Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Vulnerability in the Microsoft Jet Database Engine
Posted by Philipp Esselbach on: 05/12/2004 02:39 AM [ Print | 0 comment(s) ]
Microsoft has released a security update for the Microsoft Jet Database Engine
Affected Software:
- Microsoft Windows NT Workstation 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack6
- Microsoft Windows 2000 Service Pack 2
- Microsoft Windows 2000 Service Pack 3
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP
- Microsoft Windows XP Service Pack 1
- Microsoft Windows XP 64-Bit Edition Service Pack 1
- Microsoft Windows XP 64-Bit Edition Version 2003
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 64-Bit Edition
- Microsoft Windows 98
- Please review the FAQ section of the bulletin for details about this operating system.
- Microsoft Windows 98 Second Edition (SE)
- Please review the FAQ section of the bulletin for details about this operating system.
- Microsoft Windows Millennium Edition (ME)
- Please review the FAQsection of the bulletin for details about this operating system.
Affected Components:
- Microsoft Jet Database Engine version 4.0
Reason for Re-issue: Microsoft updated this bulletin on May 11, 2004 to advise on the availability of a revised version of the security updatefor non-English versions of Windows XP (as opposed to Windows XP ServicePack 1). The original update does address the vulnerability in WindowsXP for all supported languages; however, the original update was notfully localized. Specifically, optional Jet error strings were onlybeing offered in English on Windows XP. This issue does not affect otheroperating systems. If you have previously applied the security updatefor other operating systems, including Windows XP Service Pack 1, youneed not take any additional action.If you have previously applied the security update for non-Englishversions of Windows XP (as opposed to Windows XP Service Pack 1), youneed not take any additional action as you are already protected fromthis vulnerability. However, if you want to have the Jet optional texterror information in the same language as your Windows XP installation, you will need to remove the original security update MS04-014 (837001) following the Removal Information procedure located in this document and install the revised version. Once 837001 is uninstalled, revisiting Windows Update will result in the revised MS04-014 security update for Windows XP being re-offered with the correct, localized, optional texterror strings.
More information on this re-issued bulletin is available at: http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx
Affected Software:
- Microsoft Windows NT Workstation 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Service Pack 6a
- Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack6
- Microsoft Windows 2000 Service Pack 2
- Microsoft Windows 2000 Service Pack 3
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP
- Microsoft Windows XP Service Pack 1
- Microsoft Windows XP 64-Bit Edition Service Pack 1
- Microsoft Windows XP 64-Bit Edition Version 2003
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 64-Bit Edition
- Microsoft Windows 98
- Please review the FAQ section of the bulletin for details about this operating system.
- Microsoft Windows 98 Second Edition (SE)
- Please review the FAQ section of the bulletin for details about this operating system.
- Microsoft Windows Millennium Edition (ME)
- Please review the FAQsection of the bulletin for details about this operating system.
Affected Components:
- Microsoft Jet Database Engine version 4.0
Reason for Re-issue: Microsoft updated this bulletin on May 11, 2004 to advise on the availability of a revised version of the security updatefor non-English versions of Windows XP (as opposed to Windows XP ServicePack 1). The original update does address the vulnerability in WindowsXP for all supported languages; however, the original update was notfully localized. Specifically, optional Jet error strings were onlybeing offered in English on Windows XP. This issue does not affect otheroperating systems. If you have previously applied the security updatefor other operating systems, including Windows XP Service Pack 1, youneed not take any additional action.If you have previously applied the security update for non-Englishversions of Windows XP (as opposed to Windows XP Service Pack 1), youneed not take any additional action as you are already protected fromthis vulnerability. However, if you want to have the Jet optional texterror information in the same language as your Windows XP installation, you will need to remove the original security update MS04-014 (837001) following the Removal Information procedure located in this document and install the revised version. Once 837001 is uninstalled, revisiting Windows Update will result in the revised MS04-014 security update for Windows XP being re-offered with the correct, localized, optional texterror strings.
More information on this re-issued bulletin is available at: http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx
Related Threads
09/16/2004 03:29 AM: JPEG vulnerability in IE/MsApps not enough? Bitmap parse in FireFox/Mozilla now (2) by jmmijo
03/20/2004 08:47 AM: Security vulnerabilities playing on-line games? (0) by SnapperOne
12/08/2004 01:21 PM: Microsoft Terminal Services vulnerable to MITM-attacks (2) by webthat
03/30/2003 04:34 AM: New RPC NT/2k/XP Vulnerability Patch from MS... (1) by KhaineBOT
11/14/2002 04:30 PM: Critical vulnerability in XP (7) by freddy
05/02/2001 07:41 PM: IIS 5 Vulnerability (1) by Toby
03/20/2004 08:47 AM: Security vulnerabilities playing on-line games? (0) by SnapperOne
12/08/2004 01:21 PM: Microsoft Terminal Services vulnerable to MITM-attacks (2) by webthat
03/30/2003 04:34 AM: New RPC NT/2k/XP Vulnerability Patch from MS... (1) by KhaineBOT
11/14/2002 04:30 PM: Critical vulnerability in XP (7) by freddy
05/02/2001 07:41 PM: IIS 5 Vulnerability (1) by Toby