Options

Critical update and patch roundup

Unknown
edited February 2004 in Science & Tech
Critical Update for Windows Media Player (All Versions)

[blockquote]When a content owner creates an audio or video stream, they can add script commands (such as URL script commands and custom script commands) to be encoded in the stream. When the stream is played back, the script commands can trigger events in an embedded player program, or they can open your browser and then navigate to a Web page. This behavior is by design. This update changes the way that Windows Media Player handles URL script commands that are embedded in a stream.
[/blockquote]
[link=http://go.microsoft.com/fwlink/?linkid=19865]KB article[/link] - [link=http://www.microsoft.com/downloads/details.aspx?FamilyID=af9cf65e-0c55-452e-a0fa-3aa165e667c1&DisplayLang=en]Download[/link] (2.77MB)
_____________________________
Vulnerability in the Windows Internet Naming Service (WINS)

[blockquote]A security vulnerability exists in the Windows Internet Naming Service (WINS). This vulnerability exists because of the method that WINS uses to validate the length of specially-crafted packets. On Windows Server 2003 this vulnerability could allow an attacker who sent a series of specially-crafted packets to a WINS server to cause the service to fail. Most likely, this could cause a denial of service, and the service would have to be manually restarted to restore functionality. [Affected Software: Windows NT4/2000/2003 Server]
[/blockquote]
Download: [link=http://www.microsoft.com/downloads/details.aspx?FamilyId=AA95192E-5B0B-45F0-B4AE-E228B0625F2D&displaylang=en]Server 2003 Patch[/link] (256KB) - [link=http://www.microsoft.com/downloads/details.aspx?FamilyId=67F91E33-E2EC-4CE9-B55B-509240B1A973&displaylang=en]NT4 Patch[/link] (239KB) - [link=http://www.microsoft.com/downloads/details.aspx?FamilyId=FD38BD3F-2E56-45B8-B8B2-C5C798B0E70D&displaylang=en]Windows 2000 Patch[/link] (351KB)
__________________________
ASN.1 Vulnerability Could Allow Code Execution (828028)

[blockquote]Windows NT 4.0 (Workstation, Server, and Terminal Server Edition) does not install the affected file by default. This file is installed as part of the MS03-041 Windows NT 4.0 security update and other possible non-security-related hotfixes. If the Windows NT 4.0 security update for MS03-041 is not installed, this may not be a required update. To verify if the affected file is installed, search for the file named Msasn1.dll. If this file is present, this security update is required. Windows Update, Software Update Services, and the Microsoft Security Baseline Analyzer will also correctly detect if this update is required.
[/blockquote]
[link=http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-007.asp]KB Article[/link]
Sign In or Register to comment.