Return to My location's details | All Locations

The Microsoft Security Bulletin Strikes Again!

Question

Microsoft has released a patch for yet another vulnerability it found in all of it's OS's this week!

Answer

This question was answered on July 25, 2003. Much of the information contained herein may have changed since posting.

For the 3rd week in a row Microsoft users are affected by a new critical vulnerability that has been found among two other milder ones.

Microsoft OS's (98, 98SE, NT, ME, XP, 2k & 2003 Server) were warned this week of an unchecked buffer in DirectX that could enable a system to be compromised. DirectX consists of a set of low-level Application Programming Interfaces (APIs) that are used by Windows programs for multimedia support. Within DirectX, the DirectShow technology performs client-

side audio and video sourcing, manipulation, and rendering.

To exploit this ulnerability, the attacker would require the ability to send a specially crafted MIDI file designed to exploit this vulnerability and then host it on a Web site or on a network share, or send it by using an HTML-based e-mail. Microsoft encourages all customers to review the Security Bulletins to keep optimal security. The risk is considered ‘critical’ which is the highest security breach they have.

Download locations for this patch:

The patches for all Windows systems are available via:

Windows Update

The complete technical details are posted at the Microsoft web site:

<a href="http://www.microsoft.com/technet/security/bulletin/MS03-030.asp"> http://www.microsoft.com/technet/security/bulletin/MS03-030.asp</a>

Author

Posted by Michal of Data Doctors on July 25, 2003

Data Doctors © 1988-2012 | Privacy | Sitemap | Personal Services | Business Services | Radio Program | Free Help Center | Franchising | About Us