♦ Password
♦ Mailsetup
♦ Info
♦ Workstations
  ♣ Linux
  ♣ MacOS
♦ E-Mail
♦ Chat
♦ Files
♦ Backups
♦ Printers
♦ Network
♦ Statistics
♦ Downloads
♦ Links
♦ Newsletter
♦ Submit
♦ Search
♦ Linux

  Microsoft Security Bulletin July 2004
Microsoft Posted by Beat Rubischon on Tuesday July 13, @09:38PM
from the no-summer-but-patches dept.
Microsoft has released the Security Bulletin Summary for July 2004. It is a real big bulletin with 2 crtitical, 4 important and 1 moderate problem.
Run Windows Update (with Internet Explorer) on all the Windows workstations and servers to install the security updates.

Following the list of the patches:
  • MS04-022 Vulnerability in Task Scheduler Could Allow Code Execution (841873) critical
  • MS04-023 Vulnerability in HTML Help Could Allow Code Execution (840315) critical
  • MS04-019 Vulnerability in Utility Manager Could Allow Code Execution (842526) important
  • MS04-020 Vulnerability in POSIX Could Allow Code Execution (841872) important
  • MS04-021 Security Update for IIS 4.0 (841373) important
  • MS04-024 Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) important
  • MS04-018 Cumulative Security Update for Outlook Express (823353)

Several problems in Internet Explorer are still open. Please use it only for accessing Windows Update and not for your daily work!

There are also patches for the discontinued NT4 - may be the last ones.

<  |  >


  Related Links
  • Articles on Microsoft
  • Also by Beat Rubischon
  • Contact author
  • The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    FAQ about NT4
    by Beat Rubischon on Wednesday July 14, @10:20AM
    Out of the bulletins:

    I'm still using Microsoft Windows NT 4.0 Workstation Service Pack 6a or Windows 2000 Service Pack 2, but extended security update support ended on June 30, 2004. However, this bulletin has a security update for these operating system versions. Why is that?
    Windows NT 4.0 Workstation Service Pack 6a and Windows 2000 Service Pack 2 have reached the end of their life cycles as previously documented, and Microsoft extended this support to June 30, 2004. However, the end-of-life for the extended support period occurred very recently. In this case, the majority of the steps that are required to address this vulnerability were completed before June 30, 2004. Therefore, we have decided to release security updates for these operating system versions as part of this security bulletin. We do not anticipate doing this for future vulnerabilities affecting these operating system versions, but we reserve the right to produce updates and to make these updates available when necessary.

    So it would be the last patch for NT4 workstations. Be sure to replace or unplug them until the next patch round in August.

    [ Reply to this ]
    The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    © 2003 ISG, Departement Physik, ETH Zürich, <>