Bulletin Summaries:
September Summary
http://www.microsoft.com/technet/security/Bulletin/ms04-sep.mspx
Critical Bulletins:
MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code
Execution (833987)
http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx
If a user is logged on with administrator privileges, an attacker who
successfully exploited this vulnerability could take complete control of
an affected system, including installing programs; viewing, changing, or
deleting data; or creating new accounts with full privileges. Users
whose accounts are configured to have fewer privileges on the system
would be at less risk than users who operate with administrative privileges.
[Translation if they are running as user mode are at WAY less risk....
see why we keep harping on this?]
<MBSA will NOT scan for ALL affected software on this>
Yes. MBSA does detect if the update for this vulnerability is required
for Office XP, Office 2003, Project 2002, Project 2003, Visio 2002, and
Visio 2003. However, MBSA does not currently support the detection of
several of the programs that are listed in the Affected Software and
Affected Components section of this security bulletin. For detailed
information about the programs that MBSA currently does not detect, see
Microsoft Knowledge Base Article 306460. If you have installed any of
the programs that are listed in the Affected Software and Affected
Components section of this security bulletin you may have to manually
determine if you have to install the required update. For example, a
Windows 2000 or Windows NT 4.0 system that has installed Internet
Explorer 6 Service Pack 1 will need to install the Internet Explorer 6
Service Pack 1 security update and MBSA will not detect the missing
update in these configurations. Also, MBSA cannot use the Office
Detection Tool to scan remote systems, it will only use this tool to
scan a system locally for required security updates. For more
information about MBSA, visit the MBSA Web site.
Important Bulletins:
MS04-027 - Vulnerability in WordPerfect Converter Could Allow Code
Execution (884933)
http://www.microsoft.com/technet/security/Bulletin/MS04-027.mspx
<MBSA will scan for this>
If a user is logged on with administrative privileges, an attacker who
successfully exploited this vulnerability could take complete control of
an affected system, including installing programs; viewing, changing, or
deleting data; or creating new accounts with full privileges. Users
whose accounts are configured to have fewer privileges on the system
would be at less risk than users who operate with administrative
privileges. However, user interaction is required to exploit this
vulnerability.
<cough> See. What did I tell ya! Get rid of admin rights!
--
http://www.sbslinks.com/really.htm