The Microsoft Security Bulletin Strikes Again!

Question

Microsoft has released a patch for yet another vulnerability it found in all of it's OS's this week!

Answer

This question was answered on July 25, 2003. Much of the information contained herein may have changed since posting.

For the 3rd week in a row Microsoft users are affected by a new critical vulnerability that has been found among two other milder ones

Microsoft OS's (98, 98SE, NT, ME, XP, 2k & 2003 Server) were warned this week of an unchecked buffer in DirectX that could enable a system to be compromised DirectX consists of a set of low-level Application Programming Interfaces (APIs) that are used by Windows programs for multimedia support Within DirectX, the DirectShow technology performs client-

side audio and video sourcing, manipulation, and rendering

To exploit this ulnerability, the attacker would require the ability to send a specially crafted MIDI file designed to exploit this vulnerability and then host it on a Web site or on a network share, or send it by using an HTML-based e-mail Microsoft encourages all customers to review the Security Bulletins to keep optimal security The risk is considered ‘critical’ which is the highest security breach they have

Download locations for this patch:

The patches for all Windows systems are available via:

Windows Update

The complete technical details are posted at the Microsoft web site:

http://www.microsoft.com/technet/security/bulletin/MS03-030.asp</a></b>

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Michal of Data Doctors on July 25, 2003