A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows 98 » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)



 
 
Thread Tools Display Modes
  #1  
Old July 14th 04, 04:34 AM
PA Bear
external usenet poster
 
Posts: n/a
Default Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)

[Crossposting deleted.]

Please note that previous posts in this thread were all crossposted to
several non-Win98 newsgroups.
--
~PA Bear

PCR wrote:
Eee-Yow, three of them!! You will drive Colorado mad! He has forsworn
all Windows Updates!

MS04-018 - Cumulative Security Update for Outlook Express (823353)
http://www.microsoft.com/technet/sec.../ms04-018.mspx

Microsoft Security Bulletin MS04-018
Cumulative Security Update for Outlook Express (823353)

Issued: July 13, 2004
Version: 1.0
Executive Summary:
This update resolves a public vulnerability. A denial of service
vulnerability exists in Outlook Express because of a lack of robust
verification for malformed e-mail headers. The vulnerability is
documented in the Vulnerability Details section of this bulletin. This
update also changes the default security settings for Outlook Express
5.5 Service Pack 2 (SP2). This change is documented in the Frequently
Asked Questions related to this security update section of this bulletin.
If a user is running Outlook Express and receives a specially crafted
e-mail message, Outlook Express would fail. If the preview pane is
enabled, the user would have to manually remove the message, and then
restart Outlook Express to resume functionality.
We recommend that customers consider applying the security update.
Summary
Who should read this document: Customers who use Microsoft® Outlook
Express® Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate
Recommendation: Customers should consider applying the security update.
Security Update Replacement: This bulletin replaces MS04-013: Cumulative
Update for Outlook Express and any prior Cumulative Security Updates for
Outlook Express.
Caveats: None
Tested Software and Security Update Download Locations:
Affected Softwa
.Microsoft Windows NT® Workstation 4.0 Service Pack 6a
.Microsoft Windows NT Server 4.0 Service Pack 6a
.Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
.Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
.Microsoft Windows XP and Microsoft Windows XP Service Pack 1
.Microsoft Windows XP 64-Bit Edition Service Pack 1
.Microsoft Windows XP 64-Bit Edition Version 2003
.Microsoft Windows ServerT 2003
.Microsoft Windows Server 2003 64-Bit Edition
.Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Affected Components:
.Microsoft Outlook Express 5.5 Service Pack 2: Download the Update
.Microsoft Outlook Express 6: Download the Update
.Microsoft Outlook Express 6 Service Pack 1: Download the Update
.Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition): Download
the Update
.Microsoft Outlook Express 6 on Windows Server 2003: Download the Update
.Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition):
Download the Update

The software in this list has been tested to determine if the versions
are affected. Other versions either no longer include security update
support or may not be affected. To determine the support lifecycle for
your product and version, visit the following Microsoft Support
Lifecycle Web site.


  #2  
Old July 14th 04, 07:19 AM
Bill in Co.
external usenet poster
 
Posts: n/a
Default Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)

PA Bear wrote:
[Crossposting deleted.]

PCR wrote:
Eee-Yow, three of them!! You will drive Colorado mad! He has forsworn
all Windows Updates!


Doesn't bother ME, as I haven't downloaded any! YOU are the one that will
have to go mad!! With all of the weekly updates!

And so it goes, The Never Ending Story.....


MS04-018 - Cumulative Security Update for Outlook Express (823353)
http://www.microsoft.com/technet/sec.../ms04-018.mspx

Microsoft Security Bulletin MS04-018
Cumulative Security Update for Outlook Express (823353)

Issued: July 13, 2004
Version: 1.0
Executive Summary:
This update resolves a public vulnerability. A denial of service
vulnerability exists in Outlook Express because of a lack of robust
verification for malformed e-mail headers. The vulnerability is
documented in the Vulnerability Details section of this bulletin. This
update also changes the default security settings for Outlook Express
5.5 Service Pack 2 (SP2). This change is documented in the Frequently
Asked Questions related to this security update section of this

bulletin.
If a user is running Outlook Express and receives a specially crafted
e-mail message, Outlook Express would fail. If the preview pane is
enabled, the user would have to manually remove the message, and then
restart Outlook Express to resume functionality.
We recommend that customers consider applying the security update.
Summary
Who should read this document: Customers who use Microsoft® Outlook
Express® Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate
Recommendation: Customers should consider applying the security update.
Security Update Replacement: This bulletin replaces MS04-013: Cumulative
Update for Outlook Express and any prior Cumulative Security Updates for
Outlook Express.
Caveats: None
Tested Software and Security Update Download Locations:
Affected Softwa
.Microsoft Windows NT® Workstation 4.0 Service Pack 6a
.Microsoft Windows NT Server 4.0 Service Pack 6a
.Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
.Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
.Microsoft Windows XP and Microsoft Windows XP Service Pack 1
.Microsoft Windows XP 64-Bit Edition Service Pack 1
.Microsoft Windows XP 64-Bit Edition Version 2003
.Microsoft Windows ServerT 2003
.Microsoft Windows Server 2003 64-Bit Edition
.Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Affected Components:
.Microsoft Outlook Express 5.5 Service Pack 2: Download the Update
.Microsoft Outlook Express 6: Download the Update
.Microsoft Outlook Express 6 Service Pack 1: Download the Update
.Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition): Download
the Update
.Microsoft Outlook Express 6 on Windows Server 2003: Download the Update
.Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition):
Download the Update

The software in this list has been tested to determine if the versions
are affected. Other versions either no longer include security update
support or may not be affected. To determine the support lifecycle for
your product and version, visit the following Microsoft Support
Lifecycle Web site.



  #3  
Old July 14th 04, 10:59 PM
PA Bear
external usenet poster
 
Posts: n/a
Default Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)

Bill in Co. wrote:
Eee-Yow, three of them!! You will drive Colorado mad! He has forsworn
all Windows Updates!


Doesn't bother ME, as I haven't downloaded any! YOU are the one that
will have to go mad!! With all of the weekly updates!

And so it goes, The Never Ending Story.....


bwaa-ha-ha
  #4  
Old July 15th 04, 12:14 AM
PCR
external usenet poster
 
Posts: n/a
Default Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)

Colorado! There is an MSFT person in this thread! You will end up a
wanted man! BETTER take at least ONE update. By the way, the tilde
problem is fixed!

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR

"Bill in Co." wrote in message
...
| PA Bear wrote:
| [Crossposting deleted.]
|
| PCR wrote:
| Eee-Yow, three of them!! You will drive Colorado mad! He has
forsworn
| all Windows Updates!
|
| Doesn't bother ME, as I haven't downloaded any! YOU are the one
that will
| have to go mad!! With all of the weekly updates!
|
| And so it goes, The Never Ending Story.....
|
|
| MS04-018 - Cumulative Security Update for Outlook Express (823353)
|
http://www.microsoft.com/technet/sec.../ms04-018.mspx
|
| Microsoft Security Bulletin MS04-018
| Cumulative Security Update for Outlook Express (823353)
|
| Issued: July 13, 2004
| Version: 1.0
| Executive Summary:
| This update resolves a public vulnerability. A denial of service
| vulnerability exists in Outlook Express because of a lack of
robust
| verification for malformed e-mail headers. The vulnerability is
| documented in the Vulnerability Details section of this bulletin.
This
| update also changes the default security settings for Outlook
Express
| 5.5 Service Pack 2 (SP2). This change is documented in the
Frequently
| Asked Questions related to this security update section of this
| bulletin.
| If a user is running Outlook Express and receives a specially
crafted
| e-mail message, Outlook Express would fail. If the preview pane is
| enabled, the user would have to manually remove the message, and
then
| restart Outlook Express to resume functionality.
| We recommend that customers consider applying the security update.
| Summary
| Who should read this document: Customers who use Microsoft®
Outlook
| Express® Impact of Vulnerability: Denial of Service
| Maximum Severity Rating: Moderate
| Recommendation: Customers should consider applying the security
update.
| Security Update Replacement: This bulletin replaces MS04-013:
Cumulative
| Update for Outlook Express and any prior Cumulative Security
Updates for
| Outlook Express.
| Caveats: None
| Tested Software and Security Update Download Locations:
| Affected Softwa
| .Microsoft Windows NT® Workstation 4.0 Service Pack 6a
| .Microsoft Windows NT Server 4.0 Service Pack 6a
| .Microsoft Windows NT Server 4.0 Terminal Server Edition Service
Pack 6
| .Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000
Service
| Pack 3, Microsoft Windows 2000 Service Pack 4
| .Microsoft Windows XP and Microsoft Windows XP Service Pack 1
| .Microsoft Windows XP 64-Bit Edition Service Pack 1
| .Microsoft Windows XP 64-Bit Edition Version 2003
| .Microsoft Windows ServerT 2003
| .Microsoft Windows Server 2003 64-Bit Edition
| .Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and
| Microsoft Windows Millennium Edition (Me) - Review the FAQ section
of
| this bulletin for details about these operating systems.
|
| Affected Components:
| .Microsoft Outlook Express 5.5 Service Pack 2: Download the Update
| .Microsoft Outlook Express 6: Download the Update
| .Microsoft Outlook Express 6 Service Pack 1: Download the Update
| .Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition):
Download
| the Update
| .Microsoft Outlook Express 6 on Windows Server 2003: Download the
Update
| .Microsoft Outlook Express 6 on Windows Server 2003 (64 bit
edition):
| Download the Update
|
| The software in this list has been tested to determine if the
versions
| are affected. Other versions either no longer include security
update
| support or may not be affected. To determine the support lifecycle
for
| your product and version, visit the following Microsoft Support
| Lifecycle Web site.
|
|



  #5  
Old July 15th 04, 05:12 AM
Bill in Co.
external usenet poster
 
Posts: n/a
Default Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)

I have no tilde problems! :-)
I did take one update, but only because of an updated dll file that resolved
a *real* problem in page rendering (as was documented by MS).

PCR wrote:
Colorado! There is an MSFT person in this thread! You will end up a
wanted man! BETTER take at least ONE update. By the way, the tilde
problem is fixed!

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR

"Bill in Co." wrote in message
...
PA Bear wrote:
[Crossposting deleted.]

PCR wrote:
Eee-Yow, three of them!! You will drive Colorado mad! He has forsworn
all Windows Updates!


Doesn't bother ME, as I haven't downloaded any! YOU are the one that

will
have to go mad!! With all of the weekly updates!

And so it goes, The Never Ending Story.....


MS04-018 - Cumulative Security Update for Outlook Express (823353)
http://www.microsoft.com/technet/sec.../ms04-018.mspx

Microsoft Security Bulletin MS04-018
Cumulative Security Update for Outlook Express (823353)

Issued: July 13, 2004
Version: 1.0
Executive Summary:
This update resolves a public vulnerability. A denial of service
vulnerability exists in Outlook Express because of a lack of robust
verification for malformed e-mail headers. The vulnerability is
documented in the Vulnerability Details section of this bulletin. This
update also changes the default security settings for Outlook Express
5.5 Service Pack 2 (SP2). This change is documented in the Frequently
Asked Questions related to this security update section of this

bulletin.
If a user is running Outlook Express and receives a specially crafted
e-mail message, Outlook Express would fail. If the preview pane is
enabled, the user would have to manually remove the message, and then
restart Outlook Express to resume functionality.
We recommend that customers consider applying the security update.
Summary
Who should read this document: Customers who use Microsoft® Outlook
Express® Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate
Recommendation: Customers should consider applying the security

update.
Security Update Replacement: This bulletin replaces MS04-013:

Cumulative
Update for Outlook Express and any prior Cumulative Security Updates

for
Outlook Express.
Caveats: None
Tested Software and Security Update Download Locations:
Affected Softwa
.Microsoft Windows NT® Workstation 4.0 Service Pack 6a
.Microsoft Windows NT Server 4.0 Service Pack 6a
.Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack

6
.Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
.Microsoft Windows XP and Microsoft Windows XP Service Pack 1
.Microsoft Windows XP 64-Bit Edition Service Pack 1
.Microsoft Windows XP 64-Bit Edition Version 2003
.Microsoft Windows ServerT 2003
.Microsoft Windows Server 2003 64-Bit Edition
.Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Affected Components:
.Microsoft Outlook Express 5.5 Service Pack 2: Download the Update
.Microsoft Outlook Express 6: Download the Update
.Microsoft Outlook Express 6 Service Pack 1: Download the Update
.Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition): Download
the Update
.Microsoft Outlook Express 6 on Windows Server 2003: Download the

Update
.Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition):
Download the Update

The software in this list has been tested to determine if the versions
are affected. Other versions either no longer include security update
support or may not be affected. To determine the support lifecycle for
your product and version, visit the following Microsoft Support
Lifecycle Web site.



  #6  
Old July 15th 04, 05:49 AM
PCR
external usenet poster
 
Posts: n/a
Default Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)

Uhuh. That is the highest binary digit, one is. Let us hope Emily is
appeased. Anyway, she has stopped throwing them at us.

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR

"Bill in Co." wrote in message
...
| I have no tilde problems! :-)
| I did take one update, but only because of an updated dll file that
resolved
| a *real* problem in page rendering (as was documented by MS).
|
| PCR wrote:
| Colorado! There is an MSFT person in this thread! You will end up a
| wanted man! BETTER take at least ONE update. By the way, the tilde
| problem is fixed!
|
| --
| Thanks or Good Luck,
| There may be humor in this post, and,
| Naturally, you will not sue,
| should things get worse after this,
| PCR
|

| "Bill in Co." wrote in message
| ...
| PA Bear wrote:
| [Crossposting deleted.]
|
| PCR wrote:
| Eee-Yow, three of them!! You will drive Colorado mad! He has
forsworn
| all Windows Updates!
|
| Doesn't bother ME, as I haven't downloaded any! YOU are the one
that
| will
| have to go mad!! With all of the weekly updates!
|
| And so it goes, The Never Ending Story.....
|
|
| MS04-018 - Cumulative Security Update for Outlook Express
(823353)
|
http://www.microsoft.com/technet/sec.../ms04-018.mspx
|
| Microsoft Security Bulletin MS04-018
| Cumulative Security Update for Outlook Express (823353)
|
| Issued: July 13, 2004
| Version: 1.0
| Executive Summary:
| This update resolves a public vulnerability. A denial of service
| vulnerability exists in Outlook Express because of a lack of
robust
| verification for malformed e-mail headers. The vulnerability is
| documented in the Vulnerability Details section of this
bulletin. This
| update also changes the default security settings for Outlook
Express
| 5.5 Service Pack 2 (SP2). This change is documented in the
Frequently
| Asked Questions related to this security update section of this
| bulletin.
| If a user is running Outlook Express and receives a specially
crafted
| e-mail message, Outlook Express would fail. If the preview pane
is
| enabled, the user would have to manually remove the message, and
then
| restart Outlook Express to resume functionality.
| We recommend that customers consider applying the security
update.
| Summary
| Who should read this document: Customers who use Microsoft®
Outlook
| Express® Impact of Vulnerability: Denial of Service
| Maximum Severity Rating: Moderate
| Recommendation: Customers should consider applying the security
| update.
| Security Update Replacement: This bulletin replaces MS04-013:
| Cumulative
| Update for Outlook Express and any prior Cumulative Security
Updates
| for
| Outlook Express.
| Caveats: None
| Tested Software and Security Update Download Locations:
| Affected Softwa
| .Microsoft Windows NT® Workstation 4.0 Service Pack 6a
| .Microsoft Windows NT Server 4.0 Service Pack 6a
| .Microsoft Windows NT Server 4.0 Terminal Server Edition Service
Pack
| 6
| .Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000
Service
| Pack 3, Microsoft Windows 2000 Service Pack 4
| .Microsoft Windows XP and Microsoft Windows XP Service Pack 1
| .Microsoft Windows XP 64-Bit Edition Service Pack 1
| .Microsoft Windows XP 64-Bit Edition Version 2003
| .Microsoft Windows ServerT 2003
| .Microsoft Windows Server 2003 64-Bit Edition
| .Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and
| Microsoft Windows Millennium Edition (Me) - Review the FAQ
section of
| this bulletin for details about these operating systems.
|
| Affected Components:
| .Microsoft Outlook Express 5.5 Service Pack 2: Download the
Update
| .Microsoft Outlook Express 6: Download the Update
| .Microsoft Outlook Express 6 Service Pack 1: Download the Update
| .Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition):
Download
| the Update
| .Microsoft Outlook Express 6 on Windows Server 2003: Download
the
| Update
| .Microsoft Outlook Express 6 on Windows Server 2003 (64 bit
edition):
| Download the Update
|
| The software in this list has been tested to determine if the
versions
| are affected. Other versions either no longer include security
update
| support or may not be affected. To determine the support
lifecycle for
| your product and version, visit the following Microsoft Support
| Lifecycle Web site.
|
|


 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft Security Bulletin MS04-024 - Vulnerability in Window The Unknown P General 4 July 15th 04 02:20 AM
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) Gary S. Terhune General 2 July 14th 04 05:06 AM
Microsoft Security Bulletin MS04-023--Please Note! Gary S. Terhune General 4 July 14th 04 04:39 AM


All times are GMT +1. The time now is 03:33 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.