Microsoft Security Bulletin informiert/Download

Neuer Patch für Windows 2000 und XP - Q811493

Microsoft hat einen neuen Patch für Windows 2000 und XP veröffentlicht, welcher eine Sicherheitslücke schließt, die es einem Angreifer bisher ermöglichte, die volle Kontrolle über das System zu übernehmen. Microsoft stuft dieses Update als `wichtig` ein und rät den Patch so bald wie möglich einzuspielen. Weitere Informationen gibt es im MS TechNet.

Q811493_WXP_SP2_x86_DEU.exe (Windows XP, Deutsch, 5945 KB)

Q811493_WXP_SP2_x86_ENU.exe (Windows XP, Englisch, 5931 KB)

Q811493_W2K_SP4_X86_DE.exe (Windows 2000, Deutsch, 5017 KB)

Q811493_W2K_SP4_X86_EN.exe (Windows 2000, Englisch, 5333 KB)

Brummelchen, Du bist dran !

Jaja, einen Tag zu lang gewartet

- ----------------------------------------------------------------------
Title: Buffer Overrun in Windows Kernel Message Handling could
Lead to Elevated Privileges (811493)
Date: 16 April 2003
Software: Microsoft Windows NT 4.0, Windows 2000, and Windows XP
Impact: Local Elevation of Privilege
Max Risk: Important
Bulletin: MS03-013

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/MS03-013.asp
http://www.microsoft.com/security/security_bulletins/ms03-013.asp
- ----------------------------------------------------------------------

Issue:
======
The Windows kernel is the core of the operating system. It provides
system level services such as device and memory management,
allocates processor time to processes and manages error handling.

There is a flaw in the way the kernel passes error messages to a
debugger. A vulnerability results because an attacker could write a
program to exploit this flaw and run code of their choice. An
attacker could exploit this vulnerability to take any action on the
system including deleting data, adding accounts with administrative
access, or reconfiguring the system.

For an attack to be successful, an attacker would need to be able
to logon interactively to the system, either at the console or
through a terminal session. Also, a successful attack would require
the introduction of code in order to exploit this vulnerability.
Because best practices recommends restricting the ability to logon
interactively on servers, this issue most directly affects client
systems and terminal servers.

Mitigating Factors:
====================
- - A successful attack requires the ability to logon
interactively to the target machine, either directly at the console
or through a terminal session.
- - Properly secured servers would be at little risk from this
vulnerability. Standard best practices recommend only allowing
trusted administrators to log onto such systems interactively;
without such privileges, an attacker could not exploit the
vulnerability.

Risk Rating:
============
Important

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at
http://www.microsoft.com/technet/security/bulletin/ms03-013.asp
http://www.microsoft.com/security/security_bulletins/ms03-013.asp

for information on obtaining this patch.

Acknowledgment:
===============
- Oded Horovitz of Entercept Security Technologies -
http://www.entercept.com
- ---------------------------------------------------------------------

Zum Vergrößern anklicken....

Links siehe oben

Neuer Patch für Windows XP - Q817287

Bei Microsoft ist heute wieder Tag des Patches. Dieses Update für Windows XP verändert die Catalog Database dahingehend, dass sie nicht nur die Integrität anderer Programme prüfen kann, sondern auch von sich selbst. Die evtl. notwendigen Reperaturfunktionen werden dann automatisch vorgenommen. Zusätzlich soll mit diesem Update die Performance verbessert werden.

Q817287_WXP_SP2_x86_DEU.exe[/url]

Und zurück an Brummelchen!

Probleme mit Patch Q811493

Unter den Netzwerk-Administratoren hat es sich schnell herumgesprochen,

daß nach Einspielen dieses Patches auf XP/W2K-Clients ein extremer

Verlust an Durchführungs-Geschwindigkeit bei allen auf diesen PCs

vorhandenen Anwendungen eintritt.

Eine Stellungnahme von Miscrosoft diesbezüglich steht noch aus,

lediglich eine Korrektur bezüglich der Installation des Patches unter

Windows 2000 wurde von Microsoft am 17.4.2003 veröffentlicht.

Da der Patch eine Sicherheitslücke schließen soll, die in gut geschützten

Netzwerken ohnehin nicht auftreten kann, empfiehlt sich zumindest

für Netzwer-Administratoren, bei auftretenden Geschwindigkeits-Problemen

bei Client-PCs den Patch wieder zu de-installieren...

Wie Wolfi oben berichtete gibt es ein Problem mit dem Windows XP Patch Q811493.
Nach der Installation lief das System bei einigen Anwendern extrem langsam. In der WUv4 Beta Newsgroup hat Microsoft jetzt die Lösung des Problems gepostet.
Die Anti-Viren Programme auf den Rechnern der Betroffenen sind wohl daran schuld.
Deaktiviert man zum Beispiel den Auto-Protect Service bei Norton, so läuft das System wieder normal.
Außer Norton Anti Virus sind auch noch die Anti Viren Programme von Sophos und EZ betroffen.

"Und hier die neuesten nachrichten brandaktuell aus dem Studio Brummel"

- ----------------------------------------------------------------------
Title: Cumulative Patch for Outlook Express (330994)
Date: 23 April 2003
Software: Microsoft (c) Outlook Express
Impact: Run code of the attacker's choice on a user's machine.
Max Risk: Critical
Bulletin: MS03-014

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/MS03-014.asp
http://www.microsoft.com/security/security_bulletins/ms03-014.asp
- ----------------------------------------------------------------------

Issue:
======
MHTML stands for MIME Encapsulation of Aggregate HTML. MHTML is an
Internet standard that defines the MIME (Multipurpose Internet Mail
Extensions) structure used to send HTML content in e-mail message
bodies. The MHTML URL Handler in Windows is part of Outlook Express
and provides a URL type that can be used on the local machine. This
URL type (MHTML://) allows MHTML documents to be launched from a
command line, from Start/Run, using Windows Explorer or from within
Internet Explorer.

A vulnerability exists in the MHTML URL Handler that allows any
file that can be rendered as text to be opened and rendered as part
of a page in Internet Explorer. As a result, it would be possible
to construct a URL that referred to a text file that was stored on
the local computer and have that file render as HTML. If the text
file contained script, that script would execute when the file was
accessed. Since the file would reside on the local computer, it
would be rendered in the Local Computer Security Zone. Files that
are opened within the Local Computer Zone are subject to fewer
restrictions than files opened in other security zones.

Using this method, an attacker could attempt to construct a URL and
either host it on a website or send it via email. In the web based
scenario, where a user then clicked on a URL hosted on a website,
an attacker could have the ability to read or launch files already
present on the local machine. In the case of an e-mail borne attack,
if the user was using Outlook Express 6.0 or Outlook 2002 in their
default configurations, or Outlook 98 or 2000 in conjunction with
the Outlook Email Security Update, then an attack could not be
automated and the user would still need to click on a URL sent in
the e-mail. However if the user was not using Outlook Express 6.0
or Outlook 2002 in their default configurations, or Outlook 98 or
2000 in conjunction with the Outlook Email Security Update, the
attacker could cause an attack to trigger automatically without the
user having to click on a URL contained in an e-mail. In both the
web based and e-mail based cases, any limitations on the user's
privileges would also restrict the capabilities of the attacker's
script.

Applying the update listed in Microsoft Security Bulletin MS03-004
- -- Cumulative Patch for Internet Explorer-will help block an
attacker from being able to load a file onto a user's computer and
prevent the passing of parameters to an executable. This means that
an attacker could only launch a program that already existed on the
computer-provided the attacker was aware of the location of the
program-and would not be able to pass parameters to the program for
it to execute.

MHTML is a standard for exchanging HTML content in e-mail and as a
result the MHTML URL Handler function has been implemented in
Outlook Express. Internet Explorer can also render MHTML content,
however the MHTML function has not been implemented separately in
Internet Explorer - it simply uses Outlook Express to render the
MHTML content.

Mitigating Factors:
====================
- -For the web-based scenario, the attacker would have to host a web
site that contained a web page used to exploit this vulnerability
and entice a user to visit it. An attacker would have no way to
force a user to visit the site. Instead, the attacker would need to
lure the user there, typically by getting the user to click on a
link to the attacker's site.

- -The HTML mail-based attack scenario would be blocked by Outlook
Express 6.0 and Outlook 2002 in their default configurations, and
by Outlook 98 and 2000 if used in conjunction with the Outlook
Email Security Update.

- -Exploiting the vulnerability would allow the attacker only the
same privileges as the user. Users whose accounts are configured to
have few privileges on the system would be at less risk than ones
who operate with administrative privileges.

- -If the cumulative patch for Internet Explorer MS03-004 has been
installed, known means by which an attacker may place a file onto a
user's computer will be blocked.

- -In order to invoke an executable already present on the local
system, an attacker must know the path to that executable.

Risk Rating:
============
- Critical

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at
http://www.microsoft.com/technet/security/bulletin/ms03-014.asp
http://www.microsoft.com/security/security_bulletins/ms03-014.asp

for information on obtaining this patch.


- ---------------------------------------------------------------------

Zum Vergrößern anklicken....

April 2003, Cumulative Patch for Outlook Express (330994)
Posted: April 23, 2003

Read This First

The "April 2003, Cumulative Patch for Outlook Express" eliminates all previously
addressed security vulnerabilities affecting Outlook Express, as well as
additional newly discovered vulnerabilities. This update includes the
functionality of all previously released Outlook Express patches. Download now to
help maintain the security of your computer.

For more information about the vulnerabilities this update addresses, read the
associated Microsoft Security Bulletin.

System Requirements
This update applies to Outlook Express with the following operating systems:
- Windows XP SP1 64-bit Edition
- Windows XP SP1
- Windows XP
- Windows 2000 SP3
- Windows NT® 4.0 SP6A
- Windows Millennium Edition (Windows Me)
- Windows 98 SE

How to download and install
- Select your language from the drop-down list at the top of the page.
- Click Go.
- Click the Cumulative Update link for your version of Outlook Express.
- Do one of the following:
- To start the installation immediately, choose Run this program from
its current location (in Internet Explorer 6, click Open).
- To copy the download to your computer for installation at a later time,
click Save this program to disk (in Internet Explorer 6, click Save).
- Click OK.
- Click Yes if asked whether you would like to install and run Q330994.exe.
- How to use
- Restart your computer to complete the installation.

How to uninstall
To remove the download, complete the following steps:
- On the Start menu, point to Settings and then click Control Panel.
(In Windows XP, click Start and then click Control Panel.)
- Double-click Add/Remove Programs.
- In the list of currently installed programs, select Q330994 and then
click Remove or Add/Remove. If a dialog box appears, follow the
instructions to remove the program.
- Click Yes or OK to confirm that you want to remove the program.

Zum Vergrößern anklicken....

Downloads (deutsch) - sucht euch das richtige raus:

Outlook Express 6 Service Pack 1 (1.93 MB)
http://download.microsoft.com/download/f/5/6/f5628ef3-76cd-45e4-966a-e93c43bf8256/q330994.exe

Outlook Express 6 Service Pack 1 for Windows XP SP1 64-bit Edition (3.74 MB
http://download.microsoft.com/download/d/3/6/d363d5eb-0f75-4e1e-b9bf-c15c2cf9bbe1/q330994.exe

Outlook Express 6 for Windows XP (900 KB)
http://download.microsoft.com/download/5/4/0/54004389-93a8-4a66-a4f5-9d8c80166d3f/q330994.exe

Outlook Express 5.5 Service Pack 2 (875 KB)
http://download.microsoft.com/download/c/f/d/cfd2a058-eece-42f7-bf32-c695f53a8832/q330994.exe

- -------------------------------------------------------------------
Title: Cumulative Patch for Internet Explorer (813489)
Date: 23 April 2003
Software: Microsoft (c) Internet Explorer
Impact: Run code of the attacker's choice on a user's machine.
Max Risk: Critical
Bulletin: MS03-015

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/MS03-015.asp
http://www.microsoft.com/security/security_bulletins/ms03-015.asp
- -------------------------------------------------------------------

Issue:
======
This is a cumulative patch that includes the functionality of all
previously released patches for Internet Explorer 5.01, 5.5 and
6.0. In addition, it eliminates the following four newly discovered
vulnerabilities:


- -A buffer overrun vulnerability in URLMON.DLL that occurs because
Internet Explorer does not correctly check the parameters of
information being received from a web server. It could be possible
for an attacker to exploit this vulnerability to run arbitrary code
on a user's system. A user simply visiting an attacker's website
could allow the attacker to exploit the vulnerability without any
other user action.

- -A vulnerability in the Internet Explorer file upload control that
allows input from a script to be passed to the upload control. This
vulnerability could allow an attacker to supply a file name to the
file upload control and automatically upload a file from the user's
system to a web server.

- -A flaw in the way Internet Explorer handles the rendering of third
party files. The vulnerability results because the Internet
Explorer method for rendering third party file types does not
properly check parameters passed to it. An attacker could create a
specially formed URL that would inject script during the rendering
of a third party file format and cause the script to execute in the
security context of the user.

- -A flaw in the way modal dialogs are treated by Internet Explorer
that occurs because an input parameter is not properly checked.
This flaw could allow an attacker to use an injected script to
provide access to files stored on a user's computer. Although a
user who visited the attacker's website could allow the attacker to
exploit the vulnerability without any other user action, an
attacker would have no way to force the user to visit the website.

In addition to eliminating the above vulnerabilities, this patch
also includes a fix for Internet Explorer 6.0 SP1 that corrects the
method by which Internet Explorer displays help information in the
local computer zone. While we are not aware of a method to exploit
this vulnerability by itself, if it were possible to exploit it, it
could allow an attacker to read local files on a visiting user's
system.

This patch also sets the Kill Bit on the Plugin.ocx ActiveX control
which has a security vulnerability. This killbit has been set in
order to ensure that the vulnerable control cannot be reintroduced
onto users' systems and to ensure that users who already have the
vulnerable control on their system are protected. This issue is
discussed further in Microsoft Knowledge Base Article 813489.

Like the previous Internet Explorer cumulative patch released with
bulletin MS03-004, this cumulative patch will cause
window.showHelp( ) to cease to function if you have not applied the
HTML Help update. If you have installed the updated HTML Help
control from Knowledge Base article 811830, you will still be able
to use HTML Help functionality after applying this patch.

Mitigating factors:
====================
There are common mitigating factors across all of the
vulnerabilities:


- -The attacker would have to host a web site that contained a web
page used to exploit the particular vulnerability.

- -By default, Outlook Express 6.0 and Outlook 2002 open HTML mails
in the Restricted Sites Zone. In addition, Outlook 98 and 2000 open
HTML mails in the Restricted Sites Zone if the Outlook Email
Security Update has been installed. Customers who use any of these
products would be at no risk from an e-mail borne attack that
attempted to automatically exploit these vulnerabilities. The
attacker would have no way to force users to visit a malicious web
site. Instead, the attacker would need to lure them there,
typically by getting them to click on a link that would take them
to the attacker's site.

In addition to the common factors, there are a number of individual
mitigating factors:

URLMON.DLL Buffer Overrun:

- -Code that executed on the system would only run under the
privileges of the locally logged in user.

File Upload Control vulnerability:

- -The attacker would have to know the explicit path and name of the
file to be uploaded in advance.

Third Party plug-in rendering:

- -The third party plugin would have to be present on the user's
system in order for it to be exploited

Risk Rating:
============
- Critical

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at

http://www.microsoft.com/technet/security/bulletin/ms03-015.asp
http://www.microsoft.com/security/security_bulletins/ms03-015.asp

for information on obtaining this patch.


- -----------------------------------------------------------------

Zum Vergrößern anklicken....

April 2003, Cumulative Patch for Internet Explorer (813489)
Posted: April 23, 2003

Read This First
The "April 2003, Cumulative Patch for Internet Explorer" eliminates all previously
addressed security vulnerabilities affecting Internet Explorer, as well as
additional newly discovered vulnerabilities. This update includes the
functionality of all previously released Internet Explorer patches. Download now
to help maintain the security of your computer.

For more information about the vulnerabilities this update addresses, read the
associated Microsoft Security Bulletin.

System Requirements
This update applies to Internet Explorer with the following operating systems:
- Windows XP SP1 64-bit Edition
- Windows XP SP1
- Windows XP
- Windows 2000 SP3
- Windows NT® 4.0 SP6A
- Windows Millennium Edition (Windows ME)
- Windows 98 SE

How to download and install
- Select your language from the drop-down list at the top of the page.
- Click Go.
- Click the Security Update link for your version of Internet Explorer.
- Do one of the following:
- To start the installation immediately, choose Run this program from its
current location (in Internet Explorer 6, click Open).
- To copy the download to your computer for installation at a later time,
click Save this program to disk (in Internet Explorer 6, click Save).
- Click OK.
- Click Yes if asked whether you would like to install and run Q813489.exe.
- How to use
- Restart your computer to complete the installation.

How to uninstall
To remove the download, complete the following steps:
- On the Start menu, point to Settings and then click Control Panel.
(In Windows XP, click Start and then click Control Panel.)
- Double-click Add/Remove Programs.
- In the list of currently installed programs, select Q813489 and then
click Remove or Add/Remove. If a dialog box appears, follow the
instructions to remove the program.
- Click Yes or OK to confirm that you want to remove the program.

Zum Vergrößern anklicken....

Downloads (deutsch) - sucht euch bitte das richtige raus

Internet Explorer 6 SP1 (1.97 MB)
http://download.microsoft.com/download/f/5/a/f5a85492-f7a2-4d7f-b1a0-cb9d91a41bd1/q813489.exe

Internet Explorer 6 SP1 for Windows XP SP1 64-bit Edition (3.93 MB)
http://download.microsoft.com/download/3/1/7/31736d1b-d7df-409b-981b-8954d08196c3/q813489.exe

Internet Explorer 6 for Windows XP (2.39 MB)
http://download.microsoft.com/download/9/e/a/9ea8a155-451d-412d-a72f-20c610a0aadf/q813489.exe

Internet Explorer 5.5 SP2 (2.11 MB)
http://download.microsoft.com/download/5/5/c/55cc4858-731c-49b5-abca-921e4b41ba64/q813489.exe

Internet Explorer 5.01 SP3 for Windows 2000 SP3 (1.88 MB)
http://download.microsoft.com/download/b/2/6/b2639428-0fc2-47df-9069-79e6a4d5edf0/q813489.exe

- ----------------------------------------------------------------------
Title: Unchecked Buffer In Windows Component Could Cause

Server Compromise (815021)
Released: 17 Mar 2003
Revised: 23 Apr 2003 (version 2.0)
Software: Microsoft (r) Windows (r) NT 4.0 and Windows 2000
Impact: Run code of attacker's choice
Max Risk: Critical
Bulletin: MS03-007

Microsoft encourages customers to review the Security Bulletin
at: http://www.microsoft.com/technet/security/bulletin/MS03-007.asp
http://www.microsoft.com/security/security_bulletins/ms03-007.asp
- ----------------------------------------------------------------------

Reason for Revision:
====================
Microsoft originally released this security bulletin on March 17,
2003. At that time, Microsoft was aware of a publicly available
exploit that was being used to attack Windows 2000 Servers
running IIS 5.0. The attack vector in this case was WebDAV
although the underlying vulnerability was in a core operating
system component, ntdll.dll. Microsoft issued a patch to protect
Windows 2000 customers shortly afterwards, but also continued to
investigate the underlying vulnerability. Windows NT 4.0 also
contains the underlying vulnerability in ntdll.dll, however it
does not support WebDAV and therefore the known exploit was not
effective against Windows NT 4.0. Microsoft has now released a
patch for Windows NT 4.0.

Issue:
======
Microsoft Windows 2000 supports the World Wide Web Distributed
Authoring and Versioning (WebDAV) protocol. WebDAV, defined in
RFC 2518, is a set of extensions to the Hyper Text Transfer
Protocol (HTTP) that provide a standard for editing and file
management between computers on the Internet. A security
vulnerability is present in a Windows component used by WebDAV
and results because a core operating system component, ntdll.dll,
contains an unchecked buffer.

An attacker could exploit the vulnerability by sending a
specially formed HTTP request to a machine running Internet
Information Server (IIS). The request could cause the server to
fail or to execute code of the attacker's choice. The code would
run in the security context of the IIS service (which, by
default, runs in the LocalSystem context).

Although Microsoft has supplied a patch for this vulnerability
and recommends all affected customers install the patch
immediately, additional tools and preventive measures have been
provided that customers can use to block the exploitation of
this vulnerability while they are assessing the impact and
compatibility of the patch. These temporary workarounds and
tools are discussed in the "Workarounds" section in the FAQ
below.

Mitigating Factors:
====================
- -URLScan, which is a part of the IIS Lockdown Tool will block
this attack in its default configuration.

- -The vulnerability can only be exploited remotely if an attacker
can establish a web session with an affected server.

Risk Rating:
============
- Critical

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at
http://www.microsoft.com/technet/security/bulletin/ms03-007.asp
http://www.microsoft.com/security/security_bulletins/ms03-007.asp
for information on obtaining this patch.


- ---------------------------------------------------------------------

Zum Vergrößern anklicken....

Downloads

NT4
englisch
http://download.microsoft.com/download/9/3/f/93f82d57-0f2f-40ab-9873-f41d0384e5ee/Q815021i.EXE
deutsch
http://download.microsoft.com/download/0/c/0/0c053cd2-535f-42df-9cba-df764735a2a4/DEUq815021i.EXE

NT4 Terminal
englisch
http://download.microsoft.com/download/7/5/5/7558f0aa-0351-40fb-b725-cc52842bded2/Q815021i.EXE
deutsch
http://download.microsoft.com/download/e/a/e/eaedcc25-a42c-4ed2-93e9-34497422193e/DEUq815021i.EXE

Windows 2000
englisch
http://download.microsoft.com/downl...-ae05-09c567c6f5a2/Q815021_W2K_sp4_x86_EN.EXE
deutsch
http://download.microsoft.com/downl...-b6e2-2408d392d347/Q815021_W2K_sp4_x86_DE.EXE

WS-Patch

Hallo Brummelchen,

nach Deiner obigen Anregung möchte ich jetzt auch mal was positives zu diesem Thema
beitragen:

Ich habe gerade bei der PC-Welt einige interessante Berichte zu dem
bereits erwähnten "Bremser-Patch " sowie zu dem neuen (heutigen) Patch für IE und OE und zu
einigen Gratistools die MS (weil ja Frühling ist) kostenlos zur Verfügung stellt.

Ein weiterer Interessanter Artikel findet Ihr hier zum Thema Scansoft und Windows
(PDF-Bearbeitung unter Word).

Viel Spass beim lesen

HarryP


PS: Hoffentlich kommt der "Anti-Bremser-Patch" bald

Microsoft Fun-Packs

Digital Photography and Browsing Fun Pack

Draußen wird es wärmer, die Blumen sprießen und die Vögel zwitschern - der Frühling ist da. Die neue Jahreszeit scheint auch Microsoft zu beflügeln, denn die Redmonder haben passend zur Jahreszeit einige Fun-Pakete für Windows XP geschnürt und bieten sie kostenlos zum Download an.

Mit dem Slogan "Spring into Creativity" lädt Microsoft zum Ausprobieren der Pakete ein. Sie sollen Windows XP aufpeppen und bringen sowohl mehr Farbe auf den Desktop als auch neue Multimedia-Funktionen mit. Mit an Bord sind auch zwei neue Powertoys.

Das "Digital Photography and Browsing Fun Pack" besteht aus zwei Teilanwendungen: den "Digital Photography Tools" und den "Spring Web Favorites".

In den "Digital Photography Tools" (Downloadgröße: 4,4 Megabyte) sind 15 Grußkarten-Vorlagen passend zum Frühjahr enthalten - beispielsweise Vorlagen zum Muttertag, dem Schulabschluss und (US-typisch) der Baseball-Saison. Die Vorlagen können mit Microsofts Picure It! oder jeder anderen Grafiksoftware genutzt werden.

Außerdem befinden sich im Paket noch sechs Vorlagen zum Erstellen einer Photo Story mit der kostenpflichtigen und in Deutschland noch nicht verfügbaren Windows XP Plus! Digital Media Edition.

Mit den "Spring Web Favorites" (Downloadgröße: 1,1 Megabyte) hat Microsoft eine Sammlung von 70 Internet- Links zusammengestellt, die sich alle um frühlingstypische Themen drehen. Der Nutzen für deutsche Anwender hält sich dabei allerdings eher in Grenzen.


Movie Maker 2 Fun Pack

Im "Movie Maker 2 Fun Pack" sind zwei Anwendungen enthalten, die sich Microsofts kostenloser Videobearbeitungssoftware Movie Maker 2 annehmen.

Der erste Teil "Titles and Credits" (Downloadgröße: 7,39 Megabyte) enthält zahlreiche statische Vorlagen zum Erstellen eigener Videos. Außerdem hält das Paket Vorlagen parat, die beim Erstellen eines stimmungsvollen Video-Abspanns helfen sollen.

Neue Soundeffekte für Movie Maker 2 gibt es en masse mit dem "Music and Sound Effects"-Fun-Paket (Downloadgröße: 18,4 Megabyte): drei komplette und stimmungsvolle Songs (etwa feierliche Fanfaren), fünf musikalische Übergänge und insgesamt 50 Soundeffekte (unter anderem Korken knallen, Taubengegurre und Gläser anstoßen).


Media Player 9 Fun Pack

Das Media Player 9 Fun Pack widmet sich dem Multimedia-Player von Microsoft. Auch dieses Paket besteht aus zwei Teilanwendungen, die getrennt heruntergeladen werden können.

Mit dem "Visualizations"-Paket (Downloadgröße: 2,58 Megabyte) wird dem Media Player die neuen "3D Alchemy"-Visualisierungen hinzugefügt. Dabei handelt es sich um die fünf Visualisierungen: "Classic", "Kaleidoscope", "Monoliths", "Strange World" und "WM Museum".

Witzig: In der Visualisierung "WM Museum" wird ein Raum gezeigt, in dem Gemälde hängen, die Screenshots von alten Windows Media Player-Versionen zeigen.

Das zweite Paket trägt den Namen "Blogging Plug-in" (Downloadgröße: 1,19 Megabyte) und richtet sich an Anwender, die sogenannte "Blogs" nutzen, also ihre Gedanken einer breiten Masse im Internet zugänglich machen möchten. Durch das Plug-in werden einem Blog- Eintrag automatisch die Infos des gerade gehörten Liedes hinzugefügt. Drei Blogging-Clients werden bereits unterstützt.


Powertoys Fun

Gleich zwei interessante neue Powertoys bietet Microsoft im Rahmen seiner "Frühlingskampagne" an: das "Wallpaper Changer PowerToy" und das "Video Screen Saver PowerToy".

Mit Hilfe des " Wallpaper Changer PowerToy" (Downloadgröße: 182 Kilobyte) kann das Hintergrundbild auf dem Desktop in regelmäßigen Abständen automatisch geändert werden. Der Anwender legt ein Verzeichnis fest, in dem Bilder enthalten sind, und die jeweilige Zeitspanne, nach der das Hintergrund-Bild geändert werden soll.

Das "Video Screen Saver PowerToy" (Downloadgröße: 410 Kilobyte) erlaubt es dem Anwender, einen Screensaver auszuwählen, der bei der Aktivierung eine festgelegte Video-Datei abspielt. Die Video-Datei darf dabei in jedem von Windows Media Video unterstützten Format vorliegen.


Downloads

Digital Photography and Browsing Fun Pack
Freeware, Windows XP, englisch
http://www.microsoft.com/windowsxp/experiences/downloads/create_photo_ie.asp

Full Fun Pack: Digital Photography and Browsing
creativity_bdpfull.exe, 4.53 MB
http://download.microsoft.com/downl...4A37-BA0B-EBFC36C51870/creativity_bdpfull.exe

Partial Fun Pack 1: Digital Photography Tools
creativity_digitalphotos.exe, 4.45 MB
http://download.microsoft.com/downl...2F5-8BCEC586E7CE/creativity_digitalphotos.exe

Partial Fun Pack 2: Spring Web Favorites
creativity_browsing.exe, 1.11 MB
http://download.microsoft.com/downl...479-A719-01B7CC642D2B/creativity_browsing.exe


Windows Movie Maker 2 Creativity Fun Pack
Freeware, Windows XP, englisch
http://www.microsoft.com/windowsxp/moviemaker/downloads/create.asp

Full Fun Pack: Windows Movie Maker 2 Tools
creativity_mmfull.exe, 24.83 MB
http://download.microsoft.com/downl...-46AC-9918-D55D593C8CBE/creativity_mmfull.exe

Partial Fun Pack 1: Titles and Credits
creativity_mmtitles.exe, 7.39 MB
http://download.microsoft.com/downl...35D-842C-D53D2ADE2C9A/creativity_mmtitles.exe

Partial Fun Pack 2: Music and Sound Effects
creativity_mmaudio.exe, 18.37 MB
http://download.microsoft.com/downl...43B7-86A1-14E033371017/creativity_mmaudio.exe


Windows Media Player 9 Series Fun Pack
Freeware, Windows XP, englisch
http://www.microsoft.com/windowsxp/windowsmediaplayer/downloads/create.asp

Full Fun Pack: Windows Media Player 9 Series Tools
creativity_wmpfull.exe, 2.74 MB
http://download.microsoft.com/downl...43FD-8C27-6B6B1053D4F3/creativity_wmpfull.exe

Partial Fun Pack 1: Visualizations
creativity_wmpviz.exe, 2.58 MB
http://download.microsoft.com/downl...-4195-94C0-E88699EF971C/creativity_wmpviz.exe

Partial Fun Pack 2: Blogging Plug-in
creativity_wmpblogging.exe, 1.19 MB
http://download.microsoft.com/downl...-A378-38C22C89055D/creativity_wmpblogging.exe


Windows XP PowerToys Fun Pack
Freeware, Windows XP, englisch
http://www.microsoft.com/windowsxp/experiences/downloads/create_powertoy.asp

Full Fun Pack: Both PowerToys
PowerToys_Full.exe, 1.62 MB
http://download.microsoft.com/download/3/F/1/3F10EED6-186C-451D-98CE-767B6586B3AD/PowerToys_Full.exe

Partial Fun Pack 1: Wallpaper Changer PowerToy
powertoys_wpchanger.exe, 182 KB
http://download.microsoft.com/downl...4EF-A105-78809D9726D3/powertoys_wpchanger.exe

Partial Fun Pack 2: Video Screen Saver PowerToy
PowerToys_VSS.exe, 410 KB
http://download.microsoft.com/download/9/C/1/9C1D6866-64A6-40C0-ADBB-A2B62D42CA4E/PowerToys_VSS.exe

ScanSoft PDF Converter Plugin für Word
http://www.scansoft.com/pdfconverter/beta/download/
(PIN erforderlich)

Direktlink

Erforderliche Information:
~~~~~~~~~~~~~~
Serial :B309A-K00-001001
~~~~~~~~~~~~~~

MS Kernal-Patch

Man sieht lagsam ein Licht am Ende des Tunnels !!!

MS arbeitet fieberhaft an der Lösung wegen der Performance-Probleme nach dem
Patch vom 16.04.2003.

Genaueres könnt ihr hier nachlesen.

Hier folgt eine kurze Zusammenfassung:

Microsoft arbeitet derzeit fieberhaft an einer Lösung für ein Problem, dass nach der Veröffentlichung eines Kernel-Patches am 16. April aufgetaucht ist. Durch den Fehler wird die Performance von Windows XP beeinträchtig und Anwendungen benötigen teilweise mehrere Sekunden, bevor sie überhaupt starten. Die Redmonder haben den zum Kernel-Patch gehörenden Knowledge-Base-Eintrag daher aktualisiert und die Veröffentlichung eines korrigierten Kernel-Updates angekündigt, sobald dieser fertig gestellt und getestet wurde.

HarryP

Microsoft repariert Patch für Windows Q328310

Erneut hat Microsoft einen älteren Patch überarbeitet. Im Dezember 2002 brachten die Redmonder erstmals einen Flicken heraus, der eine Sicherheitslücke in Windows NT 4.0, Windows 2000 und Windows XP stopfen sollte. Doch der Patch war teilweise fehlerhaft. Im Februar stellte Microsoft deshalb eine überarbeitete Version dieses Patches vor. Und jetzt steht auf dem Redmonder Download-Server wieder eine verbesserte Auflage des Patches bereit.

http://www.pcwelt.de/news/viren_bugs/30806

- ----------------------------------------------------------------------
Title: Flaw in Windows WM_TIMER Message Handling Could
Enable Privilege Elevation (328310)
Released: December 11, 2002
Revised: April 30, 2003 (version 3.0)
Software: Microsoft(r) Windows(r) NT 4.0, Windows 2000, and Windows
XP
Impact: Privilege elevation
Max Risk: Important

Bulletin: MS02-071

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-071.asp
http://www.microsoft.com/security/security_bulletins/ms02-071.asp
- ----------------------------------------------------------------------

Reason for Revision:
====================

Subsequent to the release of this patch Microsoft identified a
problem affected Windows NT 4.0 TSE multi processor systems which
was causing them to fail. The patch should have been installable
on both single and multi processor system and the installer
should have copied the correct binaries onto the system depending
on whether the system was single or multi processor. However an
installer error meant that the correct binaries were not being
copied onto multi processor systems, causing them to fail under
certain scenarios. Microsoft has updated the patch for Windows NT
4.0 TSE to correct this error. It should be noted that this patch
only corrects an installer problem with multi processor Windows
NT 4.0 TSE systems - there is no requirement to re-install the
patch on single processor systems as the installer functions
correctly on those systems.

Issue:
======

Subsequent to the release of this bulletin it was determined that
the patch for Microsoft Windows NT 4.0 machines introduced an
error that could, under certain configurations, cause NT 4.0 to
fail. Microsoft has investigated this issue and has released an
updated patch for Windows NT 4.0. The bulletin has been updated
to include the new download links for the NT 4.0 patch. The error
did not affect NT 4.0 TSE, except for the Japanese Language.
Customers running the Japanese version of NT 4.0 TSE should apply
the updated fix.

Customers who have installed the patch on Microsoft Windows 2000
and Windows XP are unaffected by this error.
Windows messages provide a way for interactive processes to react
to user events (e.g., keystrokes or mouse movements) and
communicate with other interactive processes. One such message,
WM_TIMER, is sent at the expiration of a timer, and can be used
to cause a process to execute a timer callback function. A
security vulnerability results because it's possible for one
process in the interactive desktop to use a WM_TIMER message to
cause another process to execute a callback function at the
address of its choice, even if the second process did not set a
timer. If that second process had higher privileges than the
first, this would provide the first process with a way of
exercising them.

By default, several of the processes running in the interactive
desktop do so with LocalSystem privileges. As a result, an
attacker who had the ability to log onto a system interactively
could potentially run a program that would levy a WM_TIMER
request upon such a process, causing it to take any action the
attacker specified. This would give the attacker complete control
over the system.
In addition to addressing this vulnerability, the patch also
makes changes to several processes that run on the interactive
desktop with high privileges. Although none of these would, in
the absence of the TM_TIMER vulnerability, enable an attacker to
gain privileges on the system, we have included them in the patch
to make the services more robust.

Mitigating Factors:
====================
- -An attacker would need valid logon credentials to exploit the
vulnerability. It could not be exploited remotely.
- -Properly secured servers would be at little risk from this
vulnerability. Standard best practices recommend only allowing
trusted administrators to log onto such systems interactively;
without such privileges, an attacker could not exploit the
vulnerability.

Risk Rating:
============
Important

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at

http://www.microsoft.com/technet/security/bulletin/ms02-071.asp
http://www.microsoft.com/security/security_bulletins/ms02-071.asp

for information on obtaining this patch.

- -----------------------------------------------------------------

Zum Vergrößern anklicken....

Fehler in Windows WM_TIMER-Nachrichtenbehandlung könnte erhöhte Berechtigungen zulassen

Es wurde ein Sicherheitsrisiko erkannt, das es einem Angreifer ermöglichen könnte,
einen Windows-basierten Computer zu gefährden und die vollständige Steuerung des
Computers zu übernehmen.

QuickInfo
Dateiname: Q328310_WXP_SP2_x86_DEU.exe
Downloadgröße: 4046 KB
Veröffentlichungsdatum: 12.12.2002
Version: Q328310

Übersicht
Es wurde ein Sicherheitsrisiko erkannt, das es einem Angreifer ermöglichen könnte,
einen Windows-basierten Computer zu gefährden und die vollständige Steuerung des
Computers zu übernehmen. Zum Durchführen eines Angriffs müsste der Angreifer in der
Lage sein, sich am Computer anzumelden. Mit der Installation dieses Updates von
Microsoft können Sie den Computer besser vor diesem Sicherheitsrisiko schützen.

Systemanforderungen
Unterstützte Betriebssysteme: Windows XP
Windows XP Professional
Windows XP Home Edition

http://download.microsoft.com/downl...b914-2dbc23102d66/Q328310_WXP_SP2_x86_DEU.exe

Systemanforderungen
Unterstützte Betriebssysteme: Windows 2000
Windows 2000 Professional SP2, SP3
Windows 2000 Server SP2, SP3
Windows 2000 Advanced Server SP2, SP3

http://download.microsoft.com/downl...-8517-0fb7d7378b29/Q328310_W2K_SP4_X86_DE.exe

System Requirements
Supported Operating Systems: Windows NT
Windows NT 4.0 Workstation SP6a
Windows NT4.0 Server SP6a
Windows NT4.0 Server Enterprise Edition SP6a

http://download.microsoft.com/download/a/1/7/a179292d-4c69-43e6-9e15-b4582a6e2ec9/DEUQ328310i.EXE

System Requirements
Supported Operating Systems: Windows NT
Windows NT 4.0 Terminal Server Edition

http://download.microsoft.com/download/7/e/0/7e0069f4-201d-42ba-b1ad-3f9fd62a6c5c/DEUQ328310i.EXE

Zum Vergrößern anklicken....

- --------------------------------------------------------------------
Title: Cumulative Patch for BizTalk Server (815206)
Date: 30 April 2003
Software: Microsoft BizTalk Server 2000 & BizTalk Server 2002
Impact: Two vulnerabilities, the most serious of which could
allow an attacker to run code of their choice
Max Risk: Important
Bulletin: MS03-016

Microsoft encourages customers to review the Security Bulletins
at: http://www.microsoft.com/technet/security/bulletin/MS03-016.asp
http://www.microsoft.com/security/security_bulletins/ms03-016.asp
- --------------------------------------------------------------------

Issue:
======

Microsoft BizTalk Server is an Enterprise Integration product
that allows organizations to integrate applications, trading
partners, and business processes. BizTalk is used in intranet
environments to transfer business documents between different
back-end systems as well as extranet environments to exchange
structured messages with trading partners. This patch addresses
two newly reported vulnerabilities in BizTalk Server.

The first vulnerability affects Microsoft BizTalk Server 2002
only. BizTalk Server 2002 provides the ability to exchange
documents using the HTTP format. A buffer overrun exists in the
component used to receive HTTP documents - the HTTP receiver -
and could result in an attacker being able to execute code of
their choice on the BizTalk Server.

The second vulnerability affects both Microsoft BizTalk Server
2000 and BizTalk Server 2002. BizTalk Server provides the ability
for administrators to manage documents via a Document Tracking
and Administration (DTA) web interface. A SQL injection
vulnerability exists in some of the pages used by DTA that could
allow an attacker to send a crafted URL query string to a
legitimate DTA user. If that user were to then navigate to the
URL sent by the attacker, he or she could execute a malicious
embedded SQL statement in the query string.

Mitigating Factors:
====================

HTTP Receiver Buffer Overflow

- -The HTTP Receiver is only present in Microsoft BizTalk Server
2002. BizTalk Server 2000 is not affected by this vulnerability.

- -The HTTP receiver is not enabled by default. HTTP must be
explicitly enabled as a receive transport during the setup of a
BizTalk site.

- -If the vulnerability was exploited to run arbitrary code, the
code would run in the security context of the IIS Server. If the
IIS Server is running under a user account, the attacker's
permissions will be limited to those of this user account.

DTA SQL Injection

- -DTA users by default are not highly privileged SQL users such as
database owners, since they are only required to be members of
"BizTalk Server Report Users" security group in order to use DTA
web interface. In this case, a successful attacker's permissions
on the SQL Server will be restricted.

Risk Rating:
============
Important

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at

http://www.microsoft.com/technet/security/bulletin/ms03-016.asp
http://www.microsoft.com/security/security_bulletins/ms03-016.asp

for information on obtaining this patch.

Acknowledgment:
===============
- Microsoft thanks Cesar Cerrudo for reporting this issue to us
and working with us to protect customers

- --------------------------------------------------------------------

Zum Vergrößern anklicken....

Den Links bitte selber folgen.

- ----------------------------------------------------------------------
Title: Unchecked Buffer In Windows Component Could Cause

Server Compromise (815021)
Released: 17 Mar 2003
Revised: 23 Apr 2003 (version 2.0)
Software: Microsoft (r) Windows (r) NT 4.0 and Windows 2000
Impact: Run code of attacker's choice
Max Risk: Critical
Bulletin: MS03-007

Microsoft encourages customers to review the Security Bulletin
at: http://www.microsoft.com/technet/security/bulletin/MS03-007.asp
http://www.microsoft.com/security/security_bulletins/ms03-007.asp
- ----------------------------------------------------------------------

Reason for Revision:
====================
Microsoft originally released this security bulletin on March 17,
2003. At that time, Microsoft was aware of a publicly available
exploit that was being used to attack Windows 2000 Servers
running IIS 5.0. The attack vector in this case was WebDAV
although the underlying vulnerability was in a core operating
system component, ntdll.dll. Microsoft issued a patch to protect
Windows 2000 customers shortly afterwards, but also continued to
investigate the underlying vulnerability. Windows NT 4.0 also
contains the underlying vulnerability in ntdll.dll, however it
does not support WebDAV and therefore the known exploit was not
effective against Windows NT 4.0. Microsoft has now released a
patch for Windows NT 4.0.

Issue:
======
Microsoft Windows 2000 supports the World Wide Web Distributed
Authoring and Versioning (WebDAV) protocol. WebDAV, defined in
RFC 2518, is a set of extensions to the Hyper Text Transfer
Protocol (HTTP) that provide a standard for editing and file
management between computers on the Internet. A security
vulnerability is present in a Windows component used by WebDAV
and results because a core operating system component, ntdll.dll,
contains an unchecked buffer.

An attacker could exploit the vulnerability by sending a
specially formed HTTP request to a machine running Internet
Information Server (IIS). The request could cause the server to
fail or to execute code of the attacker's choice. The code would
run in the security context of the IIS service (which, by
default, runs in the LocalSystem context).

Although Microsoft has supplied a patch for this vulnerability
and recommends all affected customers install the patch
immediately, additional tools and preventive measures have been
provided that customers can use to block the exploitation of
this vulnerability while they are assessing the impact and
compatibility of the patch. These temporary workarounds and
tools are discussed in the "Workarounds" section in the FAQ
below.

Mitigating Factors:
====================
- -URLScan, which is a part of the IIS Lockdown Tool will block
this attack in its default configuration.

- -The vulnerability can only be exploited remotely if an attacker
can establish a web session with an affected server.

Risk Rating:
============
- Critical

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at
http://www.microsoft.com/technet/security/bulletin/ms03-007.asp
http://www.microsoft.com/security/security_bulletins/ms03-007.asp
for information on obtaining this patch.


- ---------------------------------------------------------------------

Zum Vergrößern anklicken....

Windows 2000-Sicherheitspatch: IIS-Remoteangriff durch Sicherheitslücke in ntdll.dll
Deutsch
http://download.microsoft.com/downl...-b6e2-2408d392d347/Q815021_W2K_sp4_x86_DE.EXE

Windows NT 4.0 Security Patch: IIS Remote Exploit from ntdll.dll Vulnerability
Deutsch
http://download.microsoft.com/download/0/c/0/0c053cd2-535f-42df-9cba-df764735a2a4/DEUq815021i.EXE

Windows NT 4.0 Terminal Server Edition Security Patch: IIS Remote Exploit from ntdll.dll Vulnerability
Deutsch
http://download.microsoft.com/download/e/a/e/eaedcc25-a42c-4ed2-93e9-34497422193e/DEUq815021i.EXE

Windows XP (r) Setup-Disketten Service Pack 1a

WinXP Pro:
Infos
http://www.microsoft.com/downloads/...FamilyID=bbe82a74-76af-4c21-b853-d9f07cbfa559
Download (4316 KB)
http://download.microsoft.com/downl...b7a-b7a2-32db731b8cf2/WinXPSP1a_DE_PRO_BF.exe

WinXP Home:
Infos
http://www.microsoft.com/downloads/...FamilyID=33a21833-7773-4f59-bd90-63cacb89ac4e
Download (4316 KB)
http://download.microsoft.com/downl...50f-b7a2-dce778bd4ef1/WinXPSP1a_DE_HOM_BF.exe

http://www.golem.de/0305/25396.html

Sicherheitslücke erlaubt einem Angreifer Ausführung von Programmcode


Wie Microsoft in einem aktuellen Security Bulletin berichtet, steckt eine vom Hersteller als kritisch eingestufte Sicherheitslücke im Windows Media Player der Versionen 7.1 und 8.0. Ein Angreifer erhält so die Möglichkeit, Programmcode auf dem System eines anderen Nutzers auszuführen.

Das Sicherheitsleck im Windows Media Player 7.1 und 8.0 steckt in den Programmkomponenten zur Skin-Verwaltung. Beim Download von Skins kann ein Angreifer die Sicherheitslücke missbrauchen, um als Skin-Datei getarnten Programmcode auf das System eines anderen Nutzers zu laden. Dazu braucht das Opfer lediglich eine Webseite zu besuchen oder den Link in einer E-Mail zu öffnen. Der Angreifer muss folglich eine entsprechend präparierte Webseite betreiben. Gelingt dies, kann der Angreifer einen beliebigen, ausführbaren Code auf dem System ablegen und mit den Rechten des angemeldeten Nutzers ausführen.

Verwendet man Outlook Express 6.0 und Outlook 2002 nicht in der Standard-Konfiguration sowie Outlook 98 oder 2000 ohne das rund zwei Jahre alte E-Mail-Security-Update, wird eine URL in einer HTML-Mail automatisch geöffnet. Der Anwender muss also nicht erst auf eine URL E-Mail klicken. Wurde das E-Mail-Security-Update für Outlook 98 respektive 2000 installiert und läuft Outlook Express 6.0 und Outlook 2002 mit der Standard-Konfiguration, wird ein Angriff erst durch das manuelle Öffnen der URL ausgelöst.

Microsoft bietet entsprechende Patches zur Stopfung dieser Sicherheitslücke in getrennten Versionen für den Windows Media Player 7.1 und den Windows Media Player 8.0 an. Der aktuelle Windows Media Player 9.0 kennt dieses Sicherheitsproblem laut Herstellerangaben nicht.

Zum Vergrößern anklicken....

- --------------------------------------------------------------------
Title: Flaw in Windows Media Player Skins Downloading
could allow Code Execution (817787)
Date: 07 May 2003
Software: Microsoft Windows Media Player 7.1
Microsoft Windows Media Player for Windows XP
(Version 8.0)
Impact: Arbitrary code execution
Max Risk: Critical
Bulletin: MS03-017

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/MS03-017.asp
http://www.microsoft.com/security/security_bulletins/ms03-017.asp
- --------------------------------------------------------------------

Issue:
======
Microsoft Windows Media Player provides functionality to change the
overall appearance of the player itself through the use of "skins".
Skins are custom overlays that consist of collections of one or
more files of computer art, organized by an XML file. The XML file
tells Windows Media Player how to use these files to display a skin
as the user interface. In this manner, the user can choose from a
variety of standard skins, each one providing an additional visual
experience. Windows Media Player comes with several skins to choose
from, but it is relatively easy to create and distribute custom
skins.

A flaw exists in the way Windows Media Player 7.1 and Windows
Media Player for Windows XP handle the download of skin files.
The flaw means that an attacker could force a file masquerading
as a skin file into a known location on a user's machine.
This could allow an attacker to place a malicious executable
on the system.

In order to exploit this flaw, an attacker would have to host a
malicious web site that contained a web page designed to exploit
this particular vulnerability and then persuade a user to visit
that site - an attacker would have no way to force a user to the
site. An attacker could also embed the link in an HTML e-mail and
send it to the user.

In the case of an e-mail borne attack, if the user was using
Outlook Express 6.0 or Outlook 2002 in their default
configurations, or Outlook 98 or 2000 in conjunction with the
Outlook Email Security Update, then an attack could not be
automated and the user would still need to click on a URL sent
in the e-mail. However if the user was not using Outlook Express
6.0 or Outlook 2002 in their default configurations, or Outlook
98 or 2000 in conjunction with the Outlook Email Security Update,
the attacker could cause an attack that could both place, then
launch the malicious executable without the user having to click
on a URL contained in an e-mail.

The attacker's code would run with the same privileges as the
user: any restrictions on the user's ability to change the system
would apply to the attacker's code.

Mitigating Factors:
====================
- Windows Media Player 9 Series is not affected by this issue.

- By default, Outlook Express 6.0 and Outlook 2002 open HTML
mails in the Restricted Sites Zone. In addition, Outlook 98
and 2000 open HTML mails in the Restricted Sites Zone if the
Outlook Email Security Update, has been installed. Customers
who use any of these products would be at no risk from an
e-mail borne attack that attempted to automatically exploit
these vulnerabilities.

- The attacker would have no way to force users to visit a
malicious web site. Instead, the attacker would need to
lure them there, typically by getting them to click on a
link that would take them to the attacker's site.

Risk Rating:
============
- Critical

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at
http://www.microsoft.com/technet/security/bulletin/ms03-017.asp
http://www.microsoft.com/security/security_bulletins/ms03-017.asp

for information on obtaining this patch.

Acknowledgment:
===============
- Microsoft thanks Jouko Pynnonen of Oy Online Solutions Ltd,
Finland and Jelmer for reporting this issue to us and working
with us to protect customers.

- --------------------------------------------------------------------

Zum Vergrößern anklicken....

Microsoft Windows Media Player 7.1:
http://download.microsoft.com/downl...8f2663107/WindowsMedia71-KB817787-x86-DEU.exe

Microsoft Windows Media Player for Windows XP (Version 8.0):
http://download.microsoft.com/downl...8d7b4aa3ee/WindowsMedia8-KB817787-x86-DEU.exe

.

Neuer Patch für Windows 2000/XP - Q812415

Microsoft hat heute einen neuen Patch für Windows 2000 und XP veröffentlicht. Dieser behebt ein Problem, welches auftritt, wenn mehrere ATA-Laufwerke in einem System eingebaut sind. Möchte Windows auf einem solchen System in den S1 Energiestatus wechseln, so kann entweder eine Fehlermeldung erscheinen, nach dem Fortfahren werden die ATA-Laufwerke nicht mehr erkannt oder der PC hängt sich auf.

# Q812415 W2K SP4 X86 DE.exe (Windows 2000, Deutsch, 274 KB)

# Q812415 WXP SP2 x86 DEU.exe (Windows XP, Deutsch, 388 KB)

# Q812415 WXP SP2 ia64 DEU.exe (Windows XP 64Bit Edition, Deutsch, 601 KB)

# Knowledge Base Eintrag




Ps.: Nun sind sie aber richtig !

Still und leise: Update für den Internet Explorer 6

Microsoft hat still und leise ein Update für den Internet Explorer 6 (mit Service Pack 1) veröffentlicht. Der 467Kb große Patch ist für alle Windows Systeme erschienen und behebt ein Problem bei der darstellung von VML (Vector Markup Language) Dokumenten. VML dient zur darstellung von Vektor-Grafiken.

Download: q814039.exe (467Kb, deutsch, WindowsXP)
Download: q814039.exe (1117Kb, deutsch, Win98, Me, WinNT4 und Win2k)
Link: Knowledge Base Eintrag