July 2004 - Posts
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summaries:
Windows : http://www.microsoft.com/technet/security/bulletin/ms04-jul.mspx
Critical Bulletins:
MS04-025 - Cumulative Security Update for Internet Explorer (867801)
http://www.microsoft.com/technet/security/bulletin/ms04-025.mspx
This DOES NOT represent our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
More security guidance available for Windows Server 2003:
Overview
The Windows Server 2003 Security Guide focuses on providing a set of easy to understand guidance, tools, and templates to help secure Windows Server 2003 in many environments. While the product is extremely secure from the default installation, there are a number of security options that can be further configured based on specific requirements. This guidance not only provides recommendations, but also the background information on the risk that the setting is used to mitigate as well as the impact to an environment when the option is configured.
Download here:
http://www.microsoft.com/downloads/details.aspx?familyid=8a2643c1-0685-4d89-b655-521ea6c7b4db&displaylang=en
13 July 2004
Today Microsoft released the following Security Bulletins.
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summaries: http://www.microsoft.com/technet/security/bulletin/ms04-jul.mspx
Critical Bulletins:
MS04-022 – Vulnerability in Task Scheduler Could Allow Code Execution (841873)
http://www.microsoft.com/technet/security/bulletin/ms04-022.mspx
MS04-023 – Vulnerability in HTML Help Could Allow Code Execution (840315)
http://www.microsoft.com/technet/security/bulletin/ms04-023.mspx
Important Bulletins:
MS04-019 – Vulnerability in Utility Manager Could Allow Code Execution (842526)
http://www.microsoft.com/technet/security/bulletin/ms04-019.mspx
MS04-020 – Vulnerability in POSIX Could Allow Code Execution (841872)
http://www.microsoft.com/technet/security/bulletin/ms04-020.mspx
MS04-021 – Security Update for IIS 4.0 (841373)
http://www.microsoft.com/technet/security/bulletin/ms04-021.mspx
MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)
http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx
Moderate Bulletins:
MS04-018 - Cumulative Security Update for Outlook Express (823353)
http://www.microsoft.com/technet/security/bulletin/ms04-018.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
Just a little off topic for security but not far when considering how you want to protect your private information and the potential for hackers to gain more profiling information about your company through hidden data in documents you might release to the public. This new add-in will remove that information from Office XP/2003 documents. I highly recommend you use it for any documents you send to your customers or post to the web.
Overview
With this add-in you can permanently remove hidden and collaboration data, such as change tracking and comments, from Word 2003/XP, Excel 2003/XP, and PowerPoint 2003/XP files.
When you distribute an Office document electronically, the document might contain information that you do not want to share publicly, such as information you’ve designated as “hidden” or information that allows you to collaborate on writing and editing the document with others.
The Remove Hidden Data add-in is a tool that you can use to remove personal or hidden data that might not be immediately apparent when you view the document in your Microsoft Office application.
You can run the Remove Hidden Data add-in on individual files from within your Office XP or Office 2003 application. Or, you can run Remove Hidden Data on multiple files at once from the command line. In either case, to run the tool you must have the application installed in which the document was created.
The Offrhdreadme.htm file included with the add-in includes a complete list of all of the types of data that the tool will help to remove. By default, you can locate this file in the \Program Files\Microsoft Office\Remove Hidden Data Tool\1033 directory in the drive where you installed the tool. If you installed the tool to a different directory, you can locate this file in the \1033 directory, a subdirectory of the add-in installation folder.
http://www.microsoft.com/downloads/details.aspx?familyid=144e54ed-d43e-42ca-bc7b-5446d34e5360&displaylang=en
People often want to know how we manage patch deployments here at Microsoft. What tools do we use, how do we verify patch installation, etc. To get the inside scoop, listen to the TechNet Radio broadcast by Paul Thomsen and Brian Keogh which you can download here:
http://www.microsoft.com/downloads/details.aspx?familyid=2b1354e4-6715-4ab2-a26a-c37c2e667550&displaylang=en
Some interesting facts about the Microsoft environment:
> 8,000 Servers
> 150,000 Desktops
> Over 50,000 employees
> 160 sites world wide
> 450 buildings
You might also be interested in knowing that our IT department does not get an advanced heads up on patches we are about to release. They get the same notifications that our customers do on patch Tuesday's and must respond accordingly.
For more cool broadcasts, see www.microsoft.com/technet/radio
Microsoft has released a configuration change that addresses the recent malicious attack against Internet Explorer known as Download.Ject.
In addition, Microsoft has released a Knowledge Base article, 870669, that provides information that administrators can use to implement this change manually in their environment and to deploy the change across their networks. This Knowledge Base article is available here:
http://support.microsoft.com/default.aspx?kbid=870669
Customers are advised to review the information in the Knowledge Base article, test and deploy the change immediately in their environments, if applicable.
If you have any questions regarding the security updates or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
Thank you,
Microsoft PSS Security Team