News

Looking Backwards: 3 Security Patches Re-released

Think your organization is up to date on its Microsoft security patches? Then make sure you've reviewed the events of the last week. Since Wednesday evening, Microsoft has re-released three security bulletins for reasons ranging from quality control problems to underestimates of the number of platforms affected by a threat to underestimates of the seriousness of a threat.

The quality control issue involves a Windows XP patch originally issued in April. Bulletin MS03-013 fixed an important flaw allowing a local elevation of privilege in Windows NT 4.0, Windows 2000 and Windows XP. But the medicine was worse than the cure for some customers with Windows XP Service Pack 1, where the patch could cause the system to slow to a crawl. Microsoft reissued the bulletin on Wednesday with a new patch for Windows XP Service Pack 1. The bulletin is available at www.microsoft.com/technet/security/bulletin/MS03-013.asp.

In another reissue, Microsoft put out a new version of bulletin MS03-007 from March. The original bulletin fixed a critical flaw involving WebDAV that only affected Windows 2000. It turns out the underlying flaw is in a core operating system component, ntdll.dll, which exists in both Windows XP and Windows NT 4.0. Fortunately, the flaw is less exposed in those two platforms, where Microsoft gives it an "important" severity rating rather than the "critical" rating for the Windows 2000 issue. Patches for the additional platform can be found at www.microsoft.com/technet/security/bulletin/MS03-007.asp.

On Friday, in a quicker turnaround, Microsoft reissued a bulletin that the company's security team had originally issued on Wednesday. The reason for the re-release is to slightly raise the estimate of the severity of the vulnerability being addressed.

The flaw exists in the ISAPI extension for Windows Media Services, and it gives an attacker a way to execute code on Windows NT 4.0 and Windows 2000. Microsoft originally rated the vulnerability as a "moderate" threat. "Subsequent to that release we have determined that the actions an attacker could take as a result of exploiting this vulnerability could include the ability to execute arbitrary code," Microsoft's bulletin states. Microsoft now rates the flaw "important," which is one rung below "critical." The patch for the vulnerability is unchanged and can be found with the original bulletin: www.microsoft.com/technet/security/bulletin/MS03-019.asp.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.