Old MS Alerts

[AplusWebMaster]

FYI...

- http://isc.sans.org/diary.html?storyid=4358
Last Updated: 2008-04-29 17:03:11 UTC - "...the Windows Service Pack blocker tool can now block the following service packs from installation...
* Windows XP Service Pack 3 (valid for 12 months following general availability)
* Windows Vista Service Pack 1 (valid for 12 months following general availability)
So, if you want to prevent your machines from automatic updates (provided you don't use WSUS), you can download this handy tool from here*..."
* http://preview.tinyurl.com/2uryvq
Windows Service Pack Blocker Tool Kit
Quick Details
File Name: SPBlockerTools.EXE
Version: SPBlockerToolKit
Date Published: 12/6/2007
Language: English
Download Size: 96 KB

[AplusWebMaster]

FYI...

MS delays release of XPSP3
- http://preview.tinyurl.com/56vprz
April 29, 2008 (Infoworld) - "Microsoft has delayed the release of a third service pack for Windows XP, blaming a "compatibility issue" between the software and a retail-chain-management application... incompatibilities discovered in the past several days between an application called Microsoft Dynamics RMS and -both- Windows XP SP3 and Windows Vista Service Pack 1 will force the company to hold off on releasing the software. Dynamics RMS is a retail-chain-management software for SMBs. Microsoft said it is putting filtering in place to prevent its Windows Update service from offering both service packs to systems running Microsoft Dynamics RMS. Once that filtering is in place, Microsoft will release Windows XP SP3 to Windows Update and Download Center for users not running the application causing the problem.
The company on Tuesday did not say how long putting in filters would take. Microsoft is recommending that Microsoft Dynamics RMS customers not install Windows XP SP3 or Windows Vista SP1. For more information, those customers should contact Microsoft Customer Support Services, the company said. A fix to the Dynamics RMS problem is being tested and "will be available as soon as that process is complete," Microsoft said. The company did not provide a time frame for completion of the testing..."

[AplusWebMaster]

FYI...

- http://www.milw0rm.com/exploits/5518
2008-04-28 - "[Windows XP SP2 (win32k.sys)] This exploit takes advantage of one of the vulnerabilities patched in the Microsoft Security bulletin MS08-25
http://www.microsoft.com/technet/sec.../ms08-025.mspx ..."
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)

[AplusWebMaster]

FYI...

Vista Audio Driver...
- http://isc.sans.org/diary.html?storyid=4376
Last Updated: 2008-05-03 23:26:07 UTC - "...a recent update offered for a driver update for IDT (Formerly Sigmatel)'s high definition sound is causing problems for -Dell- users that have installed it. "Should you see this update appear, *do not* install it," warned 'Chris B', a Dell Digital Life Liason, in a Thursday forum post. The update is called IDT High Def Codec and was reported to be one of the drivers that held up the release of SP1 for Vista back in February. If you have a Dell computer and have not yet installed Vista SP1, you may want to take a look at the full article.
- http://www.crn.com/software/207500472 "

[AplusWebMaster]

Good grief...

Vista Service Pack 1 is not available...
- http://support.microsoft.com/?kbid=948343
Article ID: 948343
Last Review: May 5, 2008
Revision: 9.0...

[AplusWebMaster]

FYI...

Windows Vista SP1 Disaster Recovery Guide
- http://www.informationweek.com/share...leID=207402843
May 6, 2008


.

[AplusWebMaster]

FYI...

- http://isc.sans.org/diary.html?storyid=4387
Last Updated: 2008-05-06 20:10:06 UTC - "Microsoft, it appears, has just released Windows XP Service Pack 3*. For the most part, it is a bundle of all the updates since Service Pack 2, but there are some key differences.
First, the big gotcha:
- If you are an IE 6 user, SP3 will simply updated your IE 6 installation. You will continue to be able to upgrade to IE 7 as an option.
- If you are an IE 7 user, it will update your IE 7 installation. HOWEVER, you will NOT be able to go back to IE 6 after applying this service back.
- If you are an IE 8 (beta) user, you will need to uninstall IE 8, apply the service pack, and then reinstall IE 8.
This link** has a list of all the Knowledge Base articles that this service pack addresses. Some of the bigger notes is that it does retrofit some of the Vista functionality into XP, namely in the area of Network Access Protection, Black Hole Router Detection, enhanced security for administrator and service policy entries (basically some better default settings) and a kernel mode crypto driver. Additionally, some of the "optional" updates released since SP2 will be installed with SP3 (MMC 3.0, MXSXML6, WPA2 support, etc). The good news is that TechNet provides installation media that can be used to slipstream install the service pack so workstations can be updated off the net."

Windows XP SP3 Network Installation Package for IT Professionals and Developers
* http://preview.tinyurl.com/6k9zo3
316.4 MB
"...Note: Customers running Microsoft Dynamics Retail Management System (RMS) are advised to install a hotfix for a Microsoft Dynamics RMS issue -prior- to installing Windows XP SP3. http://support.microsoft.com/kb/951937
DO NOT CLICK DOWNLOAD IF YOU ARE UPDATING JUST ONE COMPUTER: A smaller, more appropriate download is now available on Windows Update..."

Release notes for Windows XP Service Pack 3
** http://support.microsoft.com/kb/936929
Last Review: May 6, 2008
Revision: 5.0...

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../MS08-may.mspx
May 8, 2008
"This is an advance notification of security bulletins that Microsoft is intending to release on May 13, 2008...

Critical (3)

Word Bulletin
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Office...

Publisher Bulletin
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Office...

Jet Bulletin
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...


Moderate (1)

Security Software Bulletin
Maximum Severity Rating: Moderate
Impact of Vulnerability: Denial of Service...
Affected Software: Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, Microsoft Forefront Security...

[AplusWebMaster]

FYI...

XP SP3 crashes AMD machines
- http://www.theinquirer.net/gb/inquir...s-amd-machines
9 May 2008 - "...Windows XP, Service Pack 3, is giving owners of machines with AMD hardware headaches aplenty it seems. The problems, which first arose just one day after the push, have been causing lots of noise on Microsoft support sites and angry user bogs. One user reported, "I just installed Windows XP SP3 and after completing the processes and when the system reboots, the system cannot proceed to load the Windows. It just displays the flash screen of Windows then after it reboots again." Angry users have also reported that, after the installation, it is not even possible to boot in safe mode, usually the last resort before setting up a repeated forehead/screen interface... there appears to be two separate problems. One affects only AMD-equipped PCs sold by Hewlett-Packard. "The problem is that HP, apparently along with other OEMs, deploys the same image to Intel-based computers that they do to AMD-based computers," said Johansson. "Because the image for both Intel and AMD is the same all have the intelppm.sys driver installed and running. That driver provides power management on Intel-based computers. On an AMD-based computer, amdk8.sys provides the same functionality." There's a whole bunch of other info and some useful fixes for those of you stuck in the dreaded loop of death over on Jesper's Bog*."
* http://preview.tinyurl.com/6zs52d
(MSinfluentials.com/blogs/jesper)

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../ms08-may.mspx
May 13, 2008
"This bulletin summary lists security bulletins released for May 2008...

Critical (3)

Microsoft Security Bulletin MS08-026
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
- http://www.microsoft.com/technet/sec.../ms08-026.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Office...

Microsoft Security Bulletin MS08-027
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
- http://www.microsoft.com/technet/sec.../ms08-027.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Office...

Microsoft Security Bulletin MS08-028
Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)
- http://www.microsoft.com/technet/sec.../ms08-028.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...

Moderate (1)

Microsoft Security Bulletin MS08-029
Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
- http://www.microsoft.com/technet/sec.../ms08-029.mspx
Maximum Severity Rating: Moderate
Impact of Vulnerability: Denial of Service...
Affected Software: Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, Microsoft Forefront Security...


New, Revised, and Rereleased Updates for Microsoft Products Other Than Microsoft Windows
- http://technet.microsoft.com/en-us/wsus/bb466214.aspx


ISC Analysis
- http://isc.sans.org/diary.html?storyid=4411
Last Updated: 2008-05-13 17:59:16 UTC