Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)
Note to Windows 9x users--This Patch has been deemed "Not Critical" and =
is therefore not available to Win9x users--not even to WinME users. For = those systems to which it "applies", this patch is deemed "Important". = Of course, according to the definitions provided by MS at = http://www.microsoft.com/technet/sec...in/rating.mspx, the only = difference between "Critical" and "Important" is that while the latter = can destroy your system, it can't spread itself like the former can. = Gee, thanks... (I have a request in to those in charge, asking for a bit of elucidation = on the subject.) --=20 Gary S. Terhune MS MVP for Win9x =20 "Emily F [MSFT]" wrote in message = ... Microsoft Security Bulletin MS04-024 Vulnerability in Windows Shell Could Allow Remote Code Execution = (839645) http://www.microsoft.com/technet/sec.../ms04-024.mspx Issued: July 13, 2004 Version: 1.0 Executive Summary: This update resolves a newly-discovered, publicly reported = vulnerability. A remote code execution vulnerability exists in the way that the Windows = Shell launches applications. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control = of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, significant user interaction is required to exploit this = vulnerability. Users whose accounts are configured to have fewer privileges on the = system would be at less risk than users who operate with administrative = privileges. We recommend that customers consider applying the security update. Summary Who should read this document: Customers who use Microsoft=AE = Windows=AE Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Important Recommendation: Customers should install the update at the earliest opportunity. Security Update Replacement: This update replaces MS03-027 on Windows = XP. This update does not replace MS03-027 on Windows NT 4.0, on Windows = 2000, or on Windows Server 2003. Caveats: None Tested Software and Security Update Download Locations: Affected Softwa .Microsoft Windows NT=AE Workstation 4.0 Service Pack 6a - Download = the update .Microsoft Windows NT Server 4.0 Service Pack 6a - Download the update .Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack = 6 - Download the update .Microsoft Windows NT=AE Workstation 4.0 Service Pack 6a and NT Server = 4.0 Service Pack 6a with Active Desktop - Download the update .Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service = Pack 3, Microsoft Windows 2000 Service Pack 4 - Download the update .Microsoft Windows XP and Microsoft Windows XP Service Pack 1 - = Download the update .Microsoft Windows XP 64-Bit Edition Service Pack 1 - Download the = update .Microsoft Windows XP 64-Bit Edition Version 2003 - Download the = update .Microsoft Windows ServerT 2003 - Download the update .Microsoft Windows Server 2003 64-Bit Edition - Download the update .Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) - Review the FAQ section of = this bulletin for details about these operating systems. =20 The software in this list has been tested to determine if the versions = are affected. Other versions either no longer include security update = support or may not be affected. To determine the support lifecycle for your = product and version, visit the following Microsoft Support Lifecycle Web site. =20 |
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)
"Gary S. Terhune" wrote in message ... Note to Windows 9x users--This Patch has been deemed "Not Critical" and is therefore not available to Win9x users--not even to WinME users. For those systems to which it "applies", this patch is deemed "Important". Of course, according to the definitions provided by MS at http://www.microsoft.com/technet/sec...in/rating.mspx, the only difference between "Critical" and "Important" is that while the latter can destroy your system, it can't spread itself like the former can. Gee, thanks... (I have a request in to those in charge, asking for a bit of elucidation on the subject.) Elucidation, is that like the lightning storm I see outside now??? -- Gary S. Terhune MS MVP for Win9x "Emily |
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)
Considering the likelihood of a quick and definitive response, the =
comparison could only be characterized as "remotely similar" sigh --=20 Gary S. Terhune MS MVP for Win9x =20 "Buffalo" wrote in message = news:_H1Jc.50447$WX.45051@attbi_s51... =20 "Gary S. Terhune" wrote in message ... Note to Windows 9x users--This Patch has been deemed "Not Critical" = and is therefore not available to Win9x users--not even to WinME users. For = those systems to which it "applies", this patch is deemed "Important". Of = course, according to the definitions provided by MS at http://www.microsoft.com/technet/sec...in/rating.mspx, the = only difference between "Critical" and "Important" is that while the latter = can destroy your system, it can't spread itself like the former can. Gee, thanks... =20 (I have a request in to those in charge, asking for a bit of = elucidation on the subject.) =20 Elucidation, is that like the lightning storm I see outside now??? =20 --=20 Gary S. Terhune MS MVP for Win9x =20 "Emily =20 |
All times are GMT +1. The time now is 01:21 PM. |
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Win98Banter.com