Old MS Alerts

**AplusWebMaster** · 2008-05-17, 03:51

FYI...

Microsoft Security Advisory (950627)
Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution
- http://www.microsoft.com/technet/sec...ry/950627.mspx
Updated: May 13, 2008 - "...We have issued Microsoft Security Bulletin MS08-028 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-028*... In addition to immediately installing the update in Microsoft Security Bulletin MS08-028, we recommend that customers with Microsoft Word also immediately install the update in Microsoft Security Bulletin MS08-026**: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207), for the most up-to-date protection against the attack vector for these types of attacks..."

* http://go.microsoft.com/fwlink/?LinkId=114750

** http://go.microsoft.com/fwlink/?LinkId=117295

**AplusWebMaster** · 2008-05-20, 14:10

HP - AMD - XPSP3...

XP SP3 Upgrade Utility for systems with AMD processors
- http://preview.tinyurl.com/4g2b6y
Release Date: 2008-05-14 - Version: 1.0 (HP Customer Care)
Description: Microsoft Windows XP SP3 Upgrade Utility prevents continuous system restarts or "Stop: 0x0000007E" errors after upgrading to Windows XP SP3 on systems with AMD processors.
Fixes: Prevents a condition from occurring that causes continuous system restarts or "Stop: 0x0000007E" errors after upgrading to Microsoft Windows XP Service Pack 3 on systems with an AMD processor.
Example: "A problem has been detected and Windows has been shut down to prevent damage to your computer..."

Download: sp37394.exe (1.85M)

.

**AplusWebMaster** · 2008-05-21, 15:35

FYI...

XPSP3 chokes on ISP versions of IE7
- http://www.informationweek.com/share...leID=207801330
May 20, 2008 - "Private label versions of Microsoft's Internet Explorer 7 browser, including those provided to customers by Internet Service Providers Comcast and Qwest, are prone to crash during installation on computers running Windows XP SP3 because they tend to be outdated, Microsoft is warning. The problem generally occurs when a so-called "branded" version of IE7 is installed for the first time on a computer that's running XP SP3, said Microsoft program manager Jane Maliouta, in a blog post*. "The reason is that the IE7 package you are trying to install uses old IE7 files," said Maliouta. The trouble? Some ISPs are still distributing versions of IE7 that don't contain updates designed to make the browser compatible with Windows XP SP3. Specifically, XP3 runs a version of an essential dynamic-link library file called XMLLite.dll that's not compatible with versions of IE7 released prior to October..."
* http://preview.tinyurl.com/6rwwf8
May 12, 2008 (blogs.msdn.com)

**AplusWebMaster** · 2008-05-22, 13:55

FYI...

XP SP3 triggers false positives in security apps
- http://windowssecrets.com/comp/080522#story1
2008-05-22 - "Installing Windows XP Service Pack 3 can cause your anti-malware programs to report the presence of Trojans and keyloggers that aren't there. The false positives have blocked important system files in some cases, and in others they have misled users into reinstalling XP... Comments on a PC Tools forum* confirm customer reports that the company's Spyware Doctor program generates a false positive on systems with Windows XP SP3. Similarly, at least one site claims that Symantec's Norton Internet Security software identifies a common system file as a keylogger. ReviewSaurus reports** that XP SP3 causes Norton Internet Security to identify ctfmon.exe as a keylogger (a kind of malware that records your keystrokes to capture passwords and other important data). In reality, the ctfmon.exe file in your Windows\System32 folder is a Microsoft system file that enables alternative input methods such as speech, tablet, or on-screen keyboard. A spokesperson for Symantec was not immediately available for comment..."

* http://www.pctools.com/forum/showthr...t=51766&page=3

** http://www.reviewsaurus.com/tips-tri...tall-problems/

.

**AplusWebMaster** · 2008-05-29, 16:20

FYI...

- http://windowssecrets.com/comp/080529#patch0
2008-05-29 - "Antivirus software from Symantec Corp. may cause the installation of Service Pack 3 for XP to corrupt the Windows Registry by adding unnecessary keys.
Symantec advises users to disable the SymProtect security feature of its products before applying XP SP3.
A Registry fix is needed by the latest XP patch..."

(More detail at the URL above.)

**AplusWebMaster** · 2008-05-31, 08:00

FYI...

Microsoft Security Advisory (953818)
Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform
- http://www.microsoft.com/technet/sec...ry/953818.mspx
Published: May 30, 2008 - "Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.
At the present time, Microsoft is unaware of any attacks attempting to exploit this blended threat. Upon completion of this investigation, Microsoft will take the appropriate measures to protect our customers. This may include providing a solution through a service pack, the monthly update process, or an out-of-cycle security update, depending on customers needs.
Mitigating Factors:
• Customers who have changed the default location where Safari downloads content to the local drive are -not- affected by this blended threat."
- http://blogs.technet.com/msrc/archiv...18-posted.aspx
May 30, 2008

- http://secunia.com/advisories/30467/
Release Date: 2008-06-02
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
OS: Microsoft Windows Vista, Microsoft Windows XP Home Edition, Microsoft Windows XP Professional
Software: Safari for Windows 3.x
...The vulnerability is reported in Safari running on Windows XP or Vista.
Solution: Set the download location in Safari to a location other than "Desktop"...
Original Advisory: http://www.microsoft.com/technet/sec...ry/953818.mspx

**AplusWebMaster** · 2008-06-02, 22:18

FYI...

XPSP3 replaced the up-to-date flash.ocx...
- http://isc.sans.org/diary.html?storyid=4513
Last Updated: 2008-06-02 19:18:05 UTC - "It appears that XPSP3 installs an older vulnerable version of the flash player...
http://www.microsoft.com/technet/sec.../MS06-069.mspx
Why was this Bulletin revised on May 13, 2008?
This bulletin was revised to add Windows XP Service Pack 3 as affected software..."
> Latest v9,0,124,0 - http://www.adobe.com/go/getflashplayer

Other references noting the problem:

- http://preview.tinyurl.com/5cz4wt
June 01, 2008 9:38 PM (Donna's SecurityFlash)

Ref: http://www.dozleng.com/updates/index...08&#entry80908

**AplusWebMaster** · 2008-06-06, 12:20

FYI...

PCpitstop XPSP3 review:
- http://preview.tinyurl.com/4y7zqc
May 25, 2008 - Windows XP SP3 Issues and Fixes Continued

**AplusWebMaster** · 2008-06-06, 13:50

FYI...

- http://www.microsoft.com/technet/sec.../ms08-jun.mspx
June 5, 2008 - "...This is an advance notification of security bulletins that Microsoft is intending to release on June 10, 2008..."
(Total of -7-)

Critical (3)

Bulletin Identifier: Bluetooth Bulletin
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...

Bulletin Identifier: Internet Explorer Bulletin
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows, Internet Explorer...

Bulletin Identifier: DirectX Bulletin
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...

Important (3)

Bulletin Identifier: WINS Bulletin
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege...
Affected Software: Microsoft Windows...

Bulletin Identifier: Active Directory Bulletin
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Microsoft Windows...

Bulletin Identifier: PGM Bulletin
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Microsoft Windows...

Moderate (1)

Bulletin Identifier: Kill Bit Bulletin
Maximum Severity Rating: Moderate
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...

This advance notification provides the software subject as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release...

**AplusWebMaster** · 2008-06-08, 12:13

FYI...

Microsoft Security Advisory (953818)
Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform
- http://www.microsoft.com/technet/sec...ry/953818.mspx
Revisions:
• May 30, 2008: Advisory published.
• June 6, 2008: Modified the steps in the workaround and added acknowledgment.

Thread: Old MS Alerts

Thread Tools

Display

XPSP3 chokes on ISP versions of IE7

Norton software conflicts with XPSP3

XPSP3 replaced the up-to-date flash.ocx...

MS Security Bulletin Advance Notification - June 2008

Apple’s Safari on Windows...

Posting Permissions