Lonestar Home
Search Lonestar
Webmail
Texas.Net (Business)
Contact Info
Account Info
Change Password
Add Popmail
Spam Filter
Internet Alerts
Helpdesk
E-mail Support
Disclaimers
Internet Basics
Links
Virus Alerts
Security Alerts
Hoax Alerts
Spam Email
General Settings
Windows Setup
Macintosh Setup
Other OS Setup
Internet Software
Email Setup
Usenet News Setup
Web Page Setup
Modem Tips
Trouble Ticket
Billing Ticket
Terms &
Conditions
Acceptable Use
Privacy Policy
Legal Text
English Text
World-Wide Web
E-mail
USENET News
FTP
Staff Picks
Games
Windows 98
Macintosh
Kids' Links
Security Information
Here are a list of recent security issues that may affect you. More information can be found at Microsoft and at CERT.Important: Use the MBSA Tool to scan your computer for security misconfigurations, vulnerabilities, and missing hot fixes. Scan your computer to find Windows Updates or Office Updates you need.
| Security Issue | Description |
| MS04-014 | A
buffer overrun vulnerability exists in the Microsoft Jet Database
Engine (Jet) that could allow remote code execution. An attacker who
successfully exploited this vulnerability could take complete control
of an affected system, including installing programs; viewing, changing,
or deleting data; or creating new accounts that have full privileges.
Microsoft recommends that customers
install the update at the earliest opportunity. |
| MS04-013 | This is a cumulative
update that includes the functionality of all the previously-released
updates for Outlook Express 5.5 and Outlook Express 6. Additionally,
it eliminates a new vulnerability that could allow an attacker who
successfully exploited this vulnerability to access files and to take
complete control of the affected system. This could occur even if
Outlook Express is not used as the default e-mail reader on the system.
Microsoft recommends that customers
install this update immediately. |
| MS04-012 | This
update resolves several newly-discovered vulnerabilities in RPC/DCOM.
Each vulnerability is documented in this bulletin in its own section.
An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of the affected system. An attacker could then take any action on the affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. Microsoft recommends customers apply the update immediately. |
| MS04-011 |
This update resolves several newly-discovered vulnerabilities. Each vulnerability is documented in this bulletin in its own section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. Microsoft recommends that customers apply the update immediately. |
| MS04-005 |
A security vulnerability exists in Microsoft Virtual PC for Mac. The
vulnerability exists because of the method by which Virtual PC for
Mac creates a temporary file when you run Virtual PC for Mac. An attacker
could exploit this vulnerability by inserting malicious code into
the file which could cause the code to be run with system privileges.
This could give the attacker complete control over the system.
To exploit this vulnerability, an attacker would have to already
have a valid logon account on the local system, or the attacker
would already have to have access to a valid logon account. |
| MS04-004 | Some Internet
Explorer 6.0 Service Pack 1 users may receive an error while attempting
to access SSL secured Web Sites. This error will present itself as
a HTTP 500 (Internal Server Error) and only occurs when accessing
web servers using SSL/TLS 3.0 with a specific configuration. An update
for this issue is available, please see Knowledge Base article 831167.
This update will be included in future Cumulative Security Updates
for Internet Explorer 6.0 Service Pack 1. Also, this Security Update
will invalidate the usernames and passwords stored in Internet Explorer’s
protected store. This will require users to re-enter their username
and password when they first visit web sites that require authentication. |
| MS03-051 | Subsequent to the release of this bulletin, it was determined that the vulnerability addressed also affects other versions of the affected products and components. Microsoft has updated the bulletin with additional information about Windows XP 64-Bit Edition and Office 2000 Server Extensions and also to direct users to an update for these additional affected platforms. |
| MS03-049 | A security
vulnerability exists in the Workstation service that could allow remote
code execution on an affected system. This vulnerability results because
of an unchecked buffer in the Workstation service.
If exploited, an attacker could gain System privileges on an affected
system, or could cause the Workstation service to fail. An attacker
could take any action on the system, including installing programs,
viewing data, changing data, or deleting data, or creating new accounts
with full privileges. |
| MS03-048 |
This is a cumulative update that includes the functionality of all
the previously-released updates for Internet Explorer 5.01, Internet
Explorer 5.5, and Internet Explorer 6.0. |
| MS03-045 | Microsoft
re-issued this bulletin on Janurary 13, 2004 to advise on the availability
of an updated Windows NT 4.0 Workstation and Server patch for the
Arabic, Hebrew, and Thai languages. |
| MS03-044 |
A security vulnerability exists in the Help and Support Center function
which ships with Windows XP and Windows Server 2003. The affected
code is also included in all other supported Windows operating systems,
although no known attack vector has been identified at this time because
the HCP protocol is not supported on those platforms. The vulnerability
results because a file associated with the HCP protocol contains an
unchecked buffer. |
| MS03-043 | Windows NT
4.0 Client Computers may have network-related problems after installing
this security update. Microsoft encourages customers to review the
details of Microsoft Knowledge Base Article http://support.microsoft.com/?kbid=831579 |
| MS03-042 |
Microsoft re-issued this bulletin on October 29, 2003 to advise on
the availability of an updated Windows 2000 patch. This revised patch
corrects the Debug Programs (SeDebugPrivilege) user right issue that
some customers experienced with the original patch that is discussed
in Knowledge Base Article 830846. This problem is unrelated to the
security vulnerability discussed in this bulletin. If you have previously
applied this security patch, this update does not need to be installed.
|
| MS03-041 | There is
a vulnerability in Authenticode that, under certain low memory conditions,
could allow an ActiveX control to download and install without presenting
the user with an approval dialog. |
| MS03-040 |
This is a cumulative patch that includes the functionality of all
previously released patches for Internet Explorer 5.01, 5.5 and 6.0.
Patch: here |
|
Unchecked Buffer in MDAC Function Could Enable System Compromise (823718) Affected Software: Microsoft Windows Patch: here |
|
| MS03-039 |
Buffer Overrun In RPCSS Service Could Allow Code Execution (824146) This is Microsoft's expanded bulletin on the RPC code execution vulnerability bulletin MS03-026. Microsoft announced yesterday that there are now two known RPC vulnerabilities and a Denial of Service vulnerability all covered in MS03-039. This means that all prior patches for the Blaster Worm and for the MS03-026 vulnerabilities are in essence, inadequate. Microsoft has released new patches here. Note: Texas.net customers affected by this vulnerability are usually running Windows 2000 or Windows XP (not the 64 bit edition). There may be a few customers running Windows NT. Please do not get confused by the 64 bit and server versions of the patch. |
| MS03-033 |
Unchecked Buffer in MDAC Function Could Enable System Compromise
(823718) Affected Software: Microsoft Windows Patch: here |
| MS03-032 |
Cumulative Patch for Internet Explorer (822925) Affected Software: Internet Explorer 5.0.1-6.0 Patch: here |
| MS03-030: |
Unchecked Buffer in DirectX Could Enbale System Compromise (819696) Affected Software: Microsoft DirectX 5.2 (Win 98), 6.1 (Win 98 SE), 7.0a (Win ME), 7.0 (Win 2K), 8.1 (Win XP), 9.0a (Win ME, 2K, XP) Patch: Win 2K, Win XP, Upgrade to 9.0b for Win 98, Win 98 SE, Win ME |
| MS03-027: |
Unchecked Buffer in Windows Shell Could Enable System Compromise (821557) Affected Software: Windows XP Patch: here |
| MS03-026: |
Buffer Overrun In RPC Interface Could Allow Code Execution (823980) Affected Software: Windows XP, Windows 2000 Patch: Windows XP, Windows 2000 |
| MS03-025: |
Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679) Affected Software: Windows 2000 Patch: here |
| MS03-024: |
Buffer Overrun in Windows COuld Lead to Data Corruption (817606) Affected Software: Windows 2000, Windows XP Patch: Windows XP, Windows 2000 |
| MS03-023: |
Buffer Overrun in HTML Converter Could Allow Code Execution (823559) Affected Software: Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP Patch: Win 98, Win 98SE, Win ME, Win 2k, Win XP. Once the patch is downloaded and installed, please visit the Cert advisory page for more information how to disable paste operations via script and active scripting. |
| MS03-022: |
Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (822343) Affected Software: Windows 2000 Patch: here |
| MS03-021 |
Flaw In Windows Media Player May Allow Media Library Access (819639) Affected Software: Windows Media Player 9 Series Patch: here |
| MS03-020: |
Cumulative Patch for Internet Explorer (818529) Affected Software: Internet Explorer 5.0.1, 5.5, 6.0 Patch: here |
| MS03-019: |
Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (817772) Affected Software: Windows 2000 Patch: here |
Last Update: Date: 2003/10/17 17:40:42 $