Security

Get caught up with cumulative patches from Microsoft and Novell

This week, Microsoft issued downloads to plug holes in Exchange and its Telnet service in Win2K, along with a cumulative IE patch. Novell released patches for ZENworks and iChain, and Trend Micro alerted users to three new viruses.


Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS02-003)
Regarding: Exchange Server 2000
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

When the Microsoft Exchange System Attendant modifies permissions on the Windows Registry, a flaw could allow an unauthorized user to connect remotely to the server's configuration information and make changes.

Microsoft Security Bulletin (MS02-004)
Regarding: Windows 2000 and Interix 2.2
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch for Win2K.
Patch URL: Click here to download the patch for Interix.
Information URL: Click here for more information.

Unchecked buffers exist in the Telnet Servers in both Windows 2000 and Microsoft Interix 2.2. By using this vulnerability, an attacker could cause the Telnet server to fail or could run code on the system.

Microsoft Security Bulletin (MS02-005)
Regarding: Internet Explorer
Date posted: Feb. 11, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch from Microsoft contains all the fixes for any previously discussed vulnerabilities in IE 5.01, 5.5, and 6. It also includes fixes for six newly discovered problems.

Novell issues
Regarding: ZENworks for Desktops
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This is a cumulative patch for ZENworks for Desktops 3.2. It contains fixes for all known issues since the product shipped. This particular version of the patch is for servers running NetWare 5.x and 6.

Regarding: ZENworks for Desktops
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This is the same cumulative patch as the one described above, but it's intended for servers running NetWare 4.x.

Regarding: ZENworks for Desktops
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

Novell provides only a brief description of this bug fix: "Fixes failure taking snapshot of Access 97 on Japanese Windows 2000."

Regarding: iChain 2.0
Date posted: Feb. 8, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This cumulative patch for iChain 2.0, known as Field Patch 3, is intended to repair all bugs found since the product shipped.

Regarding: iChain 1.5
Date posted: Feb. 8, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This version of Field Patch 3 is designed for iChain 1.5. It contains fixes for all issues discovered since iChain Support Pack 1.

Virus updates from Trend Micro
Virus/Worm: TROJ_ICONLIB.A
Posted: Feb. 8, 2002
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_REXLI.A
Posted: Feb. 8, 2002
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: VBS_THEGAME.A
Posted: Feb. 9, 2002
Risk: Low
Information URL: Click here for more information on this virus.

Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS02-003)
Regarding: Exchange Server 2000
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

When the Microsoft Exchange System Attendant modifies permissions on the Windows Registry, a flaw could allow an unauthorized user to connect remotely to the server's configuration information and make changes.

Microsoft Security Bulletin (MS02-004)
Regarding: Windows 2000 and Interix 2.2
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch for Win2K.
Patch URL: Click here to download the patch for Interix.
Information URL: Click here for more information.

Unchecked buffers exist in the Telnet Servers in both Windows 2000 and Microsoft Interix 2.2. By using this vulnerability, an attacker could cause the Telnet server to fail or could run code on the system.

Microsoft Security Bulletin (MS02-005)
Regarding: Internet Explorer
Date posted: Feb. 11, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch from Microsoft contains all the fixes for any previously discussed vulnerabilities in IE 5.01, 5.5, and 6. It also includes fixes for six newly discovered problems.

Novell issues
Regarding: ZENworks for Desktops
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This is a cumulative patch for ZENworks for Desktops 3.2. It contains fixes for all known issues since the product shipped. This particular version of the patch is for servers running NetWare 5.x and 6.

Regarding: ZENworks for Desktops
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This is the same cumulative patch as the one described above, but it's intended for servers running NetWare 4.x.

Regarding: ZENworks for Desktops
Date posted: Feb. 7, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

Novell provides only a brief description of this bug fix: "Fixes failure taking snapshot of Access 97 on Japanese Windows 2000."

Regarding: iChain 2.0
Date posted: Feb. 8, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This cumulative patch for iChain 2.0, known as Field Patch 3, is intended to repair all bugs found since the product shipped.

Regarding: iChain 1.5
Date posted: Feb. 8, 2002
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This version of Field Patch 3 is designed for iChain 1.5. It contains fixes for all issues discovered since iChain Support Pack 1.

Virus updates from Trend Micro
Virus/Worm: TROJ_ICONLIB.A
Posted: Feb. 8, 2002
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_REXLI.A
Posted: Feb. 8, 2002
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: VBS_THEGAME.A
Posted: Feb. 9, 2002
Risk: Low
Information URL: Click here for more information on this virus.

Editor's Picks