The Active Network

DirectX

ActiveMac

Downloads

Forums

Interviews

News

MS Games & Hardware

Reviews

Support Center

Windows 2000

Windows Me

Windows Server 2003

Windows Vista

Windows XP

News Centers

Windows/Microsoft

DVD

Apple/Mac

Xbox

News Search

ActiveXBox

Xbox News

Box Shots

Inside The Xbox

Released Titles

Announced Titles

Screenshots/Videos

History Of The Xbox

Links

Forum

FAQ

Windows XP

Introduction

System Requirements

Home Features

Pro Features

Upgrade Checklists

History

FAQ

Links

TopTechTips

FAQ's

Windows Vista

Windows 98/98 SE

Windows 2000

Windows Me

Windows Server 2002

Windows "Whistler" XP

Windows CE

Internet Explorer 6

Internet Explorer 5

Xbox

Xbox 360

DirectX

DVD's

TopTechTips

Registry Tips

Windows 95/98

Windows 2000

Internet Explorer 5

Program Tips

Easter Eggs

Hardware

DVD

ActiveDVD

DVD News

DVD Forum

Glossary

Tips

Articles

Reviews

News Archive

Links

Drivers

Latest Reviews

Xbox/Games

Fallout 3

Applications

Windows Server 2008 R2

Windows 7

Hardware

iPod Touch 32GB

Latest Interviews

Steve Ballmer

Jim Allchin

Site News/Info

About This Site

Affiliates

Contact Us

Default Home Page

Link To Us

Links

News Archive

Site Search

Awards

Credits
©1997-2012, Active Network, Inc. All Rights Reserved.
Please click here for full terms of use and restrictions or read our Light Tower Privacy Statement.

Amazon.com

Microsoft Security Bulletins

 

Microsoft Security Bulletin (MS00-005)

Patch Available for "Malformed RTF Control Word" Vulnerability

Date: January 17, 2000

Summary
Microsoft has released a patch that eliminates a security vulnerability in the Rich Text Format (RTF) reader that ships as part of Microsoft(r) Windows(r) 95 and 98, and Windows NT(r) 4.0. Under certain conditions, the vulnerability could be used to cause email programs to crash.

Frequently asked questions regarding this vulnerability can be found at http://www.microsoft.com/security/bulletins/MS00-005faq.asp.

Issue
RTF files consist of text and control information. The control information is specified via directives called control words. The default RTF reader that ships as part of many Windows platforms has an unchecked buffer in the portion of the reader that parses control words. If an RTF file contains a specially-malformed control word, it could cause the application to crash.

Microsoft believes that this is a denial of service vulnerability only, and that there is no capability to use this vulnerability to run arbitrary code. The most serious risk from this vulnerability would result if a user had preview mode enabled on a mail program like Outlook, and received an email that exploited the vulnerability. Because preview mode causes the mail to be parsed without user assent, the mail program would continue to crash until a subsequent mail was received or the mail program was started with preview mode disabled.

Affected Software Versions

  • Microsoft Windows 95
  • Microsoft Windows 98
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows NT 4.0 Workstation
  • Microsoft Windows NT 4.0 Server
  • Microsoft Windows NT 4.0 Server, Enterprise Edition
  • Microsoft Windows NT 4.0 Server, Terminal Server Edition

NOTE: Windows 2000 is not affected by this vulnerability.

Patch Availability

Windows NT 4.0 Workstation, Windows NT 4.0 Server, and Windows NT 4.0 Server, Enterprise Edition:

Microsoft Windows NT 4.0 Server, Terminal Server Edition: To be released shortly.

NOTE: The Windows 95 and 98 versions of the patch will also be available via WindowsUpdate shortly. When this happens, we will modify the bulletin to note this fact.

NOTE: Additional security patches are available at the Microsoft Download Center (www.microsoft.com/downloads)

More Information
Please see the following references for more information related to this issue.

Obtaining Support on this Issue
This is a fully supported patch. Information on contacting Microsoft Technical Support is available at: http://support.microsoft.com/support/contact/default.asp

Microsoft Security Bulletin (MS00-003)

Patch Available for "Spoofed LPC Port Request" Vulnerability

Date: January 13, 2000

Summary
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Windows NT(r) 4.0. The vulnerability could allow a user logged onto a Windows NT 4.0 machine from the keyboard to become an administrator on the machine.

Frequently asked questions regarding this vulnerability can be found at http://www.microsoft.com/security/bulletins/MS00-003faq.asp.

Issue
LPC Ports is a facility that allows LPC calls on a machine. One of the functions in the LPC Ports API set enables, by design, a server thread to impersonate a client thread on the same machine. However, a flaw in the validation portion of the function would allow a malicious user to create both the client and server threads, and manipulate the impersonation request to allow it to run in the context of any desired user on the local machine, including the System itself.

The primary risk from this vulnerability is that a malicious user could exploit this vulnerability to gain additional privileges on the local machine. However, it also could be used to cause audit logs to indicate that certain actions were taken by another user. A malicious user would require the ability to log onto the target machine interactively and run arbitrary programs in order to exploit this vulnerability, and as a result, workstations and terminal servers would be at greatest risk.

Affected Software Versions

  • Microsoft Windows NT 4.0 Workstation
  • Microsoft Windows NT 4.0 Server
  • Microsoft Windows NT 4.0 Server, Enterprise Edition
  • Microsoft Windows NT 4.0 Server, Terminal Server Edition

Patch Availability
Microsoft Windows NT 4.0 Workstation, Server and Server, Enterprise Edition:

Microsoft Windows NT 4.0 Server, Terminal Server Edition: To be released shortly. NOTE: Additional security patches are available at the Microsoft Download Center (www.microsoft.com/downloads)

More Information
Please see the following references for more information related to this issue.

Obtaining Support on this Issue
This is a fully supported patch. Information on contacting Microsoft Technical Support is available at: http://support.microsoft.com/support/contact/default.asp

Microsoft Security Bulletin (MS00-001)

Patch Available for "Malformed IMAP

Date: January 04, 2000

Summary
Microsoft has released a patch that eliminates a vulnerability in the Microsoft(r) Commercial Internet System (MCIS) Mail server. The vulnerability could allow a malicious user to remotely cause services on the server to fail, or cause arbitrary code to run on the server.

Frequently asked questions regarding this vulnerability can be found at http://www.microsoft.com/Security/Bulletins/00/ms00-001.asp.

Issue
The IMAP service included in MCIS Mail has an unchecked buffer. If a malformed request containing random data were passed to the service, it could cause the web publishing, IMAP, SMTP, LDAP and other services to crash. If the malformed request contained specially crafted data, it could also be used to run arbitrary code on the server via a classic buffer overrun attack.

Affected Software Versions

  • Microsoft Commercial Internet System 2.0 and 2.5.

Patch Availability

NOTE: Additional security patches are available at the Microsoft Download Center (www.microsoft.com/downloads)

More Information
Please see the following references for more information related to this issue.

Obtaining Support on this Issue
This is a fully supported patch. Information on contacting Microsoft Technical Support is available at: http://support.microsoft.com/support/contact/default.asp

This site is not related to the Microsoft Corporation in any way. Windows and the Windows logo are trademarks of the Microsoft Corporation. ActiveWindows is an independent site. The information and sources here are obtained from series of hard work & research.