Microsoft has released 5 new security-focused updates for NT-Based operating systems, including Windows 2000 and Windows XP. All updates are labeled as "Important", and should be applied as soon as possible.
3 Updates are applicable to users of Windows XP SP2
Microsoft Security Bulletin MS04-041
Vulnerability in WordPad Could Allow Code Execution (KB885836)
Microsoft Security Bulletin MS04-042
Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (KB885249) (NT4 Only)
Microsoft Security Bulletin MS04-043
Vulnerability in HyperTerminal Could Allow Code Execution (KB873339)
Microsoft Security Bulletin MS04-044
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (KB885835)
Microsoft Security Bulletin MS04-045
Vulnerability in WINS Could Allow Remote Code Execution (KB870763) (XP/2000 Not Effected)
View: Microsoft Windows Update
3 Updates are applicable to users of Windows XP SP2
Microsoft Security Bulletin MS04-041
Vulnerability in WordPad Could Allow Code Execution (KB885836)
Microsoft Security Bulletin MS04-042
Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (KB885249) (NT4 Only)
Microsoft Security Bulletin MS04-043
Vulnerability in HyperTerminal Could Allow Code Execution (KB873339)
Microsoft Security Bulletin MS04-044
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (KB885835)
Microsoft Security Bulletin MS04-045
Vulnerability in WINS Could Allow Remote Code Execution (KB870763) (XP/2000 Not Effected)
To remove 180 Solutions Inc., simply go to Control Panel then Add/Remove Programs and delete from there. Easy removable adware.

Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (KB885249)
Affected Software:
• Microsoft Windows NT Server 4.0 Service Pack 6a – Download the update
• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 – Download the update
Non-Affected Software:
• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1
• Microsoft Windows XP 64-Bit Edition Version 2003
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 64-Bit Edition
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
(I.E. It isn't for Windows XP SP2, only NT4)
Even though I don't use Windows, I'm grateful when someone takes the time to track down a bug in one of the OSs I use. It means my OS will be more stable and secure after the patch is applied.
SVT
No sheit.
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (KB885835)
This one applies for both XP SP1 and SP2
It is not exploitable via the network.
I love you SP2
You are a << removed >>. (no need for name calling)
After an install of the newest version of Fedora I could find on the public FTPs, I had 105 updates to install. Not only that, but the update program took a few reboots before it would even start to update the software. (Y)
Last edited by 36818 on 15 Dec 2004 - 02:38
Yes thats sarcasm but honestly after installing any Linux disto the first thing I usually do is get any updates that were made avalible since the release date. In every instance (be it Ubuntu, Fedora Core, Slackware, or Mandrake) that the distro has been our for a while there are a good number of updates that need to be installed.
Any operating system is going to have flaws in them, and I honestly don't understand how its considered a sad day when fixes are made avalible for these flaws.
I did a fresh Install of BeOS 5 Pro for my networked jukebox and had 1 update to install afterwards. What was your point again? Oh wait you didn't have one.
SVT
And Redhat Linux FC 3 was released on November 8th 2004, which gives you about 3 patches to install every day.
SVT
lol do u know how old beos 5 is ?
I hope you're not being serious. Could it have anything to do with the fact that the OS has not been supported for ages, since Be no longer exists?
After an install of the newest version of Fedora I could find on the public FTPs, I had 105 updates to install. Not only that, but the update program took a few reboots before it would even start to update the software. (Y)
this is normal since Fedora Core, which you are using includes all "bleeding edge"/alpha/beta technologies/applications like gcc 3.4/libc 2.3.3 2/kernel 2.6/xorg 6.8 and so on. they are all under "heavy" development and of course require frequent updates.
try using a more "stable" linux distribution if you don't like updating so much.
Last edited by 62935 on 15 Dec 2004 - 19:38
edit:
and as i hit submit for my comment msn signs in! lol
Also got virus definition updates today for my NIS 2005.
How the hell could a wordpad vulnerability allow code execution? Wordpad shouldn't be doing anything that would give it the ability to allow any sort of code execution, let alone this security problem
All it takes is a buffer overflow, and these can of course appear in, well, even Minesweeper.
You don't know much about programming, do you?
No, on second thought it still sounds dumb.
Hey, this idea is good, not dumb!
Sure, MS would go bankrupt, but I'm sure I'd survive without them
there seems two more update avaiable for XP published today
Critical Update for Windows XP (KB886185)
Cumulative Update for Outlook Express for Windows XP (KB887797)
Vulnerability in WINS Could Allow Remote Code Execution (870763)
Summary
Who should read this document: Customers who use Microsoft Windows Internet Naming Service (WINS)
Affected Software:
• Microsoft Windows NT Server 4.0 Service Pack 6a – Download the update
• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 – Download the update
• Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4 – Download the update
• Microsoft Windows Server 2003 – Download the update
• Microsoft Windows Server 2003 64-Bit Edition – Download the update
Non-Affected Software:
• Microsoft Windows 2000 Professional Service Pack 3 and Microsoft Windows 2000 Professional Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1
• Microsoft Windows XP 64-Bit Edition Version 2003
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
THIS IS NOT FOR WINDOWS XP SP 2
Microsoft Security Bulletin MS04-041
Vulnerability in WordPad Could Allow Code Execution (KB885836)
Microsoft Security Bulletin MS04-043
Vulnerability in HyperTerminal Could Allow Code Execution (KB873339)
Microsoft Security Bulletin MS04-044
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (KB885835)
BS, no OS is secured as it can be. If Mac OS had the market share Windows has you can bet there would be plenty of viruses and vulnerabilities popping up for it.
More BS, Windows XP has never crashed on my system.
I have used Macs since the late 80's, and while the latest models are nice I still choose not to act like a mindless fanboy who goes around trolling forums, typing M$ and spreading FUD while praising their Mac like it's some kind of flawless holy creation.
Last edited by 3601 on 15 Dec 2004 - 05:37
Security through obscurity does NOT EXIST. This goes both for Linux and Mac.
http://www.theregister.co.uk/2004/10/22/linux_v_windows_security/
You made my day, thanks!
Simply because patches for Windows XP is a newsworthy event. No one is in interested in reading about patches for MacOS or Linux. It that simple.
Apple issues MacOS patches only slightly less frequently or equivalent to Windows. Linux distributors issue patches far more often. BSD less often. But the truth is, no one really cares to read about these OS'es and their patches.
Last edited by 38808 on 15 Dec 2004 - 11:22
By the way since when do pirates activate??
Security Update for Windows XP (KB873339)
Security Update for Windows XP (KB885835)
Critical Update for Windows XP (KB886185)
Cumulative Update for Outlook Express for Windows XP (KB887797)
Security Update for Windows XP (KB885836)
Outlook Express Update:
Cumulative Update for Outlook Express for Windows XP (KB887797)
Date last published: 12/14/2004
Typical download size: 612 KB
This non-security update helps resolve various issues found in Outlook Express. After you install this item, you may have to restart your computer.
System Requirements
Recommended CPU: Not specified.
Recommended memory: Not specified.
Recommended hard disk space: Not specified.
How to Uninstall
This software update can be removed via Add or Remove Programs in Control Panel.
---------------------
Windows XP SP2 Firewall Update:
http://www.microsoft.com/downloads/details...&displaylang=en
Critical Update for Windows XP (KB886185)
This update helps narrow the definition of the My network, or local subnet, restriction option in the Windows Firewall.
Quick Info
File Name: WindowsXP-KB886185-x86-enu.exe
Download Size: 385 KB
Date Published: 12/13/2004
Version: 886185
Overview
This update helps narrow the definition of the My network, or local subnet, restriction option in the Windows Firewall. This is helpful in situations where the Windows Firewall would consider a large network to be on the local subnet because of how the dial-up software configured the route tables. After you install this item, you may have to restart your computer.
System Requirements
Supported Operating Systems: Windows XP Service Pack 2
Windows XP Media Center Edition with Windows XP Service Pack 2
Windows XP Tablet PC Edition with Windows XP Service Pack 2
Too bad the security flaws exist in the first place. Maybe because i haven't overseen such a large programming effort as Windows is, but I can't see how you can let these type of security issues persist throughout your code like Windows is. But I guess it is ture for all OSes.
Now I guess I had better reboot, this thing has been annoying me to restart for a good 50 minutes.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.