Microsoft Security Bulletins Windows Assistance
Go To
Home
Windows XP
Virus Info Center
Windows Web Sites
Books
Tips From The Past
Searching For
Commentary
Microsoft Security Bulletins
eMail
About This Site
Search Me


Advanced Search

Search The Web


Advanced Search

 

More Bulletins: 

Year 2002 Security Bulletins
Year 2001 Security Bulletins
Year 2000 Security Bulletins 
Year 1999 Security Bulletins 
Year 1998 Security Bulletins 

Important: You should also go to the Windows Update site at Microsoft and also visit the Security pages at Microsoft.

Be sure to read the Microsoft Terms of Use.

Microsoft Security Bulletin (MS03-051)

Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)

Version:

  • 1.0

Date:

  • November 11, 2003

Software:

  • Microsoft Windows 2000 Service Pack 2, Service Pack 3
  • Microsoft Windows XP, Microsoft Windows XP Service Pack 1
  • Microsoft Office XP, Microsoft Office Service Release 1

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-051.asp
http://www.microsoft.com/security/security_bulletins/ms03-051.asp

Microsoft Security Bulletin (MS03-050)

Vulnerabilities in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to run (831527)

Version:

  • 1.0

Date:

  • November 11, 2003

Software:

  • Microsoft Excel 97
  • Microsoft Excel 2000
  • Microsoft Excel 2002
  • Microsoft Word 97
  • Microsoft Word 98(J)
  • Microsoft Word 2000
  • Microsoft Works Suite 2001
  • Microsoft Word 2002
  • Microsoft Works Suite 2002
  • Microsoft Works Suite 2003
  • Microsoft Works Suite 2004

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-050.asp
http://www.microsoft.com/security/security_bulletins/ms03-050.asp

Microsoft Security Bulletin (MS03-049)

Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)

Version:

  • 13.0

Date:

  • November 11, 2003

Software:

  • Microsoft Windows 2000 Service Pack 2, Service Pack 3, and Service Pack 4
  • Microsoft Windows XP, Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP 64-Bit Editi

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-049.asp
http://www.microsoft.com/security/security_bulletins/ms03-049.asp

Microsoft Security Bulletin (MS03-048)

Cumulative Update for Internet Explorer (824145)

Version:

  • 1.0

Date:

  • November 11, 2003

Software:

  • Microsoft Windows Millennium Edition
  • Microsoft Windows NT Workstation 4.0, Service Pack 6a
  • Microsoft Windows NT Server 4.0, Service Pack 6a
  • Microsoft Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
  • Microsoft Windows 2000 Service Pack 2, Service Pack 3, and Service Pack 4
  • Microsoft Windows XP, Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP 64-Bit Edition
  • Microsoft Windows XP 64-Bit Edition Version 2003
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2003 64 bit Edition

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-048.asp
http://www.microsoft.com/security/security_bulletins/ms03-048.asp

Microsoft Security Bulletin (MS03-047)

Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)

Version:

  • 2.0

Date:

  • October 15, 2003

Updated:

  • October 22, 2003

Software:

  • Exchange Server 5.5

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-047.asp
http://www.microsoft.com/security/security_bulletins/ms03-047.asp

Microsoft Security Bulletin (MS03-046)

Vulnerability in Exchange Server could allow Arbitrary Code Execution (829436)

Version:

  • 2.0

Date:

  • October 15, 2003

Updated:

  • October 22, 2003

Software:

  • Exchange Server 5.5
  • Exchange 2000 Server

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-046.asp
http://www.microsoft.com/security/security_bulletins/ms03-046.asp

Microsoft Security Bulletin (MS03-045)

Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

Version:

  • 3.0

Date:

  • October 15, 2003

Updated:

  • October 29, 2003

Software:

  • Windows NT Workstation 4.0, Service Pack 6a
  • Windows NT Server 4.0, Service Pack 6a
  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
  • Windows 2000, Service Pack 2 - Windows 2000, Service Pack 3, Service Pack 4
  • Windows XP Gold, Service Pack 1
  • Windows XP 64-bit Edition
  • Windows XP 64-bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-bit Edition

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-045.asp
http://www.microsoft.com/security/security_bulletins/ms03-045.asp

Microsoft Security Bulletin (MS03-044)

Buffer Overflow in Windows Help and Support Center Could lead to System Compromise (825119)

Version:

  • 2.0

Date:

  • October 15, 2003

Updated:

  • October 22, 2003

Software:

  • Windows Millennium Edition
  • Windows NT Workstation 4.0, Service Pack 6a
  • Windows NT Server 4.0, Service Pack 6a
  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
  • Windows 2000, Service Pack 2
  • Windows 2000, Service Pack 3, Service Pack 4
  • Windows XP Gold, Service Pack 1
  • Windows XP 64-bit Edition - Windows XP 64-bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-bit Edition

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-044.asp
http://www.microsoft.com/security/security_bulletins/ms03-044.asp

Microsoft Security Bulletin (MS03-043)

Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

Version:

  • 3.0

Date:

  • October 15, 2003

Updated:

  • October 29, 2003

Software:

  • Windows NT Workstation 4.0, Service Pack 6a
  • Windows NT Server 4.0, Service Pack 6a
  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
  • Windows 2000, Service Pack 2
  • Windows 2000, Service Pack 3, Service Pack 4
  • Windows XP Gold, Service Pack 1
  • Windows XP 64-bit Edition
  • Windows XP 64-bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-bit Edition

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-043.asp
http://www.microsoft.com/security/security_bulletins/ms03-043.asp

Microsoft Security Bulletin (MS03-042)

Buffer Overflow in the Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232)

Version:

  • 3.0

Date:

  • October 15, 2003

Updated:

  • October 29, 2003

Software:

  • Windows 2000, Service Pack 2
  • Windows 2000, Service Pack 3, Service Pack 4

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-042.asp
http://www.microsoft.com/security/security_bulletins/ms03-042.asp

Microsoft Security Bulletin (MS03-041)

Vulnerability in Authenticode Could Allow Remote Code Execution (823182)

Version:

  • 2.0

Date:

  • October 15, 2003

Updated:

  • October 22, 2003

Software:

  • Windows NT Workstation 4.0, Service Pack 6a
  • Windows NT Server 4.0, Service Pack 6a
  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
  • Windows 2000, Service Pack 2
  • Windows 2000, Service Pack 3, Service Pack 4
  • Windows XP Gold, Service Pack 1
  • Windows XP 64-bit Edition
  • Windows XP 64-bit Edition Version 2003
  • Windows Server 2003
  • Windows Server 2003 64-bit Edition

Impact:

  • Remote Code Execution

Max Risk:

  • Critial

Bulletin:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-041.asp
http://www.microsoft.com/security/security_bulletins/ms03-041.asp

Microsoft Security Bulletin (MS03-040)

Cumulative Patch for Internet Explorer (828750)

Date:

  • October 3, 2003

Software:

  • Internet Explorer 5.01
  • Internet Explorer 5.5
  • Internet Explorer 6.0
  • Internet Explorer 6.0 for Windows Server 2003

Impact:

  • Run code of attacker's choice

Max Risk:

  • Critial

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-040.asp
http://www.microsoft.com/security/security_bulletins/ms03-040.asp

Microsoft Security Bulletin (MS03-039)

Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

Date:

  • September 10, 2003

Software:

  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Server(r) 4.0
  • Microsoft Windows NT Server 4.0, Terminal Server Edition
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Impact:

  • Run code of attacker's choice

Max Risk:

  • Critial

Downloads:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-039.asp
http://www.microsoft.com/security/security_bulletins/ms03-039.asp

Microsoft Security Bulletin (MS03-038)

Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution (827104)

Date:

  • September 3, 2003

Software:

  • Microsoft Access 97
  • Microsoft Access 2000
  • Microsoft Access 2002

Impact:

  • Elevation of Privilege

Max Risk:

  • Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-038.asp
http://www.microsoft.com/security/security_bulletins/ms03-038.asp

Microsoft Security Bulletin (MS03-037)

Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution (822715)

Date:

  • 03 September 2003

Software:

  • Microsoft Visual Basic for Applications SDK 5.0
  • Microsoft Visual Basic for Applications SDK 6.0
  • Microsoft Visual Basic for Applications SDK 6.2
  • Microsoft Visual Basic for Applications SDK 6.3

Products which include the affected software:

  • Microsoft Access 97
  • Microsoft Access 2000
  • Microsoft Access 2002
  • Microsoft Excel 97
  • Microsoft Excel 2000
  • Microsoft Excel 2002
  • Microsoft PowerPoint 97
  • Microsoft PowerPoint 2000
  • Microsoft PowerPoint 2002
  • Microsoft Project 2000
  • Microsoft Project 2002
  • Microsoft Publisher 2002
  • Microsoft Visio 2000
  • Microsoft Visio 2002
  • Microsoft Word 97
  • Microsoft Word 98(J)
  • Microsoft Word 2000
  • Microsoft Word 2002
  • Microsoft Works Suite 2001
  • Microsoft Works Suite 2002
  • Microsoft Works Suite 2003
  • Microsoft Business Solutions Great Plains 7.5
  • Microsoft Business Solutions Dynamics 6.0
  • Microsoft Business Solutions Dynamics 7.0
  • Microsoft Business Solutions eEnterprise 6.0
  • Microsoft Business Solutions eEnterprise 7.0
  • Microsoft Business Solutions Solomon 4.5
  • Microsoft Business Solutions Solomon 5.0
  • Microsoft Business Solutions Solomon 5.5

Impact:

  • Run code of attacker's choice

Max Risk:

  • Critial

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-037.asp
http://www.microsoft.com/security/security_bulletins/ms03-037.asp

Microsoft Security Bulletin (MS03-036)

Buffer Overrun in WordPerfect Converter Could Allow Code Execution (827103)

Date:

  • 03 September 2003

Software:

  • Microsoft Data Access Components 2.5
  • Microsoft Data Access Components 2.6
  • Microsoft Data Access Components 2.7

Impact:

  • Run code of attacker's choice

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-036.asp
http://www.microsoft.com/security/security_bulletins/ms03-036.asp

Microsoft Security Bulletin (MS03-035)

Flaw in Microsoft Word Could Enable Macros to Run Automatically (827653)

Date:

  • September 3, 2003

Software:

  • Microsoft Office 97
  • Microsoft Office 2000
  • Microsoft Office XP
  • Microsoft Word 98 (J)
  • Microsoft FrontPage 2000
  • Microsoft FrontPage 2002
  • Microsoft Publisher 2000
  • Microsoft Publisher 2002
  • Microsoft Works Suite 2001
  • Microsoft Works Suite 2002
  • Microsoft Works Suite 2003

Impact:

  • Run macros without warning

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-035.asp
http://www.microsoft.com/security/security_bulletins/ms03-035.asp

Microsoft Security Bulletin (MS03-034)

Flaw in NetBIOS Could Lead to Information Disclosure (824105)

Date:

  • 03 September 2003

Software:

  • Microsoft Windows NT 4.0 Server
  • Microsoft Windows NT 4.0, Terminal Server Edition
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Impact:

  • Information Disclosure

Max Risk:

  • Low

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-034.asp
http://www.microsoft.com/security/security_bulletins/ms03-034.asp

Microsoft Security Bulletin (MS03-033)

Unchecked Buffer in MDAC Function Could Enable System Compromise (823718)

Date:

  • 20 August 20

Software:

  • Microsoft Data Access Components 2.5
  • Microsoft Data Access Components 2.6
  • Microsoft Data Access Components 2.7

Impact:

  • Run code of attacker's choice

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-033.asp
http://www.microsoft.com/security/security_bulletins/ms03-033.asp

Microsoft Security Bulletin (MS03-032)

Cumulative Patch for Internet Explorer (822925)

Date:

  • 20 August 20

Software:

  • Microsoft Internet Explorer 5.01
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0 for Windows Server 2003

Impact:

  • Run code of the attacker's choice

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-032.asp
http://www.microsoft.com/security/security_bulletins/ms03-032.asp

Microsoft Security Bulletin (MS03-031)

Cumulative Patch for Microsoft SQL Server (815495)

Date:

  • 23 July 2003

Software:

  • Microsoft SQL Server 7.0
  • Microsoft Data Engine (MSDE) 1.0
  • Microsoft SQL Server 2000
  • Microsoft SQL Server 2000 Desktop Engine (MSDE 2000)
  • Microsoft SQL Server 2000 Desktop Engine (Windows)

Impact:

  • Run code of attacker's choice

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-031.asp
http://www.microsoft.com/security/security_bulletins/ms03-031.asp

Microsoft Security Bulletin (MS03-030)

Unchecked Buffer in DirectX Could Enable System Compromise (819696)

Date:

  • 23 July 2003

Software:

  • Microsoft DirectX(r) 5.2 on Windows 98
  • Microsoft DirectX 6.1 on Windows 98 SE
  • Microsoft DirectX 7.0a on Windows Millennium Edition
  • Microsoft DirectX 7.0 on Windows 2000
  • Microsoft DirectX 8.1 on Windows XP
  • Microsoft DirectX 8.1 on Windows Server 2003
  • Microsoft DirectX 9.0a when installed on Windows 98
  • Microsoft DirectX 9.0a when installed on Windows 98 SE
  • Microsoft DirectX 9.0a when installed on Windows Millennium Edition
  • Microsoft DirectX 9.0a when installed on Windows 2000
  • Microsoft DirectX 9.0a when installed on Windows XP
  • Microsoft DirectX(r) 9.0a when installed on Windows Server 2003
  • Microsoft Windows NT 4.0 Server with either
    • Windows Media Player 6.4 or
    • Internet Explorer 6 Service Pack 1 installed.
  • Microsoft Windows NT 4.0, Terminal Server Edition with either
    • Windows Media Player 6.4 or
    • Internet Explorer 6 Service Pack 1 installed.

Impact:

  • Allow an attacker to execute code on a user's system

Max Risk:

  • Critial

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-030.asp
http://www.microsoft.com/security/security_bulletins/ms03-030.asp

Microsoft Security Bulletin (MS03-029)

Flaw in Windows Function Could Allow Denial of Service (823803)

Date:

  • 23 July 2003

Revised:

  • 13 August 2003

Software:

  • Microsoft Windows NT 4.0 Server

Impact:

  • Denial of service

Max Risk:

  • Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-029.asp
http://www.microsoft.com/security/security_bulletins/ms03-029.asp

Microsoft Security Bulletin (MS03-028)

Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (816456)

Date:

  • 16 July 2003

Software:

  • Microsoft(r) ISA Server

Impact:

  • Run code of attacker's choice

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-028.asp
http://www.microsoft.com/security/security_bulletins/ms03-028.asp

Microsoft Security Bulletin (MS03-027)

Unchecked Buffer in Windows Shell Could Enable System Compromise (821557)

Date:

  • 16 July 2003

Software:

  • Microsoft(r) Windows (r) XP

Impact:

  • Run code of attacker's choice

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-027.asp
http://www.microsoft.com/security/security_bulletins/ms03-027.asp

Microsoft Security Bulletin (MS03-026)

Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

Date:

  • 16 July 2003

Software:

  • Microsoft(r) Windows (r) NT 4.0
  • Microsoft Windows NT 4.0 Terminal Services Edition
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Impact:

  • Run code of attacker's choice

Max Risk:

  • Critical

Downloads:

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-026.asp
http://www.microsoft.com/security/security_bulletins/ms03-026.asp

Microsoft Security Bulletin (MS03-025)

Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679)

Date:

  • 09 July 2003

Software:

  • Microsoft(r) Windows(r) 2000

Impact:

  • Privilege Elevation

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-025.asp
http://www.microsoft.com/security/security_bulletins/ms03-025.asp

Microsoft Security Bulletin (MS03-024)

Buffer Overrun in Windows Could Lead to Data Corruption (817606)

Date:

  • 09 July 2003

Software:

  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Server 4.0, Terminal Server Edition
  • Microsoft Windows 2000
  • Windows XP Professional

Impact:

  • Allow an attacker to execute code of their choice.

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-024.asp
http://www.microsoft.com/security/security_bulletins/ms03-024.asp

Microsoft Security Bulletin (MS03-023)

Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

Date:

  • 09 July 2003

Software:

  • Microsoft(r) Windows (r) 98
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows Me
  • Microsoft Windows NT 4.0
  • Microsoft Windows NT 4.0 Terminal Services Edition
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Impact:

  • Allow an attacker to execute code of their choice.

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-023.asp
http://www.microsoft.com/security/security_bulletins/ms03-023.asp

Microsoft Security Bulletin (MS03-022)

Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (822343)

Date:

  • 25 June 2003

Software:

  • Microsoft(r) Windows(r) 2000

Impact:

  • Allow an attacker to execute code of their choice.

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-022.asp
http://www.microsoft.com/security/security_bulletins/ms03-022.asp

Microsoft Security Bulletin (MS03-021)

Flaw In Windows Media Player May Allow Media Library Access (819639)

Date:

  • 25 June 2003

Software:

  • Microsoft(r) Windows(r) Media Player 9 Series

Impact:

  • Information disclosure.

Max Risk:

  • Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-021.asp
http://www.microsoft.com/security/security_bulletins/ms03-021.asp

Microsoft Security Bulletin (MS03-020)

Cumulative Patch for Internet Explorer (818529)

Date:

  • 04 June 2003

Software:

  • Microsoft Internet Explorer(r) 5.01
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0 for Windows Server 2003

Impact:

  • Allow an attacker to execute code of their choice.

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-020.asp
http://www.microsoft.com/security/security_bulletins/ms03-020.asp

Microsoft Security Bulletin (MS03-019)

Flaw in ISAPI Extension for Windows Media Services Could Cause Denial of Service (817772)

Date:

  • 28 May 2003

Software:

  • Windows NT(r) 4.0
  • Windows(r) 2000

Impact:

  • Allow an attacker to execute code of their choice.

Max Risk:

  • Important (Updated from Moderate)

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-019.asp
http://www.microsoft.com/security/security_bulletins/ms03-019.asp

Microsoft Security Bulletin (MS03-018)

Cumulative Patch for Internet Information Service (811114)

Date:

  • 28 May 2003

Software:

  • Windows NT(r) 4.0
  • Windows(r) 2000
  • Windows(r) XP

Impact:

  • Allow an attacker to execute code of their choice.

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-018.asp
http://www.microsoft.com/security/security_bulletins/ms03-018.asp

Microsoft Security Bulletin (MS03-017)

Flaw in Windows Media Player Skins Downloading could allow Code Execution (817787)

Date:

  • 07 May 2003

Software:

  • Microsoft Windows Media Player 7.1
  • Microsoft Windows Media Player for Windows XP (Version 8.0)

Impact:

  • Arbitrary code execution

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-017.asp
http://www.microsoft.com/security/security_bulletins/ms03-017.asp

Microsoft Security Bulletin (MS03-016)

Cumulative Patch for BizTalk Server (815206)

Date:

  • 30 April 2003

Software:

  • Microsoft BizTalk Server 2000
  • Microsoft BizTalk Server 2002

Impact:

  • Two vulnerabilities, the most serious of which could allow an attacker to run code of their choice

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-016.asp
http://www.microsoft.com/security/security_bulletins/ms03-016.asp

Microsoft Security Bulletin (MS03-015)

Cumulative Patch for Internet Explorer (813489)

Date:

  • 23 April 2003

Software:

  • Microsoft (c) Internet Explorer

Impact:

  • Run code of the attacker's choice on a user's machine.

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-015.asp
http://www.microsoft.com/security/security_bulletins/ms03-015.asp

Microsoft Security Bulletin (MS03-014)

Cumulative Patch for Outlook Express (330994)

Date:

  • 23 April 2003

Software:

  • Microsoft (c) Outlook Express

Impact:

  • Run code of the attacker's choice on a user's machine.

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-014.asp
http://www.microsoft.com/security/security_bulletins/ms03-014.asp

Microsoft Security Bulletin (MS03-013)

Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)

Date:

  • 16 April 2003

Revised:

  • 28 May 2003 (version 2.0)

Software:

  • Microsoft Windows NT 4.0
  • Windows 2000
  • Windows XP 

Impact:

  • Local Elevation of Privilege

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-013.asp
http://www.microsoft.com/security/security_bulletins/ms03-013.asp

Microsoft Security Bulletin (MS03-012)

Flaw In Winsock Proxy Service And ISA Firewall Service Can Cause Denial Of Service (331066)

Date:

  • 09 April 2003

Software:

  • Microsoft Proxy Server 2.0
  • Microsoft ISA Server  

Impact:

  • Denial of Service

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-012.asp
http://www.microsoft.com/security/security_bulletins/ms03-012.asp

Microsoft Security Bulletin (MS03-011)

Flaw in Microsoft VM Could Enable System Compromise (816093)

Date:

  • 09 April 2003

Software:

  • Microsoft VM  

Impact:

  • Allow attacker to execute code of his or her choice

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-011.asp
http://www.microsoft.com/security/security_bulletins/ms03-011.asp

Microsoft Security Bulletin (MS03-010)

Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)

Date:

  • 26 March 2003

Software:

  • Windows NT 4.0
  • Windows 2000
  • Windows XP 

Impact:

  • Denial of Service

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-010.asp
http://www.microsoft.com/security/security_bulletins/ms03-010.asp

Microsoft Security Bulletin (MS03-009)

Flaw In ISA Server DNS Intrusion Detection Filter Can Cause Denial Of Service (331065)

Date:

  • 19 March 2003

Software:

  • Microsoft ISA Server  

Impact:

  • Denial of Service

Max Risk:

  • Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-009.asp
http://www.microsoft.com/security/security_bulletins/ms03-009.asp

Microsoft Security Bulletin (MS03-008)

Flaw in Windows Script Engine Could Allow Code Execution (814078)

Date:

  • 19 March 2003

Software:

  • Microsoft Windows XP 
  • Microsoft Windows 98
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows Me
  • Microsoft Windows NT 4.0
  • Microsoft Windows NT 4.0 Terminal Server Edition
  • Microsoft Windows 2000

Impact:

  • Run Code of Attacker's Choice

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-008.asp
http://www.microsoft.com/security/security_bulletins/ms03-008.asp

Microsoft Security Bulletin (MS03-007)

Unchecked buffer in Windows component could cause web server compromise (815021)

Date:

  • 17 March 2003

Revised:

  • 28 May 2003 (version 3.0)

Software:

  • Windows (r) NT 4.0
  • Windows 2000
  • Windows XP 

Impact:

  • Run Code of Attacker's Choice

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-007.asp
http://www.microsoft.com/security/security_bulletins/ms03-007.asp

Microsoft Security Bulletin (MS03-006)

Flaw in Windows Me Help and Support Center Could Enable Code Execution (812709)

Date:

  • 26 February 2003

Software:

  • Microsoft Windows ME 

Impact:

  • Run Code of Attacker's Choice

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-006.asp
http://www.microsoft.com/security/security_bulletins/ms03-006.asp

Microsoft Security Bulletin (MS03-005)

Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)

Date:

  • 05 February 2003

Software:

  • Microsoft Windows XP 

Impact:

  • Privilege elevation

Max Risk:

  • Important

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-005.asp
http://www.microsoft.com/security/security_bulletins/ms03-005.asp

Microsoft Security Bulletin (MS03-004)

Cumulative Patch for Internet Explorer (810847)

Date:

  • 05 February 2003

Revised:

  • 12 February 2003(version 2.0)

Software:

  • Microsoft Internet Explorer 

Impact:

  • Allow an attacker to execute commands on a user's system.

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-004.asp
http://www.microsoft.com/security/security_bulletins/ms03-004.asp

Microsoft Security Bulletin (MS03-003)

Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure (812262)

Date:

  • 22 January 2003

Software:

  • Microsoft Outlook 2002 

Impact:

  • Information Disclosure

Max Risk:

  • Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-003.asp
http://www.microsoft.com/security/security_bulletins/ms03-003.asp

Microsoft Security Bulletin (MS03-002)

Cumulative Patch for Microsoft Content Management Server (810487)

Date:

  • 22 January 2003

Software:

  • Microsoft Content Management Server 2001

Impact:

  • Information Disclosure

Max Risk:

  • Moderate

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-002.asp
http://www.microsoft.com/security/security_bulletins/ms03-002.asp

Microsoft Security Bulletin (MS03-001)

Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)

Date:

  • 22 January 2003

Software:

  • Windows NT 4.0
  • Windows 2000
  • Windows XP 

Impact:

  • Run code of the attacker's choice

Max Risk:

  • Critical

Microsoft encourages customers to review the Security Bulletins at:
http://www.microsoft.com/technet/security/bulletin/ms03-001.asp
http://www.microsoft.com/security/security_bulletins/ms03-001.asp

Year 2002 Security Bulletins
Year 2001 Security Bulletins
Year 2000 Security Bulletins 
Year 1999 Security Bulletins 
Year 1998 Security Bulletins 

Microsoft Terms of Use

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT  DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR  PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS  SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF  LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

(c) 2003 Microsoft Corporation. All rights reserved. Terms of use.