Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 21 vulnerabilities that were fixed in 10 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 10 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=AE32474A-CB72-4044-B97F-A2BAD2CD5D97
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=80A543A6-9D5E-4954-80CD-F706F9B284BA
Refer to Microsoft Security Bulletin MS04-029 for further details.
The vulnerability can only be exploited remotely if an attacker can establish a Web session with an affected server.
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=D2C632A7-CD43-466C-A624-D841905CE181
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=6A338C59-3693-4A25-B823-431A5C21A4B7
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0412A361-28C5-45F7-9853-BCDC9D7B2B97
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1F9CA027-B0B8-47DC-BB96-8709E3DB0DF2
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=81CE104D-5257-447C-A2CD-D4D149581D71
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1F9CA027-B0B8-47DC-BB96-8709E3DB0DF2
Refer to Microsoft Security Bulletin MS04-030 for further details.
Microsoft Windows NetDDE is affected by a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly verify the lengths of strings contained within unspecified network messages prior to copying them into finite buffers. The problem presents itself when the affected service receives a malicious network message.
Microsoft Windows NT Server 4.0 Service Pack 6a ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=A5CA71B6-8A5E-4AA9-B34E-7CE5B304CFAC
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0A584B37-291C-4B63-971E-FB35CC361B13
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=80FE311A-B446-43D0-9614-B93112E28294
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=C6EB8FB6-6AAE-48BC-9E4F-271F81361AE0
Microsoft Windows XP 64 Bit Edition Service Pack 1 ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=7754DB47-5D9E-4652-8634-ECF7B9D6786C
Microsoft Windows XP 64 Bit Edition Version 2003 ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0C73C1B4-0E12-49F9-BAB7-606B07BFF569
Microsoft Windows Server 2003 ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=01CFA2F4-19B2-4771-8377-FB633C5BF464
Microsoft Windows Server 2003 64 Bit Edition ? :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0C73C1B4-0E12-49F9-BAB7-606B07BFF569
Refer to Microsoft Security Bulletin MS04-031 for further details.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=533AE5CD-74CE-470A-8916-8E358084497C
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=3B871A96-5F64-4432-920F-FA5760DF683A
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=4A614222-BA0B-4927-856D-D443BBBE1A42
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=715E985B-7929-4BD5-9564-5CFE7D528398
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=99184841-70A8-47C7-9993-44A60E999A40
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=B4E6BBCF-F5B9-4B2D-8BC4-30911CA4FD9C
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=B4E6BBCF-F5B9-4B2D-8BC4-30911CA4FD9C
Refer to Micrsoft Security Bulletin MS04-032 for further details.
Microsoft Office 2000 Software Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=B0C40C24-4DDE-45AF-8433-6DBDDD030C30
Microsoft Office XP Software Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=5E0FADD3-1554-4C43-9B4A-D5E031478892
Microsoft Office 2001 for Mac :
http://www.microsoft.com/downloads/details.aspx?FamilyId=9889BEAE-4771-415D-8070-3E51F4CC7AE3
Microsoft Office v. X for Mac :
http://www.microsoft.com/downloads/details.aspx?FamilyId=148E9283-4DF8-4A75-9671-CC72E6306B84
Refer to Microsoft Security Bulletin MS04-033 for further details.
A buffer overflow vulnerability has been reported to exist in the way that the Compressed (zipped) Folders feature processes compressed files. If the Compressed (zipped) Folder feature processes a malformed compressed file, an internal buffer will be overrun allowing attacker-supplied code to be executed on the system in the security context of the current user. This vulnerability can reportedly also be exploited through HTML email messages or other means that will let an attacker send a malicious file to an unsuspecting user.
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=6B70BA00-56D1-4314-8F53-F8355A6861D3
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=3F6896F3-F055-438D-93CE-CD15F37264CB
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=4B63EF24-D0E4-4005-8E23-2F5EC24BE63F
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0903569E-7F3D-4846-A1DC-78734E77D3A9
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=4B63EF24-D0E4-4005-8E23-2F5EC24BE63F
Refer to Micrsoft Security Bulletin MS04-034 for further details.
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=b53e890d-7d6a-4bb4-8e28-15d661014288
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=d7767455-1ca0-49ea-8f71-76da5d451a07
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=b53e890d-7d6a-4bb4-8e28-15d661014288
Microsoft Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=313BEC77-0845-46D4-BB43-06C792ADB2EA
Microsoft Exchange 2000 Server Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=EDADF98A-0D26-401B-BCB7-E199477A75C2
Refer to Micrsoft Security Bulletin MS04-035 for further details.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0126B7AC-9C78-45C5-8AC7-E0E8CA4B6DEE
Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=54A86560-4A0C-4E2F-A137-D8EE905A674A
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=DCB1CB73-A426-40D8-BD14-B458C7915815
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1A8C4D7A-2F85-4CDD-8CC9-E2E1817403DF
Refer to Micrsoft Security Bulletin MS04-036 for further details.
A remote code execution vulnerability exists in the Program Group Converter because of the way that it handles specially crafted requests. An attacker could exploit this vulnerability by constructing a malicious request that allows remote code execution if a user performed an action such as opening a file attachment or clicking an HTML link. If the user is logged on with administrative privileges, an attacker could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=F8046E83-E151-4AAF-80CB-AD4F31C02EAC
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=2DCC6C99-509D-41A5-A3C7-CAC017D633E1
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=846E7479-133B-45D7-AA69-D9257F1BE178
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=FB93CB07-3A7E-444C-B083-324FC9049B94
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=FF84BCBE-D1E5-4402-8CE4-F8D9966C79D0
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=AB91C7FF-2547-455E-9A6D-82B09373495F
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=5C60CA12-0045-42B7-9F2A-6D433DEDC105&
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=AB91C7FF-2547-455E-9A6D-82B09373495F
Refer to Micrsoft Security Bulletin MS04-037 for further details.
1. CSS Heap Memory Corruption Vulnerability - CAN-2004-0842
2. Similar Method Name Redirection Cross Domain Vulnerability - CAN-2004-0727
3. Install Engine Vulnerability - CAN-2004-0216
4. Drag and Drop Vulnerability - CAN-2004-0839
5. Address Bar Spoofing on Double Byte Character Set Systems Vulnerability - CAN-2004-0844
6. Plug-in Navigation Address Bar Spoofing Vulnerability - CAN-2004-0843
7. Script in Image Tag File Download Vulnerability - CAN-2004-0841
8. SSL Caching Vulnerability - CAN-2004-0845
Internet Explorer 5.01 Service Pack 3 on Windows 2000 SP3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=2D8E8E97-4946-4994-924B-1FB1DC1881BA&displaylang=en
Internet Explorer 5.01 Service Pack 4 on Windows 2000 SP4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=72DBE239-AF0A-42B5-B88C-A00371F6EC81&displaylang=en
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Me :
http://www.microsoft.com/downloads/details.aspx?FamilyId=BE27F77C-3C2D-45F1-86DF-2B71799DA169&displaylang=en
Internet Explorer 6 on Windows XP :
http://www.microsoft.com/downloads/details.aspx?FamilyId=A89CFBE8-C299-415D-A9D6-7CC6429C547D&displaylang=en
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, on Microsoft Windows XP, or on Microsoft Windows XP Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=7C1404E6-F5D4-4FED-9573-DD83F2DFF074&displaylang=en
Internet Explorer 6 Service Pack 1 on Microsoft Windows NT Server 4.0 Service Pack 6a, on Microsoft Windows NT Server 4.0 Terminal Service Edition Service Pack 6, on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Me :
http://www.microsoft.com/downloads/details.aspx?FamilyId=DE8D94C4-7F58-4CE7-B8BD-51CFD795B03E&displaylang=en
Internet Explorer 6 for Windows XP Service Pack 1 (64 Bit Edition) :
http://www.microsoft.com/downloads/details.aspx?FamilyId=C05103E8-4402-4D54-BA03-FBBC24142E4D&displaylang=en
Internet Explorer 6 for Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98-49AD-A61F-4F82A4014412&displaylang=en
Internet Explorer 6 for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513-4E30-A3EA-87D4BF7F9730&displaylang=en
For a complete list of patch download links, please refer to Micrsoft Security Bulletin MS04-038.
These new vulnerability checks are included in Qualys vulnerability signature 1.9.52-5. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.