Sign in with
Sign up | Sign in
Your question

Microsoft Security Bulletin(s) for 1/11/2005

Last response: in Windows XP
Share
Anonymous
a b 8 Security
January 11, 2005 1:05:44 PM

Archived from groups: microsoft.public.security,microsoft.public.security.homeusers,microsoft.public.win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

January 11, 2005
Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are
authoritative in all matters concerning Microsoft Security Bulletins! ANY
e-mail, web board or newsgroup posting (including this one) should be
verified by visiting these sites for official information. Microsoft never
sends security or other updates as attachments. These updates must be
downloaded from the microsoft.com download center or Windows Update. See the
individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft
security notices, it is recommended that you physically type the URLs into
your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://www.microsoft.com/technet/security/Bulletin/ms05...

Critical Bulletins:

Vulnerability in HTML Help Could Allow Code Execution (890175)
http://www.microsoft.com/technet/security/Bulletin/ms05...

Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code
Execution (891711)
http://www.microsoft.com/technet/security/Bulletin/ms05...

Important Bulletins:

Vulnerability in the Indexing Service Could Allow Remote Code Execution
(871250)
http://www.microsoft.com/technet/security/Bulletin/ms05...


This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.

--
Regards,

Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities

Get Secure! www.microsoft.com/security


This posting is provided "AS IS" with no warranties, and confers no rights.
January 11, 2005 3:28:59 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

regarding the security of the microsoft virus/trojan
cleaner in the windows update ,that sends out info if a bug
is found.....

how secure is it or is it just like a virus itself?

and why can't you hide this nuisence update when you don't
need it.



>-----Original Message-----
>January 11, 2005
>Today Microsoft released the following Security Bulletin(s).
>
>Note: www.microsoft.com/technet/security and
www.microsoft.com/security are
>authoritative in all matters concerning Microsoft Security
Bulletins! ANY
>e-mail, web board or newsgroup posting (including this
one) should be
>verified by visiting these sites for official information.
Microsoft never
>sends security or other updates as attachments. These
updates must be
>downloaded from the microsoft.com download center or
Windows Update. See the
>individual bulletins for details.
>
>Because some malicious messages attempt to masquerade as
official Microsoft
>security notices, it is recommended that you physically
type the URLs into
>your web browser and not click on the hyperlinks provided.
>
>Bulletin Summary:
>
>http://www.microsoft.com/technet/security/Bulletin/ms05...
>
>Critical Bulletins:
>
>Vulnerability in HTML Help Could Allow Code Execution (890175)
>http://www.microsoft.com/technet/security/Bulletin/ms05...
>
>Vulnerability in Cursor and Icon Format Handling Could
Allow Remote Code
>Execution (891711)
>http://www.microsoft.com/technet/security/Bulletin/ms05...
>
>Important Bulletins:
>
>Vulnerability in the Indexing Service Could Allow Remote
Code Execution
>(871250)
>http://www.microsoft.com/technet/security/Bulletin/ms05...
>
>
>This represents our regularly scheduled monthly bulletin
release (second
>Tuesday of each month). Please note that Microsoft may
release bulletins out
>side of this schedule if we determine the need to do so.
>
>If you have any questions regarding the patch or its
implementation after
>reading the above listed bulletin you should contact
Product Support
>Services in the United States at 1-866-PCSafety
(1-866-727-2338).
>International customers should contact their local subsidiary.
>
>--
>Regards,
>
>Jerry Bryant - MCSE, MCDBA
>Microsoft IT Communities
>
>Get Secure! www.microsoft.com/security
>
>
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>
>.
>
Anonymous
a b 8 Security
January 11, 2005 8:16:25 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

....and what is it? The security bulletin doesn't mention it and does not
give details.

Tom
"dick" <anonymous@discussions.microsoft.com> wrote in message
news:200101c4f81c$2e580670$a301280a@phx.gbl...
|
| regarding the security of the microsoft virus/trojan
| cleaner in the windows update ,that sends out info if a bug
| is found.....
|
| how secure is it or is it just like a virus itself?
|
| and why can't you hide this nuisence update when you don't
| need it.
|
|
|
| >-----Original Message-----
| >January 11, 2005
| >Today Microsoft released the following Security Bulletin(s).
| >
| >Note: www.microsoft.com/technet/security and
| www.microsoft.com/security are
| >authoritative in all matters concerning Microsoft Security
| Bulletins! ANY
| >e-mail, web board or newsgroup posting (including this
| one) should be
| >verified by visiting these sites for official information.
| Microsoft never
| >sends security or other updates as attachments. These
| updates must be
| >downloaded from the microsoft.com download center or
| Windows Update. See the
| >individual bulletins for details.
| >
| >Because some malicious messages attempt to masquerade as
| official Microsoft
| >security notices, it is recommended that you physically
| type the URLs into
| >your web browser and not click on the hyperlinks provided.
| >
| >Bulletin Summary:
| >
| >http://www.microsoft.com/technet/security/Bulletin/ms05...
| >
| >Critical Bulletins:
| >
| >Vulnerability in HTML Help Could Allow Code Execution (890175)
| >http://www.microsoft.com/technet/security/Bulletin/ms05...
| >
| >Vulnerability in Cursor and Icon Format Handling Could
| Allow Remote Code
| >Execution (891711)
| >http://www.microsoft.com/technet/security/Bulletin/ms05...
| >
| >Important Bulletins:
| >
| >Vulnerability in the Indexing Service Could Allow Remote
| Code Execution
| >(871250)
| >http://www.microsoft.com/technet/security/Bulletin/ms05...
| >
| >
| >This represents our regularly scheduled monthly bulletin
| release (second
| >Tuesday of each month). Please note that Microsoft may
| release bulletins out
| >side of this schedule if we determine the need to do so.
| >
| >If you have any questions regarding the patch or its
| implementation after
| >reading the above listed bulletin you should contact
| Product Support
| >Services in the United States at 1-866-PCSafety
| (1-866-727-2338).
| >International customers should contact their local subsidiary.
| >
| >--
| >Regards,
| >
| >Jerry Bryant - MCSE, MCDBA
| >Microsoft IT Communities
| >
| >Get Secure! www.microsoft.com/security
| >
| >
| >This posting is provided "AS IS" with no warranties, and
| confers no rights.
| >
| >
| >.
| >
Related resources
Anonymous
a b 8 Security
January 12, 2005 9:30:11 PM

Archived from groups: microsoft.public.security,microsoft.public.security.homeusers,microsoft.public.win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

> Jerry Bryant [MSFT] scribbled:

Snip the updates announcements; Already installed successfully, and being
tested.

Care to clarify how to use the 'malware removal tool?'

So far the only way I can run it is by double clicking on the downloaded
install file (Windows-KB890830-ENU.exe) and agreeing to the EULA each
time....

Is this the way it's supposed to work?

On http://support.microsoft.com/?kbid=890830 it says this:
<quote>
When the Malicious Software Removal Tool runs, it performs the following
functions. Except where noted, the tool has the same behavior independent of
what command-line switches you use or how you download and run the tool.
Note that the tool is not actually installed on a computer. Therefore, no
entry is created for it in the Programs folder or in Add/Remove Programs.
<end quote>

Which indicates it's not actually installed on the Hard drive as a program
to run....

--
mlvburke@xxxxxxxx.nz
Replace the obvious with paradise.net to email me
Found Images
http://homepages.paradise.net.nz/~mlvburke
Anonymous
a b 8 Security
January 12, 2005 9:30:12 PM

Archived from groups: microsoft.public.security,microsoft.public.security.homeusers,microsoft.public.win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

Max Burke wrote:

>> Jerry Bryant [MSFT] scribbled:
>
>
> Snip the updates announcements; Already installed successfully, and
> being tested.
>
> Care to clarify how to use the 'malware removal tool?'
>
> So far the only way I can run it is by double clicking on the downloaded
> install file (Windows-KB890830-ENU.exe) and agreeing to the EULA each
> time....
>
> Is this the way it's supposed to work?
Hi

To run it unattended, run it like this:
Windows-KB890830-ENU.exe /Q

After the scan is complete, the tool creates a file Mrt.log that
contains the results of the scan. The file is in the %windir%\Debug
folder.

If you run
Windows-KB890830-ENU.exe /?
you will get this message box:

---------------------------
Microsoft® Windows® Malicious Software Removal Tool
---------------------------
Usage:
/Q - quiet mode; if set, no UI is shown
/? - displays usage and engine version information
---------------------------
OK
---------------------------

More here also:

Deployment of the Microsoft Windows Malicious Software Removal Tool in an
enterprise environment
http://support.microsoft.com/default.aspx?scid=kb;en-us;891716




--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.m...
!