Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft November Bulletins

Published: 2003-11-11
Last Updated: 2003-11-12 20:46:09 UTC
by Handlers (Version: 1)
0 comment(s)
Microsoft released its first monthly set of bulletins. It covers three critical vulnerabilities:


Cumulative Security Update for Internet Explorer

This patch fixes a lot of older vulnerabilities in Internet Explorer and should be applied without delay. Microsoft rates this issue critical as it allows remote code execution.


Buffer Overrun in the Workstation Service

Another 'remote code execution' issue that should be addressed immediately.


Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run

You need to run Office Update to fix this issue. Microsoft Windows Update will not address Office issues. Microsoft rates this issue as 'Important'. It allows arbitrary code execution via crafted Word or Excel documents. While this is not easily remotely exploitable, it could be used to spread viruses that use social engineering to trick users into opening crafted Word or Excel documents.


Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution

The Microsoft FrontPage Server Extensions are a set of add ons which allow easier integration of Microsoft FrontPage with web servers. The FrontPage Server Extensions are installed at the web server.

0 comment(s)
Diary Archives