Author Topic: Microsoft Security Bulletins  (Read 4306 times)

Arne

  • Administrator
  • Hero Member
  • *****
  • Posts: 778
    • ICQ Messenger - 1448105
    • AOL Instant Messenger - aflaaten
    • Yahoo Instant Messenger - arneflaa
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« on: March 05, 2002, 07:09:45 PM »
MS02-013 04 March 2002 Cumulative VM Update

MS02-014 Unchecked Buffer in Windows Shell Could Lead to Code Execution

MS02-015 28 March 2002 Cumulative Patch for Internet Explorer

MS02-016 Opening Group Policy Files for Exclusive Read Blocks Policy Application (Q318593)


MS02-017 Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution (Q311967)


MS02-018 Cumulative Patch for Internet Information Services (Q319733)

MS02-019 Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309)

MS02-020 SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)

MS02-021 E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804)

MS02-022 Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)

MS02-023 15 May 2002 Cumulative Patch for Internet Explorer (Q321232)

MS02-024 Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206)


Best wishes
Arne
Imici username: Arne
Best wishes
Arne
Imici username= Arne

Arne

  • Administrator
  • Hero Member
  • *****
  • Posts: 778
    • ICQ Messenger - 1448105
    • AOL Instant Messenger - aflaaten
    • Yahoo Instant Messenger - arneflaa
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #1 on: April 03, 2002, 05:54:22 PM »
Security Bulletin  
MS02-015


 This is a cumulative patch that includes the functionality of all
previously released patches for IE 5.01, 5.5 and IE 6. In addition,
it eliminates the following two newly discovered vulnerabilities:

- A vulnerability in the zone determination function that could
allow a script embedded in a cookie to be run in the Local
Computer zone. While HTML scripts can be stored in cookies,
they should be handled in the same zone as the hosting site
associated with them, in most cases the Internet zone. An
attacker could place script in a cookie that would be saved
to the user's hard disk. When the cookie was opened by the
site the script would then run in the Local Computer zone,
allowing it to run with fewer restrictions than it would
otherwise have.

Patch makes CookiePal usesless in non-english ĶE
Best wishes
Arne
Imici username: Arne
Best wishes
Arne
Imici username= Arne

altosax

  • Moderator
  • Sr. Member
  • *****
  • Posts: 328
    • ICQ Messenger -
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #2 on: April 03, 2002, 07:45:33 PM »

hi all,
this reply to arne message to let you know that, according to the register, that patch don't works.

here is the link:

http://www.theregister.co.uk/content/4/24667.html

regards,
altosax.

 
 

sidki3003

  • Sr. Member
  • ****
  • Posts: 476
    • ICQ Messenger -
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #3 on: April 05, 2002, 06:41:32 PM »
To Arne: Are you sure about CookiePal and Danish?
I use IE5SP2 German under 98SE and IE6 English under XP. Both with the latest patches. It works.
Did you see the latest CookiePal version 1.7b?
Under "Configure" there are two new options:

Use IE6 internal cookie handling (recommended)
Use IE6 internal filters

If checked, CookiePal won't use the IE6 messagebox anymore. Rather it will talk to IE directly.
The only drawback is that you won't here any "Yam" anymore
and the accepted/rejected stats remain empty.


 
 

Arne

  • Administrator
  • Hero Member
  • *****
  • Posts: 778
    • ICQ Messenger - 1448105
    • AOL Instant Messenger - aflaaten
    • Yahoo Instant Messenger - arneflaa
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #4 on: April 05, 2002, 09:15:48 PM »
It is 1.7d. And it is completely useless. I can view and delete the cookies in my  folder, but CookiePal has no control over what comes in anymore. I wrote about it to the company but have heard nothing.


Best wishes
Arne
Imici username: Arne
Best wishes
Arne
Imici username= Arne

Arne

  • Administrator
  • Hero Member
  • *****
  • Posts: 778
    • ICQ Messenger - 1448105
    • AOL Instant Messenger - aflaaten
    • Yahoo Instant Messenger - arneflaa
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #5 on: April 06, 2002, 10:32:48 AM »
I finally fixed my problem. In my despiration I downloaded this *** patch again. This time for the English version of IE6, which I do not have, and installed it. I wanted to try this before I went to one of my other machines and copy the files involved from there. And after a few protests from my machine, CookiePal works again. Nice, but now I have a mix of English and Danish, but who cares?

Best wishes
Arne
Imici username: Arne
Best wishes
Arne
Imici username= Arne

sidki3003

  • Sr. Member
  • ****
  • Posts: 476
    • ICQ Messenger -
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #6 on: April 06, 2002, 11:19:55 AM »


 
 

sidki3003

  • Sr. Member
  • ****
  • Posts: 476
    • ICQ Messenger -
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #7 on: July 25, 2002, 10:18:22 PM »
Good news for Arne :

quote:

Cookie Pal 1.7c

Improvements

Cookie Pal now has the Windows XP look and feel when running on Windows XP.
Cookie Pal now provides built in support for the Danish version of Internet Explorer 6.
Opera privacy settings are not modified by Cookie Pal if the user has chosen not to monitor the Opera browser for cookies.
Bug Fixes

Expiration dates for non-English versions of Internet Explorer could be incorrectly interpreted as session cookies.



http://www.kburra.com/cphist.html

sidki

 
 

Arne

  • Administrator
  • Hero Member
  • *****
  • Posts: 778
    • ICQ Messenger - 1448105
    • AOL Instant Messenger - aflaaten
    • Yahoo Instant Messenger - arneflaa
    • View Profile
    • http://
    • Email
Microsoft Security Bulletins
« Reply #8 on: July 25, 2002, 10:25:18 PM »
Jeg am meget happy (mixed Danish and English) LOL. Thank you for the info. Maybe I can remember how to get back to one language.

Best wishes
Arne
Imici username= Arne
Best wishes
Arne
Imici username= Arne