|
|
|
The Microsoft Windows Server 2003 Resource Kit Tools are a set of software tools for administrators, developers, and power users to manage Active Directory, Group Policy, TCP/IP Networks, Registry, Security, Scalability and many other areas of the Windows Server 2003 operating system.
|
|
|
Full View / NID: 676 / Submitted by: TACKtech Team
|
|
This is a cumulative patch that includes the functionality of all previously released patches for Internet Explorer 5.01, 5.5 and 6.0. This update is for Internet Explorer 6 SP1, 6 SP1 (64bit), 6 for Windows XP, 5.5 SP2, 5.01 for Windows 2000 SP3.
|
|
|
Full View / NID: 675 / Submitted by: TACKtech Team
|
|
As a result of changes to the Windows Update service, Device Manager and the Add Printer Wizard in Windows 2000 Service Pack 3 (SP3) and earlier cannot obtain device driver updates published after November 15, 2002 from Windows Update. You may not notice this problem when you use Device Manager or the Add Printer Wizard because drivers released before November 15, 2002 are still available.
|
|
|
Full View / NID: 672 / Submitted by: TACKtech Team
|
|
|
There is a flaw in the way the kernel passes error messages to a debugger. A vulnerability results because an attacker could write a program to exploit this flaw and run code of their choice. An attacker could exploit this vulnerability to take any action on the system including deleting data, adding accounts with administrative access, or reconfiguring the system.
|
|
|
Full View / NID: 658 / Submitted by: TACKtech Team
|
|
Have video conversations, and take advantage of several ease-of-use enhancements like grouping your contact list, new task-based menus, and cool, new emoticons.
|
|
|
Full View / NID: 655 / Submitted by: Anthony Idhaw
|
|
|
The Microsoft VM is a virtual machine for the Win32 operating environment. The Microsoft VM is shipped in most versions of Windows and in most versions of Microsoft Internet Explorer. A new security vulnerability has been reported that affects the ByteCode Verifier component of the Microsoft VM. It occurs because the ByteCode verifier does not correctly look for certain malicious code when a Java applet is being loaded. The attack vector for this new security issue would likely involve an attacker creating a malicious Java applet and inserting it into a Web page that would exploit this vulnerability when it was opened. An attacker could then host this malicious Web page on a Web site or could send it to a user in e-mail. The present Microsoft VM has been updated to include a fix for this newly reported security vulnerability. This version of VM includes all previously released fixes to the VM.
|
|
|
Full View / NID: 644 / Submitted by: TACKtech Team
|
|
|
The .NET Framework version 1.1 redistributable package includes everything you need to run applications developed using the .NET Framework.
|
|
|
Full View / NID: 642 / Submitted by: TACKtech Team
|
|
|
There is a flaw in the Winsock Proxy service in Microsoft Proxy Server 2.0, and the Microsoft Firewall service in ISA Server 2000, that would allow an attacker on the internal network to send a specially crafted packet that would cause the server to stop responding to internal and external requests. Receipt of such a packet would cause CPU utilization on the server to reach 100%, and thus make the server unresponsive. The Winsock Proxy service and Microsoft Firewall service work with FTP, telnet, mail, news, Internet Relay Chat (IRC), or other client applications that are compatible with Windows Sockets (Winsock). These services allow these applications to perform as if they were directly connected to the Internet. These services redirect the necessary communications functions to a Proxy Server 2.0 or ISA Server computer, thus establishing a communication path from the internal application to the Internet through it.
|
|
|
Full View / NID: 641 / Submitted by: TACKtech Team
|
|
|
There is a vulnerability in the part of RPC that deals with message exchange over TCP/IP. The failure results because of incorrect handling of malformed messages. This particular vulnerabilty affects the RPC Endpoint Mapper process, which listens on TCP/IP port 135. The RPC endpoint mapper allows RPC clients to determine the port number currently assigned to a particular RPC service.
|
|
|
Full View / NID: 611 / Submitted by: TACKtech Team
|
|
This patch resolves problems that were found in the Exchange 2000 ADC since SP3 was released. Click the More Information About This Download link in the Related Resources section for a list of the fixes that are included in this patch.
|
|
|
Full View / NID: 605 / Submitted by: TACKtech Team
|
|
|
This article lists Microsoft Exchange 2000 Server bugs that have been fixed since the release of Exchange 2000 Service Pack 3 (SP3). Exchange 2000 fixes for a particular component are cumulative and contain all the previous fixes for that component. Fixes with a particular version number contain all the fixes that have an earlier version number.
|
|
|
Full View / NID: 604 / Submitted by: TACKtech Team
|
|
Microsoft DirectX is a group of technologies designed to make Windows-based computers an ideal platform for running and displaying applications rich in multimedia elements such as full-color graphics, video, 3D animation, and rich audio. DirectX 9.0 includes security and performance updates, along with many new features across all technologies, which can be accessed by applications using the DirectX 9.0 APIs. This release also resolves an issue with DirectX 9.0 where some multiplayer games or MSN Messenger may not work correctly. A number of minor bugs were also resolved.
|
|
|
Full View / NID: 602 / Submitted by: TACKtech Team
|
|
|
A flaw exists in the ISA Server DNS intrusion detection application filter, and results because the filter does not properly handle a specific type of request when scanning incoming DNS requests.
|
|
|
Full View / NID: 597 / Submitted by: TACKtech Team
|
|
|
An attacker could exploit the vulnerability by sending a specially formed HTTP request to a machine running Internet Information Server (IIS). The request could cause the server to fail or to execute code of the attacker’s choice. The code would run in the security context of the IIS service (which, by default, runs in the LocalSystem context).
|
|
|
Full View / NID: 592 / Submitted by: TACKtech Team
|
|
|
This patch resolves problems that were found in the Exchange 2000 ADC since SP3 was released. Click the More Information About This Download link in the Related Resources section for a list of the fixes that are included in this patch.
|
|
|
Full View / NID: 573 / Submitted by: TACKtech Team
|
|
|
An attacker could exploit the vulnerability by constructing a URL that, when clicked on by the user, would execute code of the attacker’s choice in the Local Computer security context. The URL could be hosted on a web page, or sent directly to the user in email. In the web based scenario, where a user then clicked on the URL hosted on a website, an attacker could have the ability to read or launch files already present on the local machine. In the case of an e-mail borne attack, if the user was using Outlook Express 6.0 or Outlook 2002 in their default configurations, or Outlook 98 or 2000 in conjunction with the Outlook Email Security Update, then an attack could not be automated and the user would still need to click on a URL sent in e-mail. However if the user was not using Outlook Express 6.0 or Outlook 2002 in their default configurations, or Outlook 98 or 2000 in conjunction with the Outlook Email Security Update, the attacker could cause an attack to trigger automatically without the user having to click on a URL contained in an e-mail.
|
|
|
Full View / NID: 554 / Submitted by: TACKtech Team
|
|
|
This update fixes an issue caused by the February 2003, Cumulative Update for Internet Explorer (810847) where users could potentially be unable to log into MSN mail accounts or authenticate with a Web site in various programs.
|
|
|
Full View / NID: 534 / Submitted by: Travis
|
|
|
Windows messages provide a way for interactive processes to react to user events (such as keystrokes or mouse movements) and communicate with other interactive processes. The WM_TIMER message is sent at the expiration of a timer, and it can be used to cause a process to run a timer callback function. This message may create a security vulnerability because it is possible for one process in the interactive desktop to use a WM_TIMER message to cause another process to run a callback function at the address of its choice, even if the second process did not set a timer. If that second process has higher privileges than the first process, this would provide the first process with a way of exercising the functions.
|
|
|
Full View / NID: 521 / Submitted by: Travis
|
|
|
A security vulnerability exists in the implementation of the Windows Redirector on Windows XP because an unchecked buffer is used to receive parameter information. By providing malformed data to the Windows Redirector, an attacker could cause the system to fail, or if the data was crafted in a particular way, could run code of the attacker’s choice.
|
|
|
Full View / NID: 519 / Submitted by: TACKtech Team
|
|
|
When you try to use Fast User Switching to switch between logged on users in Windows XP Media Center Edition, you may receive a STOP error message on a blue screen, and your computer may stop responding (hang).
|
|
|
Full View / NID: 517 / Submitted by: TACKtech Team
|
|
