DOCSLIB.ORG

Product Support Notice © 2009 Avaya Inc

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Product Support Notice © 2009 Avaya Inc. All Rights Reserved. PSN # PSN002704u Original publication date: 30-Nov-09. This is Issue #01, published date: Severity/risk level Medium Urgency Immediately 30-Nov-09. Name of problem Modular Messaging 5.2 Microsoft Patch List Products affected Modular Messaging (MM) 5.2 Problem description Avaya applies a set of Microsoft patches as part of the base installation of MM installed in the factory. The majority of these patches are security updates. Resolution The following are included in the base software for MM 5.2. This list applies to systems with Exchange and Domino backends and MSS backends with MAS software on a S3500 and S8800. The list for systems with MSS backends with MAS software on a S8730 follows this list. Common KB Article Type Description Name Number MS07‐021 KB930178 Security Vulnerability in Windows CSRSS could allow remote code execution MS07‐020 KB932168 Security Vulnerability in Microsoft Agent could allow remote code execution KB927891 Update You receive an access violation error and the system may appear to become unresponsive when you try to install an update from Windows Update or from Microsoft Update MS07‐012 KB924667 Security Vulnerability in Microsoft Foundation Classes could allow for remote code execution MS07‐034 KB929123 Security Cumulative security update for Outlook Express and for Windows Mail MS06‐078 KB925398 Security Vulnerability in Windows Media Format could allow remote code execution MS07‐039 KB926122 Security Vulnerability in Windows Active Directory could allow remote code execution MS07‐047 KB936782 Security Vulnerability in Windows Media Player could allow remote code execution MS07‐050 KB938127 Security Vulnerability in Vector Markup Language could allow remote code execution MS07‐040 KB933854 Security Vulnerabilities in the .NET Framework could allow remote code execution MS07‐058 KB933729 Security Vulnerabilities in RPC could allow denial of service KB936357 Update A microcode reliability update is available that improves the reliability of systems that use Intel processors MS07‐061 KB943460 Security Vulnerability in Windows URI Handling could allow remote code execution MS07‐061 KB944653 Security Vulnerability in Windows URI Handling could allow remote code execution MS07‐068 KB941569 Security Vulnerability in Windows Media file format could allow remote code execution MS08‐006 KB942830 Security Vulnerability in Internet Information Services could allow remote code execution MS08‐005 KB942831 Security Vulnerability in Internet Information Services could allow elevation of privileges MS08‐007 KB946026 Security Vulnerability in WebDAV Mini‐Redirector could allow remote code execution MS08‐008 KB943055 Security Description of the security update for Windows 2000, for Windows XP, for Windows Server 2003, and for Windows Vista: February 12, 2008 KB948496 Update An update to turn off default SNP features is available for Windows Server 2003‐based and Small Business Server 2003‐based computers MS08‐020 KB945553 Security Vulnerability in DNS client could allow spoofing MS08‐032 KB950760 Security Critical security update of ActiveX kill bits MS08‐036 KB950762 Security Vulnerabilities in Pragmatic General Multicast (PGM) could allow denial of service MS08‐037 KB951748 Security Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008 MS08‐048 KB951066 Security Security update for Outlook Express and Windows Mail MS08‐046 KB952954 Security Vulnerabilities in Microsoft Windows Image Color Management could allow remote code execution MS08‐049 KB950974 Security Vulnerability in Event System could allow remote code execution MS08‐067 KB958644 Security Vulnerability in Server service could allow remote code execution MS08‐069 KB955069 Security Description of the security update for XML Core Services 3.0: November 11, 2008 MS08‐068 KB957097 Security Vulnerability in SMB could allow remote code execution MS08‐076 KB952069 Security Description of the security update for Windows Media Format Runtime 7.1, 9.0, 9.5, and 11 and Media Foundation: December 9, 2008 MS08‐076 KB954600 Security Description of the security update for Windows Media Player 6.4: December 9, 2008 MS08‐071 KB956802 Security Vulnerabilities in GDI could allow remote code execution KB955839 Update December 2008 cumulative time zone update for Microsoft Windows operating systems MS07‐017 KB925902 Security Vulnerability in GDI could allow remote code execution MS08‐066 KB956803 Security Vulnerability in the Microsoft Ancillary Function driver could allow elevation of privilege MS09‐001 KB958687 Security Vulnerabilities in SMB could allow remote code execution KB960715 Update Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits MS09‐007 KB960225 Security Vulnerability in SChannel could allow spoofing MS08‐052 KB938464 Security Description of the security update for GDI+ for all editions of Windows XP, of Windows Vista, of Windows Server 2003, and of Windows Server 2008 and for Windows Server 2000 with Internet Explorer 6 SP1 © 2009 Avaya Inc. All Rights Reserved. Page 2 MS09‐006 KB958690 Security Vulnerabilities in Windows Kernel could allow remote code execution KB967715 update How to disable the Autorun functionality in Windows MS09‐011 KB961373 Security Vulnerability in Microsoft DirectShow could allow remote code execution MS09‐012 KB956572 Security Description of the security update for Windows Service Isolation: April 2009 MS09‐012 KB952004 Security Description of the security update for MSDTC Transaction Facility: April 2009 MS09‐013 KB960803 Security Vulnerabilities in Windows HTTP services could allow remote code execution MS09‐015 KB959426 Security Blended threat vulnerability in SearchPath could allow elevation of privilege MS09‐014 KB963027 Security Cumulative security update for Internet Explorer MS09‐010 KB923561 Security Description of the update for Windows WordPad Converter: April 14, 2009 MS09‐008 KB961063 Security Description of the security update for DNS server: March 10, 2009 MS09‐022 KB961501 Security Vulnerabilities in the Windows Print Spooler could allow remote code execution MS09‐025 KB968537 Security Vulnerabilities in Windows Kernel could allow elevation of privilege MS09‐026 KB970238 Security Vulnerability in RPC could allow elevation of privilege MS09‐020 KB970483 Security Vulnerabilities in Internet Information Services (IIS) could allow elevation of privilege KB951847 SP List of changes and fixed issues in the .NET Framework 3.5 Service Pack 1 MS09‐028 KB971633 Security Vulnerabilities in Microsoft DirectShow could allow remote code execution MS09‐029 KB961371 Security Vulnerabilities in the Embedded OpenType Font Engine could allow remote code execution KB890830 Tool The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Vista, Windows Server 2003, Windows Server 2008, Windows XP, or Windows 2000 MS09‐032 KB973346 Security Cumulative Security Update of ActiveX Kill Bits MS09‐034 KB972260 Update Cumulative security update for Internet Explorer KB973825 Update Error message when you try to install a large Windows Installer package or a large Windows Installer patch package in Windows Server 2003 Service Pack 2: "Error 1718 File was rejected by digital signature policy" MS08‐069 KB954459 Security Description of the security update for XML Core Services 6.0: November 11, 2008 KB961118 Update All the PCL inbox printer drivers become unsigned after you install the Microsoft .NET Framework 3.5 Service Pack 1 MS09‐010 KB923561 Security Description of the update for Windows WordPad Converter: April 14, 2009 KB963707 Update How to remove the .NET Framework Assistant for Firefox KB890830 Tool The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious © 2009 Avaya Inc. All Rights Reserved. Page 3 software from computers that are running Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, Windows XP, or Windows 2000 ‐ August 2009 MS09‐029 KB961371 Security Vulnerabilities in the Embedded OpenType Font Engine could allow remote code execution KB968389 Update Extended Protection for Authentication MS09‐040 KB971032 Security Vulnerability in Message Queuing could allow elevation of privilege MS09‐038 KB971557 Security Vulnerabilities in Windows Media file processing could allow remote code execution MS09‐037 KB973540 Security Description of the security update for Windows Media Player: August 11, 2009 MS09‐037 KB973869 Security Description of the security update for the DHTML editing component ActiveX control: August 11, 2009 MS09‐044 KB956744 Security Description of the security update for Remote Desktop Client version 6.0 and 6.1: August 11, 2009 MS09‐054 KB974455 Security Cumulative security update for Internet Explorer MS09‐047 KB968816 Security Description of the security update for Windows Media Format Runtime, Windows Media Services, and Media Foundation: September 8, 2009 MS09‐045 KB971961 Security Vulnerability in JScript Scripting Engines could allow remote code execution KB925876 Update Update Remote Desktop Connection (Terminal Services Client 6.0) KB954550 Update Some Microsoft XPS features are not available in Windows Server 2003 and in Windows XP MS09‐046 KB954550 Security Vulnerability in the DHTML Editing Component ActiveX control could allow remote code execution MS09‐007 KB960225 Security Vulnerability in SChannel could
Recommended publications
  • Through the Looking Glass: Webcam Interception and Protection in Kernel

    Through the Looking Glass: Webcam Interception and Protection in Kernel

    VIRUS BULLETIN www.virusbulletin.com Covering the global threat landscape THROUGH THE LOOKING GLASS: and WIA (Windows Image Acquisition), which provides a WEBCAM INTERCEPTION AND still image acquisition API. PROTECTION IN KERNEL MODE ATTACK VECTORS Ronen Slavin & Michael Maltsev Reason Software, USA Let’s pretend for a moment that we’re the bad guys. We have gained control of a victim’s computer and we can run any code on it. We would like to use his camera to get a photo or a video to use for our nefarious purposes. What are our INTRODUCTION options? When we talk about digital privacy, the computer’s webcam The simplest option is just to use one of the user-mode APIs is one of the most relevant components. We all have a tiny mentioned previously. By default, Windows allows every fear that someone might be looking through our computer’s app to access the computer’s camera, with the exception of camera, spying on us and watching our every move [1]. And Store apps on Windows 10. The downside for the attackers is while some of us think this scenario is restricted to the realm that camera access will turn on the indicator LED, giving the of movies, the reality is that malware authors and threat victim an indication that somebody is watching him. actors don’t shy away from incorporating such capabilities A sneakier method is to spy on the victim when he turns on into their malware arsenals [2]. the camera himself. Patrick Wardle described a technique Camera manufacturers protect their customers by incorporating like this for Mac [8], but there’s no reason the principle into their devices an indicator LED that illuminates when can’t be applied to Windows, albeit with a slightly different the camera is in use.
  • I Feasibility of Streaming Media for Transportation Research And

    I Feasibility of Streaming Media for Transportation Research And

    Feasibility of Streaming Media For Transportation Research and Implementation Final Report Prepared by: Drew M. Coleman July 2007 Research Project SPR-2231 Report No. 2231-F-05-11 Connecticut Department of Transportation Bureau of Engineering and Highway operations Division of Research Keith R. Lane, P.E. Director of Research and Materials James M. Sime, P.E. Manager of Research i TECHNICAL REPORT DOCUMENTATION PAGE 1. Report No. 2. Government Accession 3. Recipients Catalog No. 2231-F-05-11 No. 4. Title and Subtitle 5. Report Date Feasibility of Streaming Media for July 2007 Transportation Research and 6. Performing Organization Code Implementation SPR-2231 7. Author(s) Drew M. Coleman 8. Performing Organization Report No. 2231-F-05-11 9. Performing Organization Name and 10. Work Unit No. (TRIS) Address 11. Contract or Grant No. Connecticut Department of Transportation CT Study No. SPR-2231 Division of Research 13. Type of Report and Period Covered 280 West Street Final Report Rocky Hill, CT 06067-3502 February 2001-June 2007 12. Sponsoring Agency Name and Address Connecticut Department of Transportation 2800 Berlin Turnpike 14. Sponsoring Agency Code Newington, CT 06131-7546 SPR-2231 15. Supplementary Notes Conducted in cooperation with the U.S. Department of Transportation, Federal Highway Administration 16. Abstract This report is intended to serve as a guide for transportation personnel in the development and dissemination of streaming video-based presentations. These were created using streaming media production tools, then delivered via network and Web-based media servers, and finally, viewed from the end-users’ PC- desktops. The study focuses on three popular streaming media technology platforms: RealNetworks®, Microsoft® and Apple®.
  • [MS-MSSOD]: Media Streaming Server Protocols Overview

    [MS-MSSOD]: Media Streaming Server Protocols Overview

    [MS-MSSOD]: Media Streaming Server Protocols Overview This document provides an overview of the Media Streaming Server Protocols Overview Protocol Family. It is intended for use in conjunction with the Microsoft Protocol Technical Documents, publicly available standard specifications, network programming art, and Microsoft Windows distributed systems concepts. It assumes that the reader is either familiar with the aforementioned material or has immediate access to it. A Protocol System Document does not require the use of Microsoft programming tools or programming environments in order to implement the Protocols in the System. Developers who have access to Microsoft programming tools and environments are free to take advantage of them. Intellectual Property Rights Notice for Open Specifications Documentation . Technical Documentation. Microsoft publishes Open Specifications documentation for protocols, file formats, languages, standards as well as overviews of the interaction among each of these technologies. Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the technologies described in the Open Specifications and may distribute portions of it in your implementations using these technologies or your documentation as necessary to properly document the implementation. You may also distribute in your implementation, with or without modification, any schema, IDL's, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation.
  • Windows Phone API Quickstart

    Windows Phone API Quickstart

    Windows Phone API QuickStart Fundamental Types and Threading and cont. cont. Wallet▲ Date / Time Synchronization .NET Microsoft.Phone.Maps.Controls Microsoft.Devices Map, MapLayer, MapOverlay, .NET Microsoft.Phone.Maps.Services Microsoft.Phone.Tasks Windows Runtime PhotoCamera, CameraButtons, CameraVideo- ♦♣ Windows Runtime + GeocodeQuery, ReverseGeocodeQuery, Route- AddWalletItem Windows.Foundation ♦ BrushExtensions Windows.System.Threading Microsoft.Phone Query Microsoft.Phone.Wallet DateTime, Uri ThreadPool, ThreadPoolTimer Microsoft.Phone.Tasks Wallet, Deal, WalletTransactionItem, WalletAgent ♦♣ ♦ PictureDecoder Windows.Foundation.Collections Windows.UI.Core MapsTask, MapsDirectionsTask, MapDownload- Microsoft.Phone.Tasks ▲ IIterable<T>, IVector <T>, IMap<TK, TV>, IVec- CoreDispatcher, CoreWindow, erTask Multitasking torView <T> MediaPlayerLauncher, CameraCaptureTask, ♦ Note: You can get the current dispatcher from PhotoChooserTask, ShareMediaTask, SaveRing- System.Device.Location Windows.Storage.Streams CoreWindow.GetForCurrentThread() GeoCoordinateWatcher .NET Buffer toneTask Microsoft.Xna.Framework.Audio Microsoft.Phone.BackgroundAudio .NET BackgroundAudioPlayer, AudioTrack, AudioPlay- Microphone, SoundEffect, DynamicSoundEffec- ▲ .NET System tInstance erAgent, AudioStreamingAgent ♦ + VoIP System WindowsRuntimeSystemExtensions Microsoft.Xna.Framework.Media Microsoft.Phone.BackgroundTransfer ■ Object, Byte, Char, Int32, Single, Double, String, System.Threading MediaLibrary, MediaPlayer, Song Windows Runtime BackgroundTransferService,
  • (RUNTIME) a Salud Total

    (RUNTIME) a Salud Total

    Windows 7 Developer Guide Published October 2008 For more information, press only: Rapid Response Team Waggener Edstrom Worldwide (503) 443-7070 [email protected] Downloaded from www.WillyDev.NET The information contained in this document represents the current view of Microsoft Corp. on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form, by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred.
  • MSDN Magazine (ISSN 1528-4859) Is Published Monthly by 1105 Media, Inc., 9201 Oakdale Avenue, Infoworld Ste

    MSDN Magazine (ISSN 1528-4859) Is Published Monthly by 1105 Media, Inc., 9201 Oakdale Avenue, Infoworld Ste

    Introducing There’s no better time to discover DevExpress. Visual Studio 11 beta is here and DevExpress tools are ready to run. DXv2 is the next generation of tools that will take your applications to a new level. Build stunning, touch enabled applications today. Download your free 30-day trial at www.DevExpress.com © 1998-2012 Developer Express Inc. ALL RIGHTS RESERVED. All trademarks or registered trademarks are property of their respective owners. Untitled-2 1 3/8/12 10:58 AM THE MICROSOFT JOURNAL FOR DEVELOPERS APRIL 2012 VOL 27 NO 4 Using CSS3 Media Queries to Build COLUMNS a More Responsive Web Brandon Satrom ....................................................................... 20 CUTTING EDGE Long Polling and SignalR A Code-Based Introduction to C++ AMP Dino Esposito, page 6 Daniel Moth ............................................................................ 28 DATA POINTS Let Power Users Create Their Introduction to Tiling in C++ AMP Own OData Feeds Daniel Moth ............................................................................ 40 Julie Lerman, page 14 Lowering the Barriers to Code Generation with T4 TEST RUN Peter Vogel .............................................................................. 48 Bacterial Foraging Optimization James McCaffrey, page 82 Integrating Windows Workfl ow Foundation CLIENT INSIGHT with the OpenXML SDK Using JsRender with JavaScript Rick Spiewak ............................................................................ 56 and HTML John Papa, page 86 Context-Aware Dialogue with Kinect
  • Windows 7 – KB Artikelliste 2009-2015

    Windows 7 – KB Artikelliste 2009-2015

    Windows 7 – KB Artikelliste 2009-2015 Mai 2015 2473205 List of currently available hotfixes for the File Services technologies in Windows Server 2008 and in Windows Server 2008 R2 Q2473205 KB2473205 Mai 29, 2015 3020369 April 2015 servicing stack update for Windows 7 and Windows Server 2008 R2 Q3020369 KB3020369 Mai 27, 2015 3057110 MS15-044: Vulnerabilities in Microsoft font drivers could allow remote code execution: Mai 12, 2015 Q3057110 KB3057110 Mai 25, 2015 3066710 2015 - Egypt DST changes - hotfix Q3066710 KB3066710 Mai 22, 2015 3065979 "GsDraw error (1): GenericError" error occurs and application crashes when you create text outline in Windows Q3065979 KB3065979 Mai 22, 2015 3045171 MS15-044 and MS15-051: Description of the security update for Windows font drivers Q3045171 KB3045171 Mai 21, 2015 3057756 Hotfix rollup 3057756 for the .NET Framework 4.0 on Windows 7 SP1, Windows Server 2003 SP2, Windows Server 2008 R2 SP1, Windows Server 2008 SP2, and Windows Vista SP2 Q3057756 KB3057756 Mai 20, 2015 3029432 The logon process for new users takes significantly longer as the number of user profiles increases in Windows Q3029432 KB3029432 Mai 19, 2015 3042816 AD DS or AD LDS responds slowly to LDAP query that has an undefined attribute and an OR clause in Windows Q3042816 KB3042816 Mai 18, 2015 3051658 You cannot add other users to access an encrypted file in Windows Q3051658 KB3051658 Mai 15, 2015 3020338 Application does not work correctly after you apply update 3006226 in Windows Q3020338 KB3020338 Mai 15, 2015 2883952
  • Choosing the Right Media Paths to Facilitate Hardware Acceleration

    Choosing the Right Media Paths to Facilitate Hardware Acceleration

    White Paper Fan, Fred Choosing the Right Graphics Platform Application Engineer Media Paths to Intel Corporation Tan, Hui Li Facilitate Graphics Platform Application Engineer Hardware Intel Corporation Acceleration Media Solution for Retail Independent Software Vendors (ISVs) September, 2013 329650-001US Choosing the Right Media Paths to Facilitate Hardware Acceleration Executive Summary This paper provides detailed guidance for choosing the right media- development Application Programming Interfaces (APIs) for different retail usage models and devices on Windows* 7 and Windows* 8 operating systems (OSs). When Independent Software Vendors (ISVs) make decisions on which approach to take for their own media applications, there are five key factors that may influence their decisions: hardware investment, software resource investment, performance, flexibility, and software implementation speed. This paper provides detailed guidance for choosing the right media development APIs for different retail segments, from Entry to Mainstream and High-end. This paper does not include implementation details, but does provide related media references, such as Intel® Media SDK and other media development APIs, to help ISVs develop their media content as the next step. The Intel® Embedded Design Center provides qualified developers with web-based access to technical resources. Access Intel Confidential design materials, step-by-step guidance, application reference solutions, training, Intel’s tool loaner program, and connect with an e-help desk and the
  • What Is Pcmark 8?

    What Is Pcmark 8?

    Technical Guide Updated December 16, 2020 ⚠ Support for PCMark 8 will end on January 14, 2021. What is PCMark 8? .......................................................................................................... 4 Latest version numbers ................................................................................................... 6 System requirements ....................................................................................................... 7 Benchmark accuracy ........................................................................................................ 8 How to benchmark performance ................................................................................... 9 How to benchmark battery life ..................................................................................... 10 PCMark 8 settings ........................................................................................................... 12 Home benchmark ......................................................................................................... 14 Home benchmark version history ................................................................................ 15 Creative benchmark ..................................................................................................... 16 Creative benchmark version history ............................................................................ 17 Work benchmark .........................................................................................................
  • [MS-MSSO]: Media Streaming Server System Overview

    [MS-MSSO]: Media Streaming Server System Overview

    [MS-MSSO]: Media Streaming Server System Overview Intellectual Property Rights Notice for Protocol Documentation . Technical Documentation. Microsoft publishes Open Specifications documentation for protocols, file formats, languages, standards as well as overviews of the interaction among each of these technologies. Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the technologies described in the Open Specifications and may distribute portions of it in your implementations using these technologies or your documentation as necessary to properly document the implementation. You may also distribute in your implementation, with or without modification, any schema, IDL’s, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. Patents. Microsoft has patents that may cover your implementations of the technologies described in the Open Specifications. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, a given Open Specification may be covered by Microsoft's Open Specification Promise (available here: http://www.microsoft.com/interop/osp) or the Community Promise (available here: http://www.microsoft.com/interop/cp/default.mspx). If you would prefer a written license, or if the technologies described in the Open Specifications are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting [email protected].
  • Advisory Microsoft Patch Tuesday – March 2020

    Advisory Microsoft Patch Tuesday – March 2020

    Advisory Microsoft Patch Tuesday – March 2020 aeCERT One of Telecommunications Regulatory Authority (TRA) Initiatives P O Box 116688, Dubai, United Arab Emirates (UAE) www.aecert.ae | www.tra.gov.ae Version: 1.0 Ref: ADV-19-019 Document Date: 11/03/2020 Document Details Disclaimer Whilst every effort has been made to ensure the accuracy of the information contained within this report, aeCERT and the TRA bear no liability or responsibility for any recommendations issued or inadvertent damages that could be caused by the recipient of this information. Accessing third-party links in this advisory will direct you to an external website. Please note that aeCERT bears no responsibility for third-party website traffic. aeCERT will have no liability to the entities for the content or use of the content available through the hyperlinks that are referenced. Contents Contents 1 Summary 2 Details 2 Recommendations 11 References 11 1 | P a g e Summary aeCERT has received the latest Microsoft security updates that aim to patch recent vulnerabilities discovered in their system. The release has impact on some Microsoft products. In order to protect windows from security risks, users should install latest update as soon as possible. Details Microsoft has released the monthly security update for the month of march. This update discloses many different vulnerabilities from many of Microsoft’s products. This patch is related to 117 vulnerabilities: • 25 of these are considered critical • 91 are also considered important As such, due to the large number of critical and important vulnerabilities, this patch is very critical. These are the vulnerabilities, as well as their severities.
  • Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Controllers

    Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Controllers

    Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Controllers Version 2.0 November 2007 Copyright ©2007, The Center for Internet Security http://www.cisecurity.org Editors: Jeff Shawgo Sidney Faber Collin Greene [email protected] The Center for Internet Security Table of Contents Table of Contents ....................................................................................................................2 Terms of Use Agreement ........................................................................................................3 Quick Start Instructions ..........................................................................................................6 For The Seasoned Security Professional ........................................................................... 6 For the Windows User Seeking Enlightenment ................................................................. 6 Windows Server 2003 – Domain Controller Benchmark .......................................................7 Intended Audience ..................................................................................................................7 Practical Application ...............................................................................................................7 Keeping Score .........................................................................................................................8 Security Levels........................................................................................................................9