Home > Microsoft Security > Microsoft Security Bulletin Ms05-041

Microsoft Security Bulletin Ms05-041

Extended security update support for Microsoft Windows NT Workstation 4.0 Service Pack 6a and Windows 2000 Service Pack 2 ended on June 30, 2004. Note SMS uses the Microsoft Baseline Security Analyze, Microsoft Office Detection Tool, and the Enterprise Update Scanning Tool to provide broad support for security bulletin update detection and deployment. For additional information, click the following article number to view the article in the Microsoft Knowledge Base: 322389 How to Obtain the Latest Windows XP Service Pack Inclusion in future service Restart Requirement You must restart your system after you apply this security update. weblink

For information about how to disable Remote Desktop manually, visit the following Web site. The update removes the vulnerability by modifying the way that MSDTC validates TIP requests. Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP5\KB896358\Filelist Note This registry key may Windows NT Workstation 4.0 Service Pack 6a, Windows NT Server 4.0 Service Pack 6a, Windows 2000 Service Pack 2, and Windows 2000 Service Pack 3 have reached the end of their https://technet.microsoft.com/en-us/library/security/ms05-041.aspx

When you view the file information, it is converted to local time. What might an attacker use the vulnerability to do? If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. Also, in certain cases, files may be renamed during installation.

  1. It is robust despite system failures, process failures, and communication failures; it exploits loosely coupled systems to provide scalable performance; and it is easy to install, configure, and manage.
  2. For customers who require the affected component, firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.
  3. You can enable advanced TCP/IP filtering to block all unsolicited inbound traffic.
  4. Microsoft has provided information about how you can help protect your PC.

The Security Update Inventory Tool can be used by SMS for detecting security updates that are offered by Windows Update, that are supported by Software Update Services, and other security updates This is the same as unattended mode, but no status or error messages are displayed. For contact information, visit the Microsoft Worldwide Information Web site, select the country, and then click Go to see a list of telephone numbers. For more information about the Microsoft Support Lifecycle policies for these operating systems, visit the following Web site.

In the Search Results pane, click All files and folders under Search Companion. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. Automatic detection of intranet sites is disabled. What causes the vulnerability?

Protect Your PC: Microsoft has provided information about how you can help protect your PC at the following locations: End-users can visit the Protect Your PC Web site. Click Start, and then click Search. This is the same as unattended mode, but no status or error messages are displayed. For more information about the Update.exe installer, visit the Microsoft TechNet Web site.

Note Depending on the version of the operating system or programs installed, some of the files that are listed in the file information table may not be installed. More hints Administrators can use the inventory capabilities of the SMS in these cases to target updates to specific systems. For more information about MBSA, visit the MBSA Web site.Can I use the Microsoft Baseline Security Analyzer (MBSA) 2.0 to determine whether this update is required?Yes. Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry.

By default, Authenticode prompts a user prior to the installation of an ActiveX control. have a peek at these guys For information about Internet Protocol Security (IPsec), visit the following Web site. A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. On Windows XP Service Pack 1 and Windows Server 2003, an attacker must be able to log on locally to a system and run a program to try to exploit the

For information about disabling DCOM, see Microsoft Knowledge Base Article 825750. In which Microsoft products is RDP implemented? Using this switch may cause the installation to proceed more slowly. check over here This is a new registry key on Windows 2000.

Click the Exceptions tab. The dates and times for these files are listed in coordinated universal time (UTC). Blocking them at the firewall will help protect systems that are behind that firewall from attempts to exploit this vulnerability.

For more information, see the Windows Operating System Product Support Lifecycle FAQ.

Administrators should use one of the supported methods to verify the installation was successful when they use the /quiet switch. If you cannot disable the Windows Firewall exception for Remote Desktop, you may be able to reduce the scope of this vulnerability by setting the default value of All computers (Including No user interaction is required, but installation status is displayed. If they are, see your product documentation to complete these steps.

For more information about the limitations of the Security Update Inventory Tool, see Microsoft Knowledge Base Article 306460. During installation, creates %Windir%\CabBuild.log. No. this content Administrators should use one of the supported methods to verify the installation was successful when they use the /quiet switch.

Exploiting the vulnerability would allow the attacker only the same privileges as the user. The message could then cause the affected system to execute code. On the Version tab, determine the version of the file that is installed on your computer by comparing it to the version that is documented in the appropriate file information table.Note Right-click the connection on which you want to enable Internet Connection Firewall, and then click Properties.

Deployment Information To install the patch without any user intervention, use the following command line: For Windows 2000 Service Pack 3, Windows 2000 Service Pack 4: Windows2000-KB823182-x86-ENU /u /q For Windows This could include other applications such as SQL Server, BizTalk Server, Exchange Server, or Message Queuing. For more information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site. In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

Patches for consumer platforms are available from the Windows Update web site Support: Technical support is available from Microsoft Product Support Services at 1-866-PCSAFETY. For more information about how to obtain the latest service pack, see Microsoft Knowledge Base Article 260910.