Microsoft Issues Three New Security Bulletins | eWeek

Microsoft Issues Three New Security Bulletins

Écrit par
eWEEK EDITORS
eWEEK EDITORS
Jan 13, 2004
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

As part of its monthly security-bulletin update, Microsoft released on Tuesday three new security updates.

One bulletin pertains to a breach in Microsofts Internet Security and Acceleration Server 2000 that could allow an attacker to run arbitrary code on a users system. Specifically, the ISA vulnerability is triggered by a filter in the Microsoft Firewall Service that does not perform proper boundary checks.

Microsoft characterized this update as “critical.” The ISA 2000 patch is available for download here.

A second security bulletin covers a hole in Exchange Server 2003 where an Outlook Web Access user could randomly access another users mailbox. To remedy the problem, Microsoft is telling users to install an update on all their front-end Microsoft Exchange 2003 servers.

Microsoft deemed this update “moderate” in importance. The Exchange 2003 Security Update is available here.

The third bulletin relates to a Windows breach that allows code to be run arbitrarily on a users system. The company said the vulnerability revolves around a collection of components, called Microsoft Data Access components, that provide database connectivity on various Windows releases, including Windows 2000, Windows XP, Windows Server 2003.

Microsoft characterized this update as “important.” More information about the Microsoft Data Access components is available here.

Finally, Microsoft also reissued Bulletin MS03-045, designed to correct a flaw in the Thai, Hebrew and Arabic versions of nearly all versions of Windows, involving a buffer overrun problem. Microsoft issued the original bulletin in October.

The company marked this patch as an “important” update. The Buffer Overrun Update is available here.

Also on Tuesday, the company released to its Windows Update site a new worm removal tool aimed primarily at home users to help them remove lurking Blaster and Nachi worms from their Windows 2000 and Windows XP systems. Microsoft released this tool to its Download Center last week.

Microsoft makes all its security bulletins available on its Microsoft Security site. The company said it has scheduled several Webcasts over the next couple of weeks to provide particulars about its latest security bulletins.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.