FRISK Software International

News from FRISK Software International > Security Alert > Microsoft reports the discovery of serious Windows vulnerabilities

Microsoft reports the discovery of serious Windows vulnerabilities

14 April 2004

Microsoft's monthly security bulletins for April report the discovery of a number of Windows vulnerabilities. The most serious of these could allow for remote code execution on unpatched machines and the potential for large-scale attacks.

Microsoft Security Bulletin MS04-011 reports the release of a patch against fourteen Windows vulnerabilities (KB835732). The most dangerous of these is of particular concern to Windows 2000 and Windows XP users and could allow for remote execution of arbitrary code on unpatched systems. These vulnerabilities pose a considerable threat to system security and all users are urged to apply this patch immediately. This update has been rated "critical" by Microsoft.

Microsoft Security Bulletin MS04-012 reports the release of a patch against four vulnerabilities. These include a serious RPC/DCOM vulnerability that could allow a worm to infect systems directly from the Internet through vulnerable ports (KB828741). An attacker could then gain complete control of an infected system. A similar vulnerability was exploited by the Msblast worms in the large-scale outbreak of August 2003. This update supersedes MS03-039 and has been rated "critical" by Microsoft.

Microsoft Security Bulletin MS04-013 reports the release of a patch against a serious vulnerability affecting Microsoft Outlook Express (KB837009). This vulnerability could allow a worm to infect a user's system when a URL link received in an e-mail is followed. This update has been rated "critical" by Microsoft.

Microsoft has also released Microsoft Security Bulletin MS04-014 reporting the release of a patch against a vulnerability in the Microsoft Jet Database Engine (KB837001). This update has been rated "important" by Microsoft.

A summary of these security bulletins can be found here and an end-user version of the summary here.

Important:
We recommend that users patch their systems by downloading and installing critical Microsoft updates as soon as possible.

Users are also encouraged to update their antivirus software daily and to install a firewall on their computers, if they have not done so already. For more information on firewalls, please read Microsoft's tutorial on how to protect your PC.

  1. Go to the Windows Update page.



  2. Click on "Scan for updates" and wait while your computer scans for updates.
  3. Once critical updates have been found click on "Review and install updates"
  4. Make sure that correct security updates are on the list of selected updates.
  5. Click on the "Install Now" button.
  6. Review the Terms and Conditions and select "Accept" to proceed.
  7. Windows will now install the appropriate updates.

Microsoft has also released a fix to Microsoft Security Bulletin MS04-004 (KB832894). In some case users may begin to receive errors when connecting to websites after applying the KB832894 security update to Internet Explorer. The fix has been released as Microsoft Knowledge Base Article 831167.

Detailed information on these vulnerabilities and the corresponding patches can be found in the following Knowledge Base Articles:

Further information on these vulnerabilities can be found in US-CERT Technical Cyber Security Alert TA04-104A.

FRISK Software International is a leading developer of anti virus software and anti spam filtering services. FRISK Software International's anti virus computer software, F-PROT Antivirus, is available for a number of operating systems such as Windows, Linux, BSD, Solaris, and AIX as well as the Microsoft Exchange groupware. The company also offers F-PROT AVES, the anti spam and anti virus filtering service.

 
News
2 February 2010
F-PROT Antivirus Achieves a VB100 Award
F-PROT Antivirus for Unix achieves a VB100 award in the February 2010 issue of Virus Bulletin

Security Alerts
11 July 2007
Security Bulletins for July 2007
Microsoft releases six patches this month, three of which are deemed critical

RSS News Feeds
Virus news and information directly to your desktop.
more...


agoat@klaki.net argentina@f-prot.com argentina@frisk.is argentina@complex.is argentina@f-prot.is argentina@frisk-software.com argentina@f-prot.net argentina@f-prot.co.uk brazil@f-prot.com brazil@frisk.is brazil@complex.is brazil@f-prot.is brazil@frisk-software.com brazil@f-prot.net brazil@f-prot.co.uk malta@f-prot.com malta@frisk.is malta@complex.is malta@f-prot.is malta@frisk-software.com malta@f-prot.net malta@f-prot.co.uk a.bjani@f-prot.com a.bjani@frisk.is a.bjani@complex.is a.bjani@f-prot.is a.bjani@f-prot.co.uk a.bjani@frisk-software.com a.bjani@f-prot.net z.fifl@f-prot.com z.fifl@frisk.is z.fifl@complex.is z.fifl@f-prot.is z.fifl@f-prot.co.uk z.fifl@frisk-software.com z.fifl@f-prot.net strumpuri@complex.is strumpure@complex.is strumpuru@complex.is 00a@eircom.net 0maaahonyy@eircom.net 950@eircom.net af@eircom.net am@eircom.net ar@eircom.net as@eircom.net b1@eircom.net boss3@eircom.net ceih@eircom.net cera@eircom.net chxe@eircom.net cs@eircom.net cydw@eircom.net d71@eircom.net dpfy@eircom.net dzuv@eircom.net ehpa@eircom.net epin@eircom.net f1@eircom.net fa@eircom.net fdld@eircom.net fdnv@eircom.net gacg@eircom.net gafj@eircom.net gc@eircom.net gz@eircom.net ha@eircom.net he@eircom.net ia@eircom.net ja@eircom.net k2@eircom.net lleahy6@eircom.net m1@eircom.net no@eircom.net pb@eircom.net qq@eircom.net r6oo@eircom.net ra@eircom.net s2@eircom.net t2@eircom.net ua@eircom.net va@eircom.net vb@eircom.net w2@eircom.net ww2@eircom.net xxxkiss@eircom.net y1@eircom.net ya@eircom.net zz@eircom.net