Home > Microsoft Security > Microsoft Security Bulletin Ms01 033

Microsoft Security Bulletin Ms01 033

Patches for consumer platforms are available from the WindowsUpdate web site Other information: Acknowledgments Microsoft thanks Arne Vidstrom ( for reporting this issue to us and working with us to protect Which ISAPI extension is associated with this vulnerability? The ISAPI extension that contains the vulnerability is idq.dll, which provides two types of functions: It provides support for Internet Data Administration (.ida) files, Obtaining other security patches: Patches for other security issues are available from the following locations: Security patches are available from the Microsoft Download Center, and can be most easily found by Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2016 Microsoft © 2016 Microsoft this content

I'm running IIS 4.0. Users can protect themselves by installing the above patch or upgrading to Windows Media Player 7.1, then changing the appropriate settings in their player as outlined below to prevent sets of This means that the attacker would need the ability to log onto the machine interactively and start his program. Support: Microsoft Knowledge Base article Q296576 discusses this issue and will be available approximately 24 hours after the release of this bulletin.

Impact of vulnerability: Potentially run code of attacker's choice. Customers should be aware, however, that subsequently adding or removing system components can cause the mapping to be reinstated, as discussed in the FAQ. IPP provides a way to request printing services and learn the status of print jobs across the Internet via HTTP. Active Stream Redirector (.ASX) is one of the file types supported by Windows Media Player. .ASX files don't actually contain any streaming media - instead, they provide information telling Windows Media

However, it could be possible for two or more web sites to correlate information in order to build a profile of the user. The content you requested has been removed. Word 2001 for Macintosh:Select Help, then About Microsoft Word and verify that the version information reads "Word 9.0.2 (3411)". Knowledge Base articles can be found on the Microsoft Online Support web site.

Disclaimer: The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Do I need to install the patch? Frequently asked questions What's the scope of this vulnerability? Windows 2000 Professional, Server and Advanced Server: Windows 2000 Datacenter Server:Patches for Windows 2000 Datacenter Server are hardware-specific and available from the original equipment manufacturer.

The sole exception is the case of Word 2002; Word 2002 was not affected by the vulnerability discussed in MS01-028, so there is no patch for it in MS01-028. A privacy issue that could enable a malicious set of web sites to uniquely identify visitors through profiling. What causes the vulnerability? However, mutexes, like all objects in Windows NT 4.0, have permissions that regulate how and by whom they can be accessed.

Support for Internet Printing is enabled by default in Windows 2000. This would have the effect of preventing the machine from participating in the network. The vulnerability only occurs if URL redirection is enabled. He could do anything he wished, from modifying web pages, to reconfiguring the server, to reformatting the hard drive.

Caveats: Customers who choose to disable Internet printing rather than install the patch should be aware that group policy can override the settings in the Internet Services Manager. news Recommendation: Customers using affected versions of Word should apply the patch immediately. This patch not only addresses several newly-discovered vulnerabilities, but also includes all previously released patches for IIS 4.0 and IIS 5.0. However, due to an implementation flaw, Windows Media Player actually creates them with a fixed known filename in the user's Temporary Files folder.

In Windows Media Player 6.4, the privacy setting is selected via a new option, which can be reached by going to the menu item View / Options then selecting the layer However, the file download cannot actually begin unless and until the user selects a location to which it should be downloaded, and clicks the OK button. What causes the vulnerability? The vulnerability is the result of an unchecked buffer in an ISAPI Extension associated with Index Server in Windows NT 4.0 and Indexing Service in Windows 2000. have a peek at these guys Yes No Additional feedback? 1500 characters remaining Submit Skip this Thank you!

What causes the vulnerability? Thus, even if indexing were not available on the server, the vulnerability would still be present as long as IIS were running on the machine. However, in most cases even an unprivileged user could add, delete or change data files, run programs, send data to or receive data from a web site, and so forth -

For more information on the Microsoft Security Notification Service please visit

Security Resources: The Microsoft TechNet Security Web Site provides additional information about security in Microsoft products. Localization: Localized versions of this patch are available from the download locations listed in the section titled "Patch Availability". The content you requested has been removed. At this writing, the bulletins discussing these vulnerabilities are: Microsoft Security Bulletin MS01-043Microsoft Security Bulletin MS01-025Microsoft Security Bulletin MS00-084Microsoft Security Bulletin MS00-006There is, however, one exception.

I'm not sure whether Internet Printing is enabled on my system. What could an attacker do via this vulnerability? An attacker could send such a request to a server in an attempt to prevent the server from performing useful service. As a result, we recommend that even customers who have removed the mapping apply the patch as a safeguard. check my blog Web servers should never be members of the larger network's domain.

Customers who have installed Index Server or Index Services but not IIS would not be at risk. So, if IIS is not running on my machine, I'm not affected by the vulnerability? That's correct. What's wrong with the way IIS 4.0 performs URL redirection? Within a web page request is information that says how long the request is. The patch eliminates the vulnerability by correcting the table of MIME types and their associated actions in IE.

The Word 98(J) patch can be installed on systems running Word 98(J) Gold or any Word 98(J) service release. The "Code Red II" worm also has the ability to scan for vulnerable hosts much faster than previous versions, which has already been reported to cause failures in certain network components As a result, if you followed the checklist's recommendations and removed the mapping for the Internet Printing ISAPI, you are not affected by this vulnerability. It's always possible for an e-mail to start a file download, and of course the author of the mail can give the file a name that sounds innocuous.

Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Word 98(J) is a release of Word that is available only in Japanese. Exchange 2000 Servers providing OWA services should consider installing this patch to protect their IIS 5.0 services from this When this bulletin was originally released, it provided a workaround rather While this obviously includes web servers, it's worth noting that IIS 5.0 may be running on other types of servers as well, particularly mail servers running Exchange 2000.

How can I return my system to the state it was in before I applied the workaround?