Skip to content
 
Tips for Tech

Tech Alert Briefing for 7/30/2002

Microsoft Continues to Patch Flawed Software
Microsoft recently released several patches intended to fix software flaws in its SQL server, Windows Media Player, and Exchange server.

SQL 2000 Server
Three flaws within the SQL 2000 Resolution Service were identified as "critical".Two related to buffer-overflow vulnerabilities and the third related to a denial-of-service flaw. The SQL resolution service allows users to host multiple copies of SQL on a single machine by directing users to a specific TCP port.
Service Pack 2 for its SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000

Windows Media Player
A new version of the previously released cumulative patch for Windows Media Player was also updated to include a previously overlooked bug. Patches can be downloaded at:
Microsoft Windows Media Player 6.4
Microsoft Windows Media Player 7.1
Microsoft Windows Media Player for Windows XP

Microsoft Exchange Server
A security vulnerability within Exchange Server 5.5 can allow an attacker to create a set of conditions that causes the Internet Mail Service to overrun its own buffer when it generates the EHLO response.If you are running Exchange Server 5.5, Microsoft recommends you evaluate your computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to your computer and apply the patch only to systems that you determine are at risk of attack. the patch is available in theMicrosoft Exchange 5.5 Service Pack 4.



Previous Tech Alerts:
07/23/02 CERT advisory on PHP
07/15/02 Outlook Users Employing PGP Encryption Program Vulnerable to Hacking
07/11/02 Researchers Report Serious Flaw in IE
06/27/02 Microsoft Releases Critical Patch for Windows Media Player
06/18/02 CERT Warns of Critical Vulnerabilty in Apache Web Server
06/12/02 Sports Fans Beware: World Cup Virus Bounces Around the Net
06/07/02 Dead Man Tell No Passwords
05/31/02 Microsoft Issues Critical Warning Regarding Exchange Server
05/22/02 Microsoft SQL Spida Worm Slows Network Traffic
05/15/02 Virus Hoax 'JDBGMGR.EXE' Spreading Rapidly Thoughout Net
04/25/02 Klez Worm Reels in Banks with its Bait
04/11/02 Ten New Vulnerabilities Discovered in Microsoft IIS Server
04/09/02 New Virus Hoax Circulating Around Net
03/22/02 MyLife.B Virus Makes Its Way Around the Net
03/21/02 Microsoft Updates Its Warning on Critical Windows Vulnerability
03/14/02 New Virus (W32/Fbound-C) Spreading Rapidly in the Wild
03/08/02 Unauthorized E-Mail Scam Attempts to Steer Unwitting Customers to Fraudulent Bank Web Site
03/06/02 Klez-E Worm and W32.Gibe Virus Warnings
03/01/02 CERT Issues Warning on PHP Scripting Language Flaw
02/27/02 CERT Issues Warning on Internet Explorer and Outlook Flaw
02/22/02 SNMP Patches and Detection Tools Available
02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm
02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings
02/13/02 SNMP VULNERABILITY
02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks
02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
01/31/02 Copycat Virus Unleashed
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed

First published on 07/29/2002

Briefing type: 
Tech Talk

Report a problem with this page

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Search Briefings

Briefing Archives