Microsoft Posts 2 Security Bulletins -- Redmond Channel Partner

Microsoft Posts 2 Security Bulletins

By Scott Bekker
February 06, 2003

Microsoft posted a "critical" cumulative patch fixing two new vulnerabilities affecting Internet Explorer. Microsoft also put out a separate patch for an "important" security problem in Windows XP.

The IE flaws involve incomplete security checking in IE's cross-domain security model that is designed to keep windows of different domains from sharing information. The vulnerabilities could allow an attacker to execute commands on a user's system, according to Microsoft security bulletin (MS03-004) issued Wednesday night.

One of the flaws affects IE versions 5.01, 5.5 and 6.0. The other affects versions 5.5 and 6.0 only.

An attacker wanting to exploit the flaw would have to host a malicious Web site and lure users to it.

The other bulletin issued Wednesday night, (MS03-005), could result in local elevation of privileges for Windows XP users with an ability to interactively log on to a machine.

Microsoft says the vulnerability, which affects both the 32-bit and 64-bit versions of the operating system, is only of concern for machines that are shared among users.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Free Webcast! Learn about Password Management Best Practices

Featured

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
Microsoft to Shut Down Skype Services

Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.
Big Blue To Acquire Datastax in Enterprise AI Play

In a bid to bolster its enterprise-aimed AI capabilities, IBM is planning to acquire Datastax, a leading AI and data solutions provider, for an undisclosed amount.
Microsoft Confirms End of HoloLens Mixed Reality Hardware

Microsoft officially announced this week that it is discontinuing its HoloLens mixed reality hardware, marking the end of its efforts in the space.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

Microsoft Posts 2 Security Bulletins

Featured

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft to Shut Down Skype Services

Big Blue To Acquire Datastax in Enterprise AI Play

Microsoft Confirms End of HoloLens Mixed Reality Hardware

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

The Rise of the Channel Toolsmith: How Vendors Became MSP Enablers

Big Blue To Acquire Datastax in Enterprise AI Play

Microsoft to Shut Down Skype Services

Microsoft Confirms End of HoloLens Mixed Reality Hardware

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

The Rise of the Channel Toolsmith: How Vendors Became MSP Enablers

Big Blue To Acquire Datastax in Enterprise AI Play

Microsoft to Shut Down Skype Services

Microsoft Confirms End of HoloLens Mixed Reality Hardware

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Future-Proofing Tax Strategy Amid Global Challenges with Vertex O-Series Cloud

Tech Talk | What Keeps MSPs Up at Night? Addressing Key Risks and Building Resilience

Unlocking a New Era of Tax Automation within Microsoft Dynamics 365: Introducing Vertex's API-Based Tax Integration

Unlocking Revenue Growth with Vertex and Microsoft: A Winning Partnership

FREE WHITE PAPERS FROM OUR SPONSORS

Unlock the benefits of Microsoft Azure partnership

How Retailers Can Overcome 7 Common Tax Compliance Challenges

Tax Challenges Affecting the Manufacturing Industry

Data Analytics Drive Supply Chain Optimization