As Promised: Microsoft’s 5 Windows Security Updates   - 1,694 Views, 1 Comment

Summary: As Aunty promised, here is the rundown on the five... count 'em... five security updates which Microsoft just released for Windows users and administrators: 1. Vulnerability in WordPad According to the Microsoft site, the vulnerabilty in WordPad allows an attacker to "take complete control ...

Previous Article « Coming Soon to an Internet Near You - the Library!
Read Next Article » Deep Undercover, a Reporter Learns that Unsubscribing from Spam Works!

  Follow Anne on Twitter     Friend Anne on Facebook

As Aunty promised, here is the rundown on the five… count ‘em… five security updates which Microsoft just released for Windows users and administrators:

1. Vulnerability in WordPad

According to the Microsoft site, the vulnerabilty in WordPad allows an attacker to “take complete control of the affected system”. Ouch. There are actually two vulnerabilities in WordPad which allow this, says Microsoft. The “Table Conversion Vulnerability” and the “Font Conversion Vulnerability”.

Various version of Windows NT, 2000, XP, and Windows Server are affected by this vulnerability.

[Note that the links to the full information and security updates appear at the end of this post.]

2. Vulnerability in the Windows Kernal

This is actually a suite of vulnerabilities, if you will, which affects Windows XP, NT, 2000, and Windows Server.

The attacker who exploits these vulnerabilities can have their wicked way with your system, including, says Microsoft, “installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.” Yum!

3. Vulnerability in HyperTerminal

This vulnerability affects…wait for it… XP, NT, 2000, and Windows Server (are you detecting a theme here?)

As with the other vulnerabilities reported above, if someone is able to exploit the HyperTerminal vulnerability, they can take complete control of the system, and create or delete accounts, install programs, etc.. Not a pretty sight.

4. Vulnerability in DHCP

Unlike the above three vulnerabilities, which affect all installations of the affected Windows versions, this vulnerability only affects users who use the Windows DHCP Server service. And, it only affects users using NT Server 4.0 Service Pack 6a and NT Server 4.0 Terminal Server Edition Service Pack 6.

In addition to an attacker who exploits this volunerability successfully being able to take control of the system, unsuccessful attacks on it can result in a denial of service attack (DDOS) on your system, crippling the DHCP server.

And, last but not least…

5. Vulnerability in WINS

WINS is the Windows Internet Naming Service, and this vulnerability affects only those users who are using Windows NT, Windows 2000, and Windows Server. This vulnerability also allows Internet badies to take complete control of the affected system.

If you believe that your system might be affected by any of these vulnarabilities, you or whomever administers your system should update your system right away.

Here are the links to the specific updates:

Link to WordPad Volunerability Information

Link to Windows Kernal Vulnerability Information

Link to HyperTerminal Vulnerability Information

Link to DHCP Server Vulnerability Information

Link to WINS Vulnerability Information

As Promised: Microsoft’s 5 Windows Security Updates

 Follow Anne on Twitter

 Twitter Explained in Plain English

 Friend Anne on Facebook

Previous Article « Coming Soon to an Internet Near You - the Library!
Read Next Article » Deep Undercover, a Reporter Learns that Unsubscribing from Spam Works!

Read more:

»  One Last Windows Security Patch for the Week

»  Microsoft Windows Security Updates for October - 3 Critical!

»  Microsoft Issues 7 Security Updates for Windows, 2 Critical

»  Microsoft Issues 7 Critical Microsoft Windows Updates and Patches - Including an Internet Explorer Update - Patch Your Windows Today!

For additional similar stories check out our archives on Security

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.

 

1 Comment »

  1. As Promised: Microsoft?s 5 Windows Security Updates
    As Aunty promised, here is the rundown on the five? count ?em? five security updates which Microsoft just released for Windows users and administrators: 1. Vulnerability in WordPad According to the Microsoft site, the vulnerabilty in WordPad allows an …

    Trackback by Lockergnome's Windows Fanatics — 12/15/2004 @ 1:07 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)


If you have not posted a comment here before, we apologize for having to ask you to enter the letters and numbers you see in the image above to validate your comment, but we are being attacked by thousands of comment form spams every day! You only need to do this once; once you have successfuly posted a comment here you will not be asked to do this again. Thank you for your understanding!

 
 This article first appeared on 12/15/2004
The Internet Patrol
Patrolling the Internet for You!