January 2005 - Posts
January 11, 2005
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
http://www.microsoft.com/technet/security/Bulletin/ms05-jan.mspx
Critical Bulletins:
Vulnerability in HTML Help Could Allow Code Execution (890175)
http://www.microsoft.com/technet/security/Bulletin/ms05-001.mspx
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)
http://www.microsoft.com/technet/security/Bulletin/ms05-002.mspx
Important Bulletins:
Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)
http://www.microsoft.com/technet/security/Bulletin/ms05-003.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
Starting from January 11th, 2005, Microsoft will provide Windows customers with Malicious Software Removal Tools. New versions of these tools will be available monthly (second Tuesday of every month on the same schedule that Microsoft already delivers other security updates) or more frequently if necessary.
These removal tools are an extension of virus or worm specific removal tools that Microsoft released in 2004. While tools released in 2004 have been specific to a single virus (and some of its variants), the new removal tools provide more convenience for customers by rolling up all viruses and variants targeted into a common removal tool.
Microsoft will provide new versions of this tool updated to remove malicious software that is found to be prevalent for that month. The first version of the tool available in January will be able to remove Blaster, Sasser, MyDoom, DoomJuice, Zindos, Berweb (also known as Download.Ject), Gailbot and Nachi viruses / worms.
These removal tools will be made available to customers through the following delivery vehicles:
- As a download through the Microsoft Download Center
- As a critical update through Windows Update and through Auto Update for those customers who have Auto Update turned on
- As an ActiveX control also available at www.microsoft.com/malwareremove
This alert is to make you aware of the public availability of a beta version of Microsoft Windows AntiSpyware. This beta version is available at the following location: http://www.microsoft.com/athome/security/spyware/software/default.mspx
Support for Beta of Microsoft Windows AntiSpyware
At this time, support for the beta version of Microsoft Windows AntiSpyware is being provided through the following Microsoft
newsgroups:
- microsoft.private.security.spyware.announcements
- microsoft.private.security.spyware.appcompat
- microsoft.private.security.spyware.general
- microsoft.private.security.spyware.install
- microsoft.private.security.spyware.networking
- microsoft.private.security.spyware.signatures
- microsoft.private.security.spyware.onlinecommunity
These newsgroups can be accessed via NNTP or HTTP.
To access these newsgroups using HTTP, please go to the following
location:
http://communities.microsoft.com/newsgroups/default.asp?ICP=spyware&sLCI
D=us
To access these newsgroups using NNTP, please use the following information for your NNTP client (such as Microsoft Outlook Express):
- NNTP Server: privatenews.microsoft.com
- Account name: privatenews\spyware
- Password: spyware
NOTE: No password will be required via the HTTP link
Objective Spyware Criteria and Vendor Dispute Information
Information about the criteria that is part of a scoring system that determines whether a program is added for detection is available at this
location:
http://www.spynet.com/info_spywarecriteria.aspx
Vendors of products that are detected who feel the listing in the library is incorrect should fill out the request form located at this
location:
http://www.spynet.com/vendors.aspx
Additional Information
For additional information about today's announcements regarding Microsoft Windows AntiSpyware and Microsoft Malicious Software Removal Tools, please see the public press release located here:
http://www.microsoft.com/presspass/press/2005/jan05/01-06NewSolutionsPR.
asp
For additional, general information about Microsoft Windows AntiSpyware and Microsoft's acquisition of Giant Company, please see the public press release located here:
http://www.microsoft.com/presspass/press/2004/dec04/12-16GIANTPR.asp