Security

Microsoft releases a critical patch for Windows 98/Me/XP

Microsoft's Universal Plug and Play functionality in Windows Me and XP needs an important patch. Find out about it in this week's Exterminator column, along with the latest updates from Novell and Trend Micro's virus reports.


Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS01-059)
Regarding: Microsoft Windows Me, XP, and 9x
Date posted: Dec. 20, 2001
Patch URL: Click the link below to choose the appropriate patch.
Information URL: Click here for more information.

If your computer has Universal Plug and Play (UPnP), you should download this patch immediately. It addresses two UPnP vulnerabilities. The first is a buffer overrun; the second can be used in a denial of service attack. Microsoft has released separate patches for the various versions of Windows.

Microsoft Security Bulletin (MS01-060)
Regarding: Microsoft SQL Server
Date posted: Dec. 20, 2001
Patch URL: Click the link below to choose the appropriate patch.
Information URL: Click here for more information.

Microsoft has discovered two vulnerabilities associated with how SQL Server generates text messages from database queries. Some of the functions are flawed and could cause a buffer overrun, and the second vulnerability could be used to stage a denial of service attack. Microsoft has released a separate patch for each vulnerability.

Novell issues
Regarding: Novell BorderManager Enterprise Edition 3.5, OnDemand
Date posted: Dec. 26, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This download from Novell is the newest version of ADM.NLM for BorderManager 3.5 and 3.6. It replaces the version in Support Pack 2 for BorderManager 3.5. According to Novell, the patch "addresses an abend when multiple methods exist in the Login Policy Object."

Virus updates from Trend Micro
Virus/Worm: WORM_MALDAL.C
Posted: Dec. 20, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_SHOHO.A
Posted: Dec. 21, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_ZOHER.A
Posted: Dec. 26, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_MALDAL.D
Posted: Dec. 29, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Stay current on virus information
Have you been keeping up with the latest virus information and patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

 

Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS01-059)
Regarding: Microsoft Windows Me, XP, and 9x
Date posted: Dec. 20, 2001
Patch URL: Click the link below to choose the appropriate patch.
Information URL: Click here for more information.

If your computer has Universal Plug and Play (UPnP), you should download this patch immediately. It addresses two UPnP vulnerabilities. The first is a buffer overrun; the second can be used in a denial of service attack. Microsoft has released separate patches for the various versions of Windows.

Microsoft Security Bulletin (MS01-060)
Regarding: Microsoft SQL Server
Date posted: Dec. 20, 2001
Patch URL: Click the link below to choose the appropriate patch.
Information URL: Click here for more information.

Microsoft has discovered two vulnerabilities associated with how SQL Server generates text messages from database queries. Some of the functions are flawed and could cause a buffer overrun, and the second vulnerability could be used to stage a denial of service attack. Microsoft has released a separate patch for each vulnerability.

Novell issues
Regarding: Novell BorderManager Enterprise Edition 3.5, OnDemand
Date posted: Dec. 26, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This download from Novell is the newest version of ADM.NLM for BorderManager 3.5 and 3.6. It replaces the version in Support Pack 2 for BorderManager 3.5. According to Novell, the patch "addresses an abend when multiple methods exist in the Login Policy Object."

Virus updates from Trend Micro
Virus/Worm: WORM_MALDAL.C
Posted: Dec. 20, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_SHOHO.A
Posted: Dec. 21, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_ZOHER.A
Posted: Dec. 26, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: WORM_MALDAL.D
Posted: Dec. 29, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Stay current on virus information
Have you been keeping up with the latest virus information and patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

 

Editor's Picks