115GER8.EXE

    Windows ME
    http://www.microsoft.com/windowsupdate

    Windows NT 4.0:
    http://www.microsoft.com/ntserver/nt...15/default.asp
    Windows NT 4.0 Terminal Server Edition:
    http://www.microsoft.com/ntserver/te...15/default.asp

    Windows 2000:
    http://www.microsoft.com/windows2000...15/default.asp
    Security Update, 7.26 MB file, 35 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...SP4_X86_DE.exe

    Windows XP:
    32bit: http://download.microsoft.com/downlo...P2_x86_DEU.exe
    64bit: http://download.microsoft.com/downlo...2_ia64_DEU.exe

    Microsoft Office v.X for Mac:
    http://www.microsoft.com/mac/download/security.asp
    Microsoft Office 2001 for Mac:
    http://www.microsoft.com/mac/download/security.asp
    Microsoft Office 98 for the Macintosh:
    http://www.microsoft.com/mac/download/security.asp
    Microsoft Internet Explorer for Mac (for OS 8.1 to 9.x):
    http://www.microsoft.com/mac/download/security.asp
    Microsoft Internet Explorer for Mac (for OS X):
    http://www.microsoft.com/mac/download/security.asp
    Microsoft Outlook Express 5.0.6 for Mac:
    http://www.microsoft.com/mac/download/security.asp
    Geändert von Brummelchen (27.01.08 um 11:54 Uhr)

  12. #11
    Elder Statesman Avatar von little tyrolean
    Registriert seit
    21.03.02
    Ort
    auf der Alm
    Beiträge
    9.454

    AW: Microsoft Security Bulletin informiert/Download

    mal ein bißchen Praxis:
    Ich habe gestern nacht mein Betriebssystem - Windows 2000 SP3 - upgedatet und alle Patches zugelassen.
    Es kamen so an die 15 MB Download zustande, das Update selbst verlief problemlos.
    Bis jetzt habe ich nichts Nachteiliges feststellen können -
    ich wäre aber dankbar, wenn mir jemand was über den IE 6 erzählen würde, bei mir läuft noch der IE 5.5 SP2.

  13. #12
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    http://www.intern.de/news/3741.html
    Sicherheitslücken immer noch vorhanden
    26.11.2002

    In der vergangenen Woche hatte Microsoft zwei Patches veröffentlicht. Diese Patches sind nach Ansicht des dänischen Sicherheitsunternehmens Secunia ungenügend.

    Die im 65. Bulletin dieses Jahres angesprochene Sicherheitslücke in den MDAC ist beispielsweise immer noch vorhanden, da die alte MDAC-Version durch einen Angreifer wieder reaktiviert werden kann.

    Auch das im 66. Bulletin angebotene kumulative Patch verspricht demanch mehr, als es hält. Die angeblich geschlossenen Sicherheitslücken sollen immer noch vorhanden sein.

    Secunia: Microsoft vulnerabilities not fixed
    http://www.secunia.com/advisories/7579/

    intern.de: Neue kritische Sicherheitslücke
    http://www.intern.de/news/3727.html
    Naja, ein Versuchs war's wert
    Geht um:
    Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
    Geändert von Brummelchen (27.01.08 um 11:54 Uhr)

  14. #13
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    Gibt was neues.

    Einmal Outlook 2002
    -----------------------------------------------------------------------
    Title: E-mail Header Processing Flaw Could Cause Outlook 2002
    to Fail (331866)
    Date: 04 December 2002
    Software: Microsoft Outlook 2002
    Impact: Denial of Service
    Max Risk: Moderate
    Bulletin: MS02-067

    Microsoft encourages customers to review the Security Bulletins at:
    http://www.microsoft.com/technet/sec...n/MS02-067.asp
    http://www.microsoft.com/security/se...s/MS02-067.asp
    - ----------------------------------------------------------------------

    Issue:
    ======
    Microsoft Outlook provides users with the ability to work with
    e-mail, contacts, tasks, and appointments. Outlook e-mail handling
    includes receiving, displaying, creating, editing, sending, and
    organizing e-mail messages. When working with received e-mail
    messages, Outlook processes information contained in the header of
    the e-mail which carries information about where the e-mail came
    from, its destination, and attributes of the message.

    A vulnerability exists in Outlook 2002 in its processing of e-mail
    header information. An attacker who successfully exploited the
    vulnerability could send a specially malformed e-mail to a user of
    Outlook 2002 that would cause the Outlook client to fail under
    certain circumstances. The Outlook 2002 client would continue to
    fail so long as the specially malformed e-mail message remained on
    the e-mail server. The e-mail message could be deleted by an e-mail
    administrator, or by the user via another e-mail client such as
    Outlook Web Access or Outlook Express, after which point the
    Outlook 2002 client would again function normally.

    Mitigating Factors:
    ====================
    - Outlook 2002 clients connecting to e-mail servers using the
    MAPI protocol are not affected. Only Outlook 2002 clients using
    POP3, IMAP, or WebDAV protocols are vulnerable.

    - The vulnerability does not affect Outlook 2000 or Outlook Express.

    - The vulnerability is a denial of service vulnerability only.
    The attacker would not be able to access the user?s e-mail or
    system in any way. The vulnerability could not be used to read,
    delete, create, or alter the user?s e-mail.

    - If an attacker was able to send a specially malformed e-mail that
    successfully exploited this vulnerability, the specially
    malformed e-mail could be deleted either by an e-mail
    administrator, or by the user via another e-mail client such as
    Outlook Web Access or Outlook Express. Once the specially
    malformed e-mail has been removed, normal operation would resume.

    Risk Rating:
    ============
    - Moderate

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-067.asp
    for information on obtaining this patch.

    Acknowledgment:
    ===============
    - Richard Lawley

    ----------------------------------------------------------------------
    Download:
    http://office.microsoft.com/downloads/2002/olk1005.aspx

    Works With Outlook 2002 SP2
    File Name olk1005.exe
    Last Updated 11-11-2002

    Languages Supported
    ...
    German
    ...
    Dafür muss das Office SP2 installiert sein !

    Download 508 KB

    Und schon wieder ein IE-Patch
    -----------------------------------------------------------------------
    Title: Cumulative Patch for Internet Explorer (Q324929)
    Date: 04 December 2002
    Software: Microsoft(r) Internet Explorer
    Impact: Information Disclosure
    Max Risk: Moderate
    Bulletin: MS02-068

    Microsoft encourages customers to review the Security Bulletins at:
    http://www.microsoft.com/security/se...s/MS02-068.asp
    http://www.microsoft.com/technet/sec.../MS02-068.asp.
    -----------------------------------------------------------------------

    Issue:
    ======
    This is a cumulative patch for Internet Explorer 5.5 and 6.0. In
    addition to including the functionality of all previously released
    patches for Internet Explorer 5.5 and 6.0, it also eliminates a
    newly discovered flaw in Internet Explorer's cross-domain security
    model. This flaw occurs because the security checks that Internet
    Explorer carries out when particular object caching techniques are
    used in web pages are incomplete. This could have the effect of
    allowing a website in one domain to access information in another,
    including the user's local system.

    Exploiting the vulnerability could enable an attacker to read, but
    not change, any file on the user's local computer. In addition, the
    attacker could invoke an executable that was already present on the
    local system. The attacker would need to know the exact location of
    the executable, and would not be able to pass parameters to it.
    Microsoft is not aware of any executable that ships by default as
    part of Windows and, when run without parameters, could be
    dangerous.

    An attacker could exploit the vulnerability by constructing a web
    page that uses a cached programming technique, and could then
    either host it on a web site or send it to a user via email. In the
    case of the web-based attack vector the page could be automatically
    opened when a user visited the site In the case of the HTML mail-
    based attack vector, the page could be opened when the recipient
    opened the mail or viewed it using the Preview pane.

    Mitigating Factors:
    ====================
    - -Internet Explorer 5.01 is not affected by this vulnerability.
    - -The web-based attack scenario would provide no way for the
    attacker to force users to visit the site. Instead, the attacker
    would need to lure them there, typically by getting them to click
    on a link that would take them to the attacker's site.
    - -The HTML mail-based attack scenario would be blocked by Outlook
    Express 6.0 and Outlook 2002 in their default configurations, and
    by Outlook 98 and 2000 if used in conjunction with the Outlook
    Email Security Update.
    - -The vulnerability would allow an attacker to read but not add,
    delete or modify files on the user's local system.
    - -The attacker would need to know the name and location of any file
    on the system to successfully invoke it. If invoked, there would be
    no way for an attacker to pass parameters to that executable.
    - -This vulnerability does not provide any way for an attacker to put
    a program of their choice onto another user's system.

    Risk Rating:
    ============

    Moderate

    Patch Availability:
    ===================
    - A patch is available to fix this vulnerability. Please read the
    Security Bulletin at
    http://www.microsoft.com/technet/sec...n/ms02-068.asp
    for information on obtaining this patch.

    ----------------------------------------------------------------------
    Downloads:
    December 2002, Cumulative Patch for Internet Explorer (Q324929) German

    The "December 2002, Cumulative Patch for Internet Explorer" eliminates
    all previously addressed security vulnerabilities affecting Internet Explorer,
    as well as additional newly discovered vulnerabilities. This update includes
    the functionality of all previously released patches. Download now to continue
    keeping your computer secure.

    For more information about the vulnerabilities this update addresses,
    read the associated Microsoft Security Bulletin.
    http://www.microsoft.com/technet/sec...n/MS02-068.asp

    System Requirements
    This update applies to Internet Explorer with the following operating systems:

    - Windows XP SP1 64-bit
    - Windows XP SP1
    - Windows XP
    - Windows Millennium Edition (Windows Me)
    - Windows 2000
    - Windows 98 SE
    - Windows NT® 4.0 SP6A

    Internet Explorer 6 SP1 (32-bit)
    Security Update, 2 MB file, 10 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q324929.exe

    Internet Explorer 6 SP1 (64-bit)
    Security Update, 4.1 MB file, 20 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q324929.exe

    Internet Explorer 6
    Security Update, 2.43 MB file, 12 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q324929.exe

    Internet Explorer 5.5 SP2
    Security Update, 2.15 MB file, 10 min @ 28.8 Kbps
    http://download.microsoft.com/downlo...DE/q324929.exe
    Geändert von Brummelchen (27.01.08 um 11:54 Uhr)

  15. #14
    Brummelchen

    AW: Microsoft Security Bulletin informiert/Download

    Das ganze auf deutsch dokumentiert:

    http://www.pcwelt.de/news/internet/27809/
    Neuer Sammel-Patch für IE 5.5 und 6.0 erschienen

    Microsoft hat einen neuen "Cumulative Patch" für den Internet Explorer 5.5 und 6.0 zur Verfügung gestellt. Laut dem "Microsoft Security Bulletin MS02-068" umfasst der Flicken alle bislang erschienen Sicherheits-Updates und beseitigt eine erst kürzlich entdeckte Sicherheitslücke im "cross-domain security model" des Browsers.

    Sie ermöglicht es Angreifern, Dateien auf dem Rechner des Anwender zu lesen und Programmcode zu starten. Aufgrund der Umstände, die für einen "erfolgreichen" Angriff vorhanden sein müssten, stuft Microsoft das Risiko als moderat ein. Die Ausführungen der Redmonder dazu finden Sie hier .

    Der Download beträgt mindestens zwei Megabyte. Das Update ist nur für den IE 5.5 und 6.0, die auf Windows 98SE, ME, NT 4.0 (SP6A), 2000 sowie Windows XP (auch mit SP1) laufen, bestimmt. Der IE 5.01 ist laut Microsoft nicht betroffen.

    Hinweis: Beim IE 5.5 muss vor der Installation des Patches der Service Pack 2 installiert werden.

    http://www.pcwelt.de/news/viren_bugs/27813/

    Patch bewahrt Outlook 2002 vor Absturz

    Microsoft hat einen Patch für Outlook 2002 zum Download bereit gestellt. Der Flicken soll eine Schwachstelle beseitigen, durch die das Mailprogramm zum Absturz gebracht werden kann. Ein Angreifer könnte damit den Zugang zum Mailserver eines Outlook- Benutzers blockieren.

    Das Problem steckt im Header der Mail. Dort befinden sich Informationen zum Absender, Empfänger und zu den Maileigenschaften. Eine Mail mit einem fehlerhaften Header kann Outlook 2002 beim Empfang der Nachricht zum Absturz bringen. Die Mail bleibt daraufhin auf dem Mailserver liegen und blockiert jeden weiteren Zugriff auf die Mails, da das Programm bei jedem erneuten Abruf der Nachrichten wieder abstürzt.

    Ohne Patch lässt sich dieses Problem nur lösen, indem der Benutzer mit einem anderen Client auf den Mailserver zugreift und die problematische Nachricht löscht. Danach ist der Zugriff unter Outlook 2002 wieder möglich. Besser ist es aber, wenn Sie die Schwachstelle durch die Installation des Patches beseitigen.

    Der 508 Kilobyte große Patch steht auch für die deutschsprachige Version von Outlook 2002 zur Verfügung. Wichtig: Vor der Installation des Patches muss das Service Pack 2 für Office XP aufgespielt werden.

    Alle Anwender, die mit Outlook 2002 Mails von einem POP3-, IMAP-, oder WebDAV-Server abrufen, sollten den Patch installieren. Ältere Versionen von Outlook und Outlook Express sind von diesem Problem nicht betroffen, deren Anwender können auf den Patch verzichten.
    Geändert von Brummelchen (27.01.08 um 11:47 Uhr)

  16. #15
    IT Trainer Avatar von Wolfi
    Registriert seit
    08.01.02
    Ort
    Wien
    Beiträge
    4.960

    Q329623 - Issue with DirectX May Cause DVD Players To Not Work

    Der Patch behebt Probleme mit DVD-Playern in Verbindung mit DirectX unter MS Windows XP + SP1

Seite 1 von 17 1234511 ... LetzteLetzte

Ähnliche Themen

  1. Microsoft Security Bulletin
    Von Wolfi im Forum Comedy & Spiele
    Antworten: 0
    Letzter Beitrag: 20.09.03, 14:43
  2. E.Howes : Protecting Your Privacy & Security on a Home PC
    Von SevenSpirits im Forum Hot Links
    Antworten: 3
    Letzter Beitrag: 12.11.02, 08:10
  3. jede menge Updates
    Von Brummelchen im Forum Alles rund um Windows
    Antworten: 10
    Letzter Beitrag: 29.08.02, 23:08
  4. Microsoft dementiert: Keine Admin-Rechte auf dem PC
    Von RollerChris im Forum Sicherheit am PC
    Antworten: 0
    Letzter Beitrag: 05.07.02, 17:37

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  

Search Engine Friendly URLs by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55