MooSoft has posted a new trojan definitions update for "The Cleaner"
Microsoft has released a patch that eliminates a serious security
vulnerability in Microsoft(r) Internet Information Services 5.0. The
vulnerability could enable a malicious user to run operating system
commands on an affected web server.
Microsoft strongly urges all customers using IIS 5.0 to apply the
patch immediately. IIS 4.0 is not affected by the vulnerability.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-086.asp
Affected Software Versions
==========================
- Microsoft Internet Information Service 5.0
Note: IIS 4.0 is not affected by the vulnerability.
Patch Availability
==================
- English:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25547
- Simplified Chinese:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25580
- Traditional Chinese:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25581
- German:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25582
- Japanese:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25583
Note: This patch can be applied atop system running either Windows
2000 Gold or Service Pack 1. It will be included in Windows 2000
Service Pack 2.
vulnerability in Microsoft(r) Internet Information Services 5.0. The
vulnerability could enable a malicious user to run operating system
commands on an affected web server.
Microsoft strongly urges all customers using IIS 5.0 to apply the
patch immediately. IIS 4.0 is not affected by the vulnerability.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-086.asp
Affected Software Versions
==========================
- Microsoft Internet Information Service 5.0
Note: IIS 4.0 is not affected by the vulnerability.
Patch Availability
==================
- English:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25547
- Simplified Chinese:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25580
- Traditional Chinese:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25581
- German:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25582
- Japanese:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25583
Note: This patch can be applied atop system running either Windows
2000 Gold or Service Pack 1. It will be included in Windows 2000
Service Pack 2.
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Windows 2000. The vulnerability could
allow enable a malicious user to potentially run code on another
user´s machine.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-085.asp
Affected Software Versions
==========================
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
Patch Availability
==================
- http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25532
vulnerability in Microsoft(r) Windows 2000. The vulnerability could
allow enable a malicious user to potentially run code on another
user´s machine.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-085.asp
Affected Software Versions
==========================
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
Patch Availability
==================
- http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25532
On August 25, 2000, Microsoft released the original version of this
bulletin, to advise customers of the availability of a patch that
eliminates a vulnerability in Microsoft(r) Internet Information
Server. However, an additional variant of the vulnerability was
subsequently identified, and on November 2, 2000, the bulletin was
updated to advise customers of the availability of an updated patch.
The scope of the new vulnerability is exactly the same as that of the
originally-reported one. The updated patch eliminates all known
variants of the vulnerability. Customers who applied the original
version of the patch should apply the new version to ensure that they
are fully protected.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-060.asp
Affected Software Versions
==========================
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Server 5.0
Patch Availability
==================
- Internet Information Server 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25534
- Internet Information Server 5.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25533
bulletin, to advise customers of the availability of a patch that
eliminates a vulnerability in Microsoft(r) Internet Information
Server. However, an additional variant of the vulnerability was
subsequently identified, and on November 2, 2000, the bulletin was
updated to advise customers of the availability of an updated patch.
The scope of the new vulnerability is exactly the same as that of the
originally-reported one. The updated patch eliminates all known
variants of the vulnerability. Customers who applied the original
version of the patch should apply the new version to ensure that they
are fully protected.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-060.asp
Affected Software Versions
==========================
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Server 5.0
Patch Availability
==================
- Internet Information Server 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25534
- Internet Information Server 5.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25533
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Indexing Services for Windows 2000.
This vulnerability could allow a malicious web site operator to
misuse another web site as a means of attacking users.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-084.asp
Affected Software Versions
==========================
- Microsoft Indexing Services for Windows 2000
NOTE: The Indexing Service ships and installs with Windows 2000, but
is not enabled by default. Users who are running web servers on
Windows 2000 who have enabled Indexing Services are urged to apply
this patch.
Patch Availability
==================
- Indexing Services for Windows 2000:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25517
vulnerability in Microsoft(r) Indexing Services for Windows 2000.
This vulnerability could allow a malicious web site operator to
misuse another web site as a means of attacking users.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-084.asp
Affected Software Versions
==========================
- Microsoft Indexing Services for Windows 2000
NOTE: The Indexing Service ships and installs with Windows 2000, but
is not enabled by default. Users who are running web servers on
Windows 2000 who have enabled Indexing Services are urged to apply
this patch.
Patch Availability
==================
- Indexing Services for Windows 2000:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25517
Symantec has posted a new virus definitions update for Norton Antivirus.
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Windows NT(r) and Windows(r) 2000
server products and Systems Management Server. The vulnerability
could allow a malicious user to gain control of an affected server.
Frequently asked questions regarding this vulnerability and
the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-083.asp
Affected Software Versions
==========================
- Microsoft Windows NT 4.0 Server
- Microsoft Windows NT 4.0 Server, Terminal Server Edition
- Microsoft Windows NT 4.0 Server, Enterprise Edition
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Systems Management Server 1.2
- Microsoft Systems Management Server 2.0
Note: Netmon does not ship as part of Windows NT 4.0 Workstation or
Windows 2000 Professional. These products would only be affected if
SMS had been installed on them.
Patch Availability
==================
- Microsoft Windows NT 4.0 Server and Windows NT 4.0 Server,
Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25487
- Microsoft Windows NT 4.0 Server, Terminal Server Edition:
To be released shortly.
- Microsoft Windows 2000 Server, Advanced Server and
Datacenter Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25485
- Microsoft Systems Management Server 1.2:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25505
- Microsoft Systems Management Server 2.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25514
vulnerability in Microsoft(r) Windows NT(r) and Windows(r) 2000
server products and Systems Management Server. The vulnerability
could allow a malicious user to gain control of an affected server.
Frequently asked questions regarding this vulnerability and
the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-083.asp
Affected Software Versions
==========================
- Microsoft Windows NT 4.0 Server
- Microsoft Windows NT 4.0 Server, Terminal Server Edition
- Microsoft Windows NT 4.0 Server, Enterprise Edition
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Systems Management Server 1.2
- Microsoft Systems Management Server 2.0
Note: Netmon does not ship as part of Windows NT 4.0 Workstation or
Windows 2000 Professional. These products would only be affected if
SMS had been installed on them.
Patch Availability
==================
- Microsoft Windows NT 4.0 Server and Windows NT 4.0 Server,
Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25487
- Microsoft Windows NT 4.0 Server, Terminal Server Edition:
To be released shortly.
- Microsoft Windows 2000 Server, Advanced Server and
Datacenter Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25485
- Microsoft Systems Management Server 1.2:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25505
- Microsoft Systems Management Server 2.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25514
MooSoft has updated the trojan definition database for "The Cleaner".
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Exchange Server 5.5. The vulnerability
could enable a malicious user to cause an Exchange server to fail.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-082.asp
Affected Software Versions
==========================
- Microsoft Exchange Server 5.5
Note: Exchange Server 2000 is not affected by the vulnerability.
Patch Availability
==================
- Microsoft Exchange Server 5.5:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25443
Note: This patch can be applied atop systems running Exchange Server
5.5 Service Pack 3. It is included in Exchange Server 5.5 Service
Pack 4.
vulnerability in Microsoft(r) Exchange Server 5.5. The vulnerability
could enable a malicious user to cause an Exchange server to fail.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-082.asp
Affected Software Versions
==========================
- Microsoft Exchange Server 5.5
Note: Exchange Server 2000 is not affected by the vulnerability.
Patch Availability
==================
- Microsoft Exchange Server 5.5:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25443
Note: This patch can be applied atop systems running Exchange Server
5.5 Service Pack 3. It is included in Exchange Server 5.5 Service
Pack 4.
Symantec has posted a new virus definitions update for their products.
Microsoft has released a patch that eliminates a security
vulnerability in the Microsoft(r) virtual machine (Microsoft VM)
that originally was discussed in Microsoft Security Bulletin
MS00-011. Like the original vulnerability, the new variant could
enable a malicious web site operator to read files from the computer
of a person who visited his site or read web content from inside an
intranet if the malicious site was visited by a computer from within
that intranet.
Frequently asked questions regarding this vulnerability and the
patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-081.asp
Affected Software Versions
==========================
Versions of the Microsoft VM are identified by build numbers, which
can be determined using the JVIEW tool, as discussed in the FAQ. The
following builds of the Microsoft VM are affected:
- All builds in the 2000 series.
- All builds in the 3000 series.
Note: The Microsoft VM ships as part of several products. However,
the primary ship vehicle is Internet Explorer.
Patch Availability
==================
New versions of the Microsoft VM that include a fix for the
vulnerability can be downloaded from the following locations:
- 2000-series builds:
A patch specifically for the 2000-series builds will be available
shortly. Customers who wish to eliminate the vulnerability can
also do so by upgrading to build 3319 at
http://www.microsoft.com/java/vm/dl_vm40.htm
- 3000-series:
Upgrade to build 3319 or later at
http://www.microsoft.com/java/vm/dl_vm40.htm.
vulnerability in the Microsoft(r) virtual machine (Microsoft VM)
that originally was discussed in Microsoft Security Bulletin
MS00-011. Like the original vulnerability, the new variant could
enable a malicious web site operator to read files from the computer
of a person who visited his site or read web content from inside an
intranet if the malicious site was visited by a computer from within
that intranet.
Frequently asked questions regarding this vulnerability and the
patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-081.asp
Affected Software Versions
==========================
Versions of the Microsoft VM are identified by build numbers, which
can be determined using the JVIEW tool, as discussed in the FAQ. The
following builds of the Microsoft VM are affected:
- All builds in the 2000 series.
- All builds in the 3000 series.
Note: The Microsoft VM ships as part of several products. However,
the primary ship vehicle is Internet Explorer.
Patch Availability
==================
New versions of the Microsoft VM that include a fix for the
vulnerability can be downloaded from the following locations:
- 2000-series builds:
A patch specifically for the 2000-series builds will be available
shortly. Customers who wish to eliminate the vulnerability can
also do so by upgrading to build 3319 at
http://www.microsoft.com/java/vm/dl_vm40.htm
- 3000-series:
Upgrade to build 3319 or later at
http://www.microsoft.com/java/vm/dl_vm40.htm.
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Internet Information Server. The
vulnerability could allow a malicious user to "hijack" another user´s
secure web session, under a very restricted set of circumstances.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-080.asp
Affected Software Versions
==========================
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
Patch Availability
==================
- IIS 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25233
- IIS 5.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25232
vulnerability in Microsoft(r) Internet Information Server. The
vulnerability could allow a malicious user to "hijack" another user´s
secure web session, under a very restricted set of circumstances.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-080.asp
Affected Software Versions
==========================
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
Patch Availability
==================
- IIS 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25233
- IIS 5.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25232
Symantec has posted a new virus definitions update for Norton Antivirus.
Microsoft has released a patch that eliminates a security
vulnerability in the HyperTerminal application that ships with
several Microsoft(r) operating systems. This vulnerability could,
under certain circumstances, allow a malicious user to execute
arbitrary code on another user´s system.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-079.asp
Affected Software Versions
==========================
- Microsoft Windows 98 and Windows 98SE
- Microsoft Windows Me
- Microsoft Windows 2000
Patch Availability
==================
- Windows 98 and 98SE:
Download
- Windows Me:
Download
- Windows 2000 (can be applied to both Gold and Service Pack 1):
Download
vulnerability in the HyperTerminal application that ships with
several Microsoft(r) operating systems. This vulnerability could,
under certain circumstances, allow a malicious user to execute
arbitrary code on another user´s system.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-079.asp
Affected Software Versions
==========================
- Microsoft Windows 98 and Windows 98SE
- Microsoft Windows Me
- Microsoft Windows 2000
Patch Availability
==================
- Windows 98 and 98SE:
Download
- Windows Me:
Download
- Windows 2000 (can be applied to both Gold and Service Pack 1):
Download
Moosoft has posted a new trojan definition database for "The Cleaner".
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) IIS 4.0 and 5.0. The vulnerability
could potentially allow a visitor to a web site to take a wide range
of destructive actions against it, including running programs on it.
This vulnerability is eliminated by the patch that accompanied
Microsoft Security Bulletin MS00-057. Customers who have applied
that patch are already protected against the vulnerability and do not
need to take additional action. Microsoft strongly urges all
customers using IIS 4.0 and 5.0 who have not already done so to apply
the patch immediately.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-078.asp
Affected Software Versions
==========================
- Microsoft IIS 4.0
- Microsoft IIS 5.0
Patch Availability
==================
- Microsoft IIS 4.0:
http://www.microsoft.com/ntserver/nts/downloads/critical/q269862
- Microsoft IIS 5.0:
http://www.microsoft.com/windows2000/downloads/critical/q269862
Note: The IIS 4.0 patch can be installed on systems running Windows
NT(r) 4.0 Service Packs 5 and 6a. It will be included in Windows NT
4.0 Service Pack 7. The IIS 5.0 patch can be installed on systems
running either Windows(r) 2000 Gold or Service Pack 1. It will be
included in Windows 2000 Service Pack 2.
vulnerability in Microsoft(r) IIS 4.0 and 5.0. The vulnerability
could potentially allow a visitor to a web site to take a wide range
of destructive actions against it, including running programs on it.
This vulnerability is eliminated by the patch that accompanied
Microsoft Security Bulletin MS00-057. Customers who have applied
that patch are already protected against the vulnerability and do not
need to take additional action. Microsoft strongly urges all
customers using IIS 4.0 and 5.0 who have not already done so to apply
the patch immediately.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-078.asp
Affected Software Versions
==========================
- Microsoft IIS 4.0
- Microsoft IIS 5.0
Patch Availability
==================
- Microsoft IIS 4.0:
http://www.microsoft.com/ntserver/nts/downloads/critical/q269862
- Microsoft IIS 5.0:
http://www.microsoft.com/windows2000/downloads/critical/q269862
Note: The IIS 4.0 patch can be installed on systems running Windows
NT(r) 4.0 Service Packs 5 and 6a. It will be included in Windows NT
4.0 Service Pack 7. The IIS 5.0 patch can be installed on systems
running either Windows(r) 2000 Gold or Service Pack 1. It will be
included in Windows 2000 Service Pack 2.
Microsoft has released a patch that eliminates a security
vulnerability in NetMeeting, an application that ships with
Microsoft(r) Windows 2000 and is also available as a separate
download for Windows NT 4.0. The vulnerability could allow a
malicious user to temporarily prevent an affected machine from
providing any NetMeeting services and possibly consume 100% CPU
utilization during an attack.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-077.asp
Affected Software Versions
==========================
NetMeeting Version 3.01 (4.4.3385) on Windows 2000 or Windows NT 4.0.
Patch Availability
==================
- Windows 2000 and Windows NT 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25029
vulnerability in NetMeeting, an application that ships with
Microsoft(r) Windows 2000 and is also available as a separate
download for Windows NT 4.0. The vulnerability could allow a
malicious user to temporarily prevent an affected machine from
providing any NetMeeting services and possibly consume 100% CPU
utilization during an attack.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-077.asp
Affected Software Versions
==========================
NetMeeting Version 3.01 (4.4.3385) on Windows 2000 or Windows NT 4.0.
Patch Availability
==================
- Windows 2000 and Windows NT 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25029
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Internet Explorer. Under a daunting
set of conditions, the vulnerability could enable a malicious user to
obtain another user´s userid and password to a web site.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-076.asp
Affected Software Versions
==========================
- Microsoft Internet Explorer 4.x
- Microsoft Internet Explorer 5.x prior to version 5.5
Note: Internet Explorer 5.5 is not affected by this vulnerability.
Customers using IE 5.5 do not need to take any action.
Patch Availability
==================
- http://www.microsoft.com/windows/ie/download/critical/q273868.htm
Note: The patch requires IE 5.01 SP1 to install. Customers who
install this patch on other versions may receive a message reading
"This update does not need to be installed on this system". This
message is incorrect. More information is available in KB article
Q273868.
Note: As discussed in Affected Software Versions, this vulnerability
does not affect IE 5.5.
vulnerability in Microsoft(r) Internet Explorer. Under a daunting
set of conditions, the vulnerability could enable a malicious user to
obtain another user´s userid and password to a web site.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-076.asp
Affected Software Versions
==========================
- Microsoft Internet Explorer 4.x
- Microsoft Internet Explorer 5.x prior to version 5.5
Note: Internet Explorer 5.5 is not affected by this vulnerability.
Customers using IE 5.5 do not need to take any action.
Patch Availability
==================
- http://www.microsoft.com/windows/ie/download/critical/q273868.htm
Note: The patch requires IE 5.01 SP1 to install. Customers who
install this patch on other versions may receive a message reading
"This update does not need to be installed on this system". This
message is incorrect. More information is available in KB article
Q273868.
Note: As discussed in Affected Software Versions, this vulnerability
does not affect IE 5.5.
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) virtual machine (Microsoft VM). If a
malicious web site operator were able to coax a user into visiting
his site, the vulnerability could allow him to take any desired
action on a visiting user´s machine.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-075.asp
Affected Software Versions
==========================
Versions of the Microsoft VM are identified by build numbers, which
can be determined using the JVIEW tool, as discussed in the FAQ. The
following builds of the Microsoft VM are affected:
- All builds in the 2000 series.
- All builds in the 3100 series.
- All builds in the 3200 series.
- All builds in the 3300 series.
Patch Availability
==================
- 2000-series Microsoft VM customers will be provided with an update
soon.
- 3100-series Microsoft VM customers upgrade to build 3318 or later
from:
http://www.microsoft.com/java/vm/dl_vm40.htm
- 3200-series Microsoft VM customers upgrade to build 3318 or later
from:
http://www.microsoft.com/java/vm/dl_vm40.htm
- 3300-series Microsoft VM customers upgrade to build 3318 or later
from:
http://www.microsoft.com/java/vm/dl_vm40.htm
vulnerability in Microsoft(r) virtual machine (Microsoft VM). If a
malicious web site operator were able to coax a user into visiting
his site, the vulnerability could allow him to take any desired
action on a visiting user´s machine.
Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-075.asp
Affected Software Versions
==========================
Versions of the Microsoft VM are identified by build numbers, which
can be determined using the JVIEW tool, as discussed in the FAQ. The
following builds of the Microsoft VM are affected:
- All builds in the 2000 series.
- All builds in the 3100 series.
- All builds in the 3200 series.
- All builds in the 3300 series.
Patch Availability
==================
- 2000-series Microsoft VM customers will be provided with an update
soon.
- 3100-series Microsoft VM customers upgrade to build 3318 or later
from:
http://www.microsoft.com/java/vm/dl_vm40.htm
- 3200-series Microsoft VM customers upgrade to build 3318 or later
from:
http://www.microsoft.com/java/vm/dl_vm40.htm
- 3300-series Microsoft VM customers upgrade to build 3318 or later
from:
http://www.microsoft.com/java/vm/dl_vm40.htm
