April 13, 2004
Today Microsoft released the following Security Bulletins.
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY
e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summaries:
Windows: http://www.microsoft.com/technet/security/Bulletin/winapr04.mspx
Critical Bulletins:
MS04-011 - Security Update for Microsoft Windows (835732)
http://www.microsoft.com/technet/security/Bulletin/MS04-011.mspx
MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)
http://www.microsoft.com/technet/security/Bulletin/MS04-012.mspx
MS04-013 - Cumulative Security Update for Outlook Express (837009)
http://www.microsoft.com/technet/security/Bulletin/MS04-013.mspx
Important Bulletins:
MS04-014 - Vulnerability in the Microsoft Jet Database Engine Could Allow
Code Execution (837001)
http://www.microsoft.com/technet/security/Bulletin/MS04-014.mspx
Re-Released Bulletins:
The following bulletins have been re-released to advise of the availability
of updates for various versions of Microsoft Exchange Server. Please see the
bottom of each bulletin for revision information.
MS00-082 - Patch Available for 'Malformed MIME Header' Vulnerability
http://www.microsoft.com/technet/security/Bulletin/MS00-082.mspx
MS01-041 - Malformed RPC Request Can Cause Service Failure
http://www.microsoft.com/technet/security/Bulletin/MS01-041.mspx
MS02-011 - Authentication Flaw Could Allow Unauthorized Users To
Authenticate To SMTP Service
http://www.microsoft.com/technet/security/Bulletin/MS02-011.mspx
MS03-046 - Vulnerability in Exchange Server Could Allow Arbitrary Code
Execution (829436)
http://www.microsoft.com/technet/security/Bulletin/MS03-046.mspx
This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.