some Microsoft security stuff - - Back Home
Search MS Knowledgebase Often have to put a Q in front of the number02.16.05 - Validation (if you download something) does not actually get you anything at this point. Dude! 02.17.04 Critical patch for all versions of NT/2000/XP - Microsoft Security Bulletin MS04-007
The KB828028 update is also available via windows update ( I checked today )
A nice discussion on port 445 and windows file sharing by Arne Vidstrom
12.06.03 - some privacy links and links about the windows GUID
whatis.com on GUID
MSDN on GUID - techies only
Wilders idblaster - Changes GUID
Junkbusters on cookies
Junkbusters browser scan
Privacy.net -has advanced browser scan
10.20.03 Microsoft IE critical update 828750 Oct 2003 10.04.03 Now its KB824146 another rpc issue 09.20.03 Cut From Brian's Buzz newsletter: bulletin MS03-032 and Knowledge Base article 822925. Microsoft acknowledged that the patch does not successfully close one of the serious flaws that it was intended to correct. The security hole that still exists after the installation of the MS03-032 patch is critical because a PC can be taken over by a hacker if the PC user merely views a malicious e-mail or Web page. As eEye describes it in an alert Until Microsoft has an updated patch available, you can disable ActiveX content in IE to guard against hackers taking over your PCs. One way to do this in IE involves clicking Tools, Internet Options, Security, then selecting the Internet Zone, clicking the Custom Level button, and disabling ActiveX. ANYONE MAY SUBSCRIBE FREE to Brian's Buzz on Windows by visiting http://BriansBuzz.com09.19.03 - another Win NT/XP/server RPC patch is issued 9.10.03 read about it Here
08.01.03 XP automatic update showed only two patches - 816093 and 331953 - maybe something caused the auto setting to fail as this computer got moved to another network. additional outstanding patchs - Cumulative pack for IE6, Outlook6 security update , SP1, 818529, 330994, 821557, 815021, 811493, 823980, 823559, 819696, 817606, 817787, 814078, .net sp2. - Well it still don't show SP1 or the .net SP2 but all the rest appear.
Turns out the problem was that the XP machine was configured in IE to use a proxy server on the Corporate network. It has since been moved to a remote division location with a different network. Once the proxy entrys were disabled ( IE-->Tools-->Internet 0ptions-->Connections-->Lan Settings) and automatic update turned off and on again (control panel -->System--> Automatic updates) The list pulled all the security patches - the list is initiated by http, which was pointed at the proxy by the IE setting.
07.16.03 OK....a flurry of security patchs Patch 823980 applys to all versions of NT (NT4 XP 2000 2003 ) and fixes another RPC issue.
Details Here and here: Computer world on RPC issueAll versions of windows are effected by update 823559, it patches a HTML conversion issue that can be exploited by a malicious web site when the user visits the web site, it 'could exploit the vulnerability without any other user action' click here for details most users should use windows update to get this patch. Computer world writeup here
07.03.03 Some users of Windows XP experienced performance problems after updating to Service pack 1 (SP1) it appears to be related to real time virus scanners and security patch 811493, Microsoft has revised it, the Knowledgebase article is 819634
06.13.03 User name leak - Microsoft Internet Explorer %USERPROFILE% Folder Disclosure Vulnerability neohapsis writeup with exploit code This link is to Microsoft's technet bulletin on the June IE problems
06.12.03 A virus called W32.Bugbear.B@mm is spreading via email attachments ending in .exe, .scr or .pif Anti-virus definitions should be 6.5.03 or newer. Microsoft Outlook Express and Internet Explorer are vulnerable to automatically running the attachement if not updated since May 2001
06.04.03 818529
04.28.03 More IE and Outlook problems Outlook FAQ and patch: http://www.microsoft.com/technet/security/bulletin/MS03-014.asp IE FAQ and patch: http://www.microsoft.com/technet/security/bulletin/MS03-015.asp
04.24.04 Check out the Center for Internet security they have a security scanner tool for Windows NT and 2000, it uses the HfNetChk tool
04.23.03 330994
04.18.03 Time to update the Microsoft VM again, a new java applet vulnerability is found, a malicious Java applet in a Web page could be delivered via email or a link in a email lead you there. In this age of SPAM, such things are possible. Tech details here: Microsoft Knowledge Base Article - 816093
03.26.03 - NT 4 has unpatchable denial of service problem read Microsoft tech note: RPC endmapper flaw RPC is used by networks to remotely manage services and distributed applications. solution is to block the port 135 with a firewall or turn off the service. Links to patches for Win2000 and XP are in the security bulletin as well. Web browser script issue 814078
03.03.03 - Windows ME users better head to http://windowsupdate.microsoft.com It is possible for attackers to construct a malicious URL that will, when opened by Internet Explorer, execute arbitrary code on the system of the user running the browser read about it in Microsoft Security Bulletin MS03-006 Unpatched XP is also vulnerable.
02.20.03 - Microsoft releases consolidated anti slammer tools
01.31.03 - SQL Slammer - hit a lot of systems, anything with MSDE 2000, a lightweight version of SQL Server installed as part of many applications from Microsoft (e.g. Viseo) was vulnerable. Here is a in-depth analysis by Robert Graham
12.31.02 Microsoft Security Bulletin MS02-069 Flaw in Microsoft VM Could Enable System Compromise (810030) December 11, 2002
I have been interested in Microsoft security issues due to the great number of PC's that run MS software. The Microsoft approach to security over the years has been confusing at best, I have found Windows update
to be a good solution for the home user. However, the recent change to Windows update recommends more then you need plus the automatic critical update program which will UPDATE ITSELF when you are connected to the internet and there are updates available. This feature could be scary. Another problem is that it is not clear what a update did in regards to the specific patches listed in all the bug and virus documentation.For example, lately the Winevar Worm is in the news, Its payload is the Funlove virus and the worm exploits a vulnerability patched in 1999. Microsoft suggests checking for the patch name on the IE help-->About Internet Explorer screen, yet if you upgraded your browser to 5.5 sp2 and kept it patched, that information is lost. What you see are more recent patch listings. To be absolutely sure you can check the version of the Virtual Memory manager (VM), this is the Microsoft procedure for doing that. Note that the patch is via windows update.
12.14.02 - Latest info on Microsoft security patch for IE Microsoft Security Bulletin MS02-068 Note that the patch number - Q324929 is lower then the November patch number Q328970
12.11.02 - Do you use hotmail? Did ya ever get irritated that after locking down IE, you can't log in, so you open it back up and get those X10 popup adds?. It is possible to avoid this by adding the hotmail URL to the trusted sites in the IE security settings. The latest is http://sea1fd.sea1.hotmail.msn.com
12.09.02 - The Microsoft MDAC issue is a bigger deal then I thought although it does not effect XP Here is Brian Livingston's view on it, he is a Windows guru who writes for Info World
- A VM issue dated Sept 18 ,2002, "All builds of the Microsoft VM up to and including build 5.0.3805 are affected by these vulnerabilities" they say in Microsoft Security Bulletin MS02-052 patch Q329077
Microsoft Security Links
- Windows update
Flaw in Microsoft VM JDBC Classes Could Allow Code Execution (Q329077) Originally posted: September 18, 2002
Cumulative Patch for Internet Explorer (324929) Originally posted: December 04, 2002
Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172) Originally posted: August 28, 2002
IIS Lockdown Tool (version 2.1)
HFNetChk is a command-line tool that enables an administrator to check the patch status of all the machines in a network
Unpatched IE security holes