October 2005 - Posts
Version 2.1 of the Windows XP Security Guide now available.
The Microsoft Solutions for Security and Compliance (MSSC) team is proud to announce the release to Web of version 2.1 of the Windows XP Security Guide.
This guide is the first of three closely related security guides that are being updated. The other two guides are the Windows Server 2003 Security Guide and Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP.
Solution Content
This version of the Windows XP Security Guide was updated to provide additional security guidance for:
· Maintaining different levels of security and control on Windows XP client computers.
· Securing Windows XP client computers that are not members of an Active Directory domain.
· Security settings for computers that must function reliably in extremely critical roles in high security environments.
Information about the security features in SP2 was included as an appendix in the previous version of this guide. This information has now been integrated throughout the guide, and thoroughly tested templates for Windows Firewall security settings are provided. Information is also provided about closing ports, Remote Procedure Call (RPC) communications, memory protection, e-mail handling, Web download controls, spyware controls, and much more.
Where to Find the Windows XP Security Guide
The guide was developed, reviewed, and approved by teams of authoritative experts in security management. It is available on the TechNet Security Center at http://go.microsoft.com/fwlink/?linkid=14839. The guide is also available for download from the Microsoft Download Center at http://go.microsoft.com/fwlink/?linkid=14840.
For other security solutions from the Microsoft Solutions for Security and Compliance (MSSC) team, click here.
SYMPTOMS
On a computer that is running Microsoft Windows XP, Microsoft Windows 2000 Server, or Windows Server 2003, one or more problems may occur after you install the critical update that is discussed in Microsoft Security Bulletin MS05-051. These problems include the following: • The Windows Installer service may not start.
• The Windows Firewall Service may not start.
• The Network Connections folder is empty.
• The Windows Update Web site may incorrectly recommend that you change the Userdata persistence setting in Microsoft Internet Explorer.
• Active Server Pages (ASP) pages that are running on Microsoft Internet Information Services (IIS) return an “HTTP 500 – Internal Server Error” error message.
• The Microsoft COM+ EventSystem service will not start.
• COM+ applications will not start.
• The computers node in the Microsoft Component Services Microsoft Management Console (MMC) tree will not expand.
• Authenticated users cannot log on, and a blank screen appears after the users apply the October Security Updates.
For the Cause and Resolution, see:
http://support.microsoft.com/Default.aspx?id=909444
October 11, 2005
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
http://www.microsoft.com/technet/security/Bulletin/ms05-Oct.mspx
Critical Bulletins:
Vulnerability in DirectShow Could Allow Remote Code Execution (904706)
http://www.microsoft.com/technet/security/Bulletin/ms05-050.mspx
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)
http://www.microsoft.com/technet/security/Bulletin/ms05-051.mspx
Cumulative Security Update for Internet Explorer (896688)
http://www.microsoft.com/technet/security/Bulletin/ms05-052.mspx
Important Bulletins:
Vulnerability in the Client Services for Netware Could Allow Remote Code Execution (899589)
http://www.microsoft.com/technet/security/Bulletin/ms05-046.mspx
Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)
http://www.microsoft.com/technet/security/Bulletin/ms05-047.mspx
Vulnerability in the Microsoft Collaboration Objects Could Allow Remote Code Execution (907245)
http://www.microsoft.com/technet/security/Bulletin/ms05-048.mspx
Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)
http://www.microsoft.com/technet/security/Bulletin/ms05-049.mspx
Moderate Bulletins:
Vulnerability in the Windows FTP Client Could Allow File Transfer Location and Tampering (905495)
http://www.microsoft.com/technet/security/Bulletin/ms05-044.mspx
Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)
http://www.microsoft.com/technet/security/Bulletin/ms05-045.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.