«
»

Scaremongering

*sigh* Stories like this are really, really, counterproductive.

Here is the list of security issues fixed in SP2. These are real issues, many with exploits in the wild:

  • MS04-025 (867801) – Cumulative Security Update for Internet Explorer
  • MS04-024 (839645) – Vulnerability in Windows Shell Could Allow Remote Code Execution
  • MS04-023 (840315) – Vulnerability in HTML Help Could Allow Code Execution
  • MS04-022 (841873) – Vulnerability in Task Scheduler Could Allow Code Execution
  • MS04-018 (823353) – Cumulative Security Update for Outlook Express
  • MS04-016 (839643) – Vulnerability in DirectPlay Could Allow Denial of Service
  • MS04-015 (840374) – Vulnerability in Help and Support Center Could Allow Remote Code Execution
  • MS04-014 (837001) – Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution
  • MS04-013 (837009) – Cumulative Security Update for Outlook Express
  • MS04-012 (828741) – Cumulative Update for Microsoft RPC/DCOM
  • MS04-011 (835732) – Security Update for Microsoft Windows
  • MS04-007 (828028) – ASN.1 Vulnerability Could Allow Code Execution
  • MS04-004 (832894) – Cumulative Security Update for Internet Explorer
  • MS04-003 (832483) – Buffer Overrun in MDAC Function Could Allow Code Execution
  • MS03-049 (828749) – Buffer Overrun in the Workstation Service Could Allow Code Execution
  • MS03-048 (824145) – Cumulative Security Update for Internet Explorer
  • MS03-045 (824141) – Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution
  • MS03-044 (825119) – Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise
  • MS03-043 (828035) – Buffer Overrun in Messenger Service Could Allow Code Execution
  • MS03-041 (823182) – Vulnerability in Authenticode Verification Could Allow Remote Code Execution
  • MS03-040 (828750) – Cumulative Patch for Internet Explorer
  • MS03-039 (824146) – Buffer Overrun in RPCSS Service Could Allow Code Execution
  • MS03-034 (824105) – Flaw in NetBIOS Could Lead to Information Disclosure
  • MS03-032 (822925) – Cumulative Patch for Internet Explorer
  • MS03-030 (819696) – Unchecked Buffer in DirectX Could Enable System Compromise
  • MS03-027 (821557) – Unchecked Buffer in Windows Shell Could Enable System Compromise
  • MS03-026 (823980) – Buffer Overrun in RPC Interface Could Allow Code Execution
  • MS03-024 (817606) – Buffer Overrun in Windows Could Lead to Data Corruption
  • MS03-023 (823559) – Buffer Overrun in HTML Converter Could Allow Code Execution
  • MS03-021 (819639) – Flaw in Windows Media Player May Allow Media Library Access
  • MS03-020 (818529) – Cumulative Patch for Internet Explorer
  • MS03-018 (811114) – Cumulative Patch for Internet Information Service
  • MS03-015 (813489) – Cumulative Patch for Internet Explorer
  • MS03-014 (330994) – Cumulative Patch for Outlook Express
  • MS03-013 (811493) – Buffer Overrun in Windows Kernel Message Handling Could Lead to Elevated Privileges
  • MS03-010 (331953) – Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks
  • MS03-008 (814078) – Flaw in Windows Script Engine Could Allow Code Execution
  • MS03-007 (815021) – Unchecked Buffer in Windows Component Could Cause Server Compromise
  • MS03-005 (810577) – Microsoft Security Bulletin MS03-005
  • MS03-004 (810847) – Cumulative Patch for Internet Explorer
  • MS03-001 (810833) – Unchecked Buffer in Locator Service Could Lead to Code Execution
  • MS02-072 (329390) – Unchecked Buffer in Windows Shell Could Enable System Compromise
  • MS02-071 (328310) – Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation
  • MS02-070 (329170) – Flaw in SMB Signing Could Enable Group Policy to be Modified
  • MS02-068 (324929) – Cumulative Patch for Internet Explorer
  • MS02-066 (328970) – Cumulative Patch for Internet Explorer
  • MS02-063 (329834) – Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks
  • MS02-062 (327696) – Cumulative Patch for Internet Information Service
  • MS02-055 (323255) – Unchecked Buffer in Windows Help Facility Could Enable Code Execution

People should apply this NOW. Stories spreading FUD about it are irresponsible.

This entry was posted on Thursday, August 12th, 2004 at 11:49 am and is filed under computers. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply