The Register ®

Biting the hand that feeds IT

The Register » Security » Enterprise Security »

Original URL: http://www.theregister.co.uk/2004/12/15/ms_december_patch_batch/

Five important fixes in MS December patch batch

By John Leyden
Published Wednesday 15th December 2004 11:10 GMT

Microsoft's regular monthly patch delivery slipped into port yesterday carrying five new patches, each described by Redmond as "important".

First up there's a flaw (MS04-041 (http://www.microsoft.com/technet/security/bulletin/ms04-041.mspx)) in WordPad that potentially allows malicious code to be executed. All flavours of Windows (XP, 2000, 2003 and NT) need patching. A vulnerability (MS04-043 (http://www.microsoft.com/technet/security/bulletin/ms04-043.mspx)) in the HyperTerminal component of Windows similarly affects all versions of Windows.

But a security bug in DHCP (Dynamic Host Configuration Protocol) that might allow remote code execution and denial of service affects only Windows NT (MS04-042 (http://www.microsoft.com/technet/security/bulletin/ms04-042.mspx)).

Next up we have Vulnerabilities in Windows Kernel and Local Security Authority Subsystem (LSASS) which create a means for hackers to elevate their privileges (MS04-044 (http://www.microsoft.com/technet/security/bulletin/ms04-044.mspx)). Again all flavours of Windows are affected.

Lastly, there a vulnerability in Windows Internet Naming Service (WINS) that could allow remote code execution (MS04-045 (http://www.microsoft.com/technet/security/bulletin/ms04-045.mspx)).

Buffer overflow bugs are the culprit for almost all of these vulnerabilities.

Microsoft's most important December patch came earlier this month when it broke with its normal cycle to release a fix for the IFRAME vulnerability in IE, infamously exploited by the Bofra worm. Unsurprisingly this fix (MS04-040 (http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx)) is a "critical" update for all versions of Windows bar Win XP SP2 and Windows 2003. ®

Related stories

MS quashes infamous Bofra bug (http://www.theregister.co.uk/2004/12/02/ie_iframe_fix/)
MS debuts 'forthcoming attractions' pre-alert alert (http://www.theregister.co.uk/2004/11/05/ms_alerts/)
Oracle moves to quarterly patch cycle (http://www.theregister.co.uk/2004/11/19/oracle_quarterly_patch/)
Seven critical in MS October patch batch (http://www.theregister.co.uk/2004/10/13/ms_october_patch_batch/)

© Copyright 2008