Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:6980
HistoryOct 13, 2004 - 12:00 a.m.

Microsoft Security Bulletin MS04-035 Vulnerability in SMTP Could Allow Remote Code Execution (885881)

2004-10-1300:00:00
vulners.com
21

Microsoft Security Bulletin MS04-035
Vulnerability in SMTP Could Allow Remote Code Execution (885881)

Issued: October 12, 2004
Version: 1.0

Summary
Who should read this document: System administrators who use Microsoft Exchange Server 2003, Windows XP 64-Bit Edition Version 2003, or Windows Server 2003

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately.

Security Update Replacement: None

Caveats: None

Tested Software and Security Update Download Locations:

Affected Software:

• Microsoft Windows XP 64-Bit Edition Version 2003 – Download the update (KB885881)

• Microsoft Windows Server 2003 – Download the update (KB885881)

• Microsoft Windows Server 2003 64-Bit Edition – Download the update (KB885881)

• Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 when installed on Microsoft Windows Server 2003 (uses the Windows 2003 SMTP component)

• Microsoft Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4 – Download the update (KB885882)

Non-Affected Software:

• Microsoft Windows NT Server 4.0 Service Pack 6a

• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

• Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4

• Microsoft Windows XP, Microsoft Windows XP Service Pack 1, and Microsoft Windows XP Service Pack 2

• Microsoft Windows XP 64-Bit Edition Service Pack 1

• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

• Microsoft Exchange Server 5.0 Service Pack 2

• Microsoft Exchange Server 5.5 Service Pack 4

• Microsoft Exchange 2000 Server Service Pack 3

• Microsoft Exchange Server 2003 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4

Tested Microsoft Windows and Exchange components:

• Microsoft Windows NT Server 4.0 Service Pack 6a SMTP component

• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 SMTP component

• Microsoft Windows 2000 Service Pack 3 STMP component and Microsoft Windows 2000 Service Pack 4 SMTP component

• Microsoft Windows XP SMTP component, Microsoft Windows XP Service Pack 1 SMTP component, and Microsoft Windows XP Service Pack 2 SMTP component

• Microsoft Windows XP 64-Bit Edition Service Pack 1 SMTP component

• Microsoft Windows XP 64-Bit Edition Version 2003 SMTP component

• Microsoft Windows Server 2003 SMTP component

• Microsoft Windows Server 2003 64-Bit Edition SMTP component

• Microsoft Exchange Server 2003 Routing Engine component

Affected components:

• Microsoft Windows XP 64-Bit Edition Version 2003 SMTP component

• Microsoft Windows Server 2003 SMTP component

• Microsoft Windows Server 2003 64-Bit Edition SMTP component

• Microsoft Exchange Server 2003 Routing Engine component

The software in this list has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site.

Top of section
General Information
Executive Summary

Executive Summary:

This update resolves a newly-discovered vulnerability. A remote code execution vulnerability exists in the Simple Mail Transfer Protocol (SMTP) component that is provided as part of the affected software. The vulnerability is documented in the Vulnerability Details section of this bulletin.

An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

We recommend that customers apply the update immediately.

Severity Ratings and Vulnerability Identifiers:

Vulnerability Identifiers Impact of Vulnerability Exchange Server 2003 Windows Server 2003 Windows Server 2003 64-Bit Edition Windows XP 64-Bit Edition Version 2003
SMTP Vulnerability - CAN-2004-0840
Remote Code Execution

Critical
Important
Important
Important

This assessment is based on the types of systems that are affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them.

Top of section
Frequently asked questions (FAQ) related to this security update

Can I use the Microsoft Baseline Security Analyzer (MBSA) to determine if this update is required?
MBSA will determine if the update for this vulnerability is required for Microsoft Windows Server 2003 or Microsoft Exchange Server 2003. For detailed information about the programs that MBSA currently does not detect, see Microsoft Knowledge Base Article 306460. For more information about MBSA, visit the MBSA Web site.

Note After April 20, 2004, the Mssecure.xml file that is used by MBSA 1.1.1 and earlier versions is no longer being updated with new security bulletin data. Therefore, scans that are performed after that date with MBSA 1.1.1 or earlier will be incomplete. All users should upgrade to MBSA 1.2 because it provides more accurate security update detection and supports additional products. Users can download MBSA 1.2 from the MBSA Web site. For more information about MBSA support, visit the following Microsoft Baseline Security Analyzer 1.2 Q&A Web site.

Can I use Systems Management Server (SMS) to determine if this update is required?
Yes. SMS can help detect and deploy this security update. For information about SMS, visit the SMS Web site.

Note SMS may target update 885882 to systems using Exchange Server 2003 on Windows Server 2003 that has not yet been updated with Exchange Server 2003 Service Pack 1. While these systems do not need this update, installing this update on these systems is fully supported and not expected to cause any issues. For more information see the FAQ “Why are there updates for both Windows Server 2003 and Exchange Server 2003” and "Is it possible to install the Exchange Routing Engine component update (KB885882) on Windows Server 2003-based systems?".

Top of section
Vulnerability Details

SMTP Vulnerability - CAN-2004-0840:

A remote code execution vulnerability exists in the Windows Server 2003 SMTP component because of the way that it handles Domain Name System (DNS) lookups. An attacker could exploit the vulnerability by causing the server to process a particular DNS response that could potentially allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. The vulnerability also exists in the Microsoft Exchange Server 2003 Routing Engine component when installed on Microsoft Windows 2000 Service Pack 3 or on Microsoft Windows 2000 Service Pack 4.

Mitigating Factors for SMTP Vulnerability - CAN-2004-0840:

• By default, the SMTP component is not installed on Windows Server 2003, Windows Server 2003 64-Bit Edition, or Windows XP 64-Bit Edition Version 2003.

• By default, the SMTP component is not installed when Internet Information Services (IIS) 6.0 is installed.

• Windows NT Server 4.0, Windows 2000, Windows XP, Windows XP 64-Bit Edition, Exchange Server 5.0, Exchange Server 5.5, and Exchange 2000 Server are not affected by this vulnerability.

Top of section
Workarounds for SMTP Vulnerability - CAN-2004-0840:

Microsoft has tested the following workaround. This workaround will not correct the underlying vulnerability but will help block known attack vectors. Workarounds may cause a reduction in functionality in some cases - in such situations this is identified below.

Use a firewall to block incoming TCP protocol network traffic on port 53 for Windows Server 2003 systems using the SMTP component, regardless of if Exchange is installed.
Use a firewall to block TCP protocol network traffic on port 53. Do not block UDP traffic on port 53 or the server will be unable to make any DNS queries to resolve domain names.

Impact of Workaround: Port 53 is used for DNS queries and responses. By blocking the TCP protocol on port 53, all DNS name resolution must be done through the UDP protocol. Large DNS responses sent through TCP can be split between multiple packets, while responses sent through UDP must fit within a single UDP packet. This means that if you rely only on UDP for DNS name resolution, you may be unable communicate with domains that return more IP addresses than can fit in a single UDP packet. Typically, each entry in a DNS response requires 16 bytes. Therefore, a single UDP response packet can contain approximately 30 IP addresses.

Note It is possible to minimize potential disruptions of DNS name resolution by implementing a metabase key. For detailed information about this, see Microsoft Knowledge Base Article 820284.
Setting the metabase key will allow SMTP to use partial UDP name resolution responses to route mail. It will not prevent TCP responses from being sent to the server, and setting the metabase key is not a substitute for blocking TCP on port 53. This metabase key affects only SMTP, and it will not affect the name resolution behavior of other services and applications.

Block TCP protocol network traffic on Windows Server 2000 Service Pack 3 or Service Pack 4 systems with Microsoft Exchange Server 2003 with no service pack installed.
If you have defined External DNS Servers, you can block TCP protocol network traffic on port 53 between the Exchange server and all external DNS servers. Follow these steps to check if External DNS Servers have been configured on your Exchange server:

Start the Exchange System Manager and for each server:

• Expand the Protocols container.

• Expand the SMTP container.

• For each SMTP virtual server:

• Open the SMTP virtual server Properties.

• Select the Delivery tab.

• Click the Advanced button.

• Click the Configure button.

Block TCP traffic on port 53 between any external DNS servers listed and the Exchange server. If there are no external DNS servers listed, you do not have to take any action. However, Microsoft strongly recommends that you apply the security update or service pack for Exchange 2003 so that you will protected if the configuration of your server changes in the future.

Impact of Workaround: This workaround will affect only SMTP traffic on the Exchange system. It will not affect name resolution by other applications and services. The external DNS servers configured in Exchange System Manager are used only by the SMTP and Exchange Routing services. With TCP traffic from these servers blocked on port 53, Exchange will automatically use partial UDP name resolution responses to route mail. There is no need to set a metabase key as described above for Windows Server 2003 in order for SMTP to take advantage of partial responses. It is possible that some mail will still be unable to be delivered. This will happen only if a valid email server IP address is not found in a partial UDP response.

• Do not block both TCP and UDP for port 53. Doing so will cause all DNS name resolution to fail on the server.

• If your server hosts applications that are configured to use only TCP for DNS responses, then this workaround will cause those applications to be unable to resolve domain names to IP addresses.

• If your server is used primarily as an SMTP-based email server or Exchange server, messages addressed to domains that return large DNS responses may not be processed or delivered.

Top of section
FAQ for SMTP Vulnerability - CAN-2004-0840:

What is the scope of the vulnerability?
A remote code execution vulnerability exists in the Windows Server 2003 SMTP component because of the way that it handles DNS lookups. An attacker who successfully exploited this vulnerability could take complete control of an affected system. The vulnerability also exists in Microsoft Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or on Microsoft Windows 2000 Service Pack 4.

What causes the vulnerability?
An unchecked buffer in the Windows SMTP component and in the Exchange Routing Engine component.

What is SMTP?
Simple Mail Transfer Protocol (SMTP) is an industry standard for delivering e-mail messages over the Internet, as defined in RFC 2821 and in RFC 2822. The protocol defines the format of e-mail messages, the fields that are in e-mail messages, the contents of e-mail messages, and the handling procedures for e-mail messages.

What is the Exchange Routing Engine component?
The Exchange Routing Engine component is part of the Exchange Routing Engine Service. The Exchange Routing Engine Service implements the Routing Engine API and determines how e-mail messages are routed through an Exchange system.

Why are there updates for both Windows Server 2003 and Exchange Server 2003?
The reason that this issue is addressed in both products is that name resolution functionality that was previously available only in the Exchange Server 2003 Routing Engine component was added to the Windows Server 2003 SMTP component. This is why you should install the update for Windows Server SMTP component update (KB885881) on Windows Server 2003 regardless of whether you have Exchange Server 2003 installed.

The update for Microsoft Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or on Microsoft Windows 2000 Service Pack 4 (KB885882) addresses the issue that is described in this bulletin in the Exchange Server 2003 Routing Engine component.

On Windows 2000, you should install Exchange Server 2003 Routing Engine component update only if you are running Exchange Server 2003 and you have not yet installed Exchange Server 2003 Service Pack 1.

On Windows Server 2003, Exchange uses the Windows Server 2003 SMTP component and bypasses the Exchange Server 2003 Routing Engine component for certain name resolution functions. On Windows 2000 Server, Exchange uses the functionality its Exchange Routing Engine component because this functionality is not available in the Windows 2000 SMTP component.

Windows and/or Exchange software
KB885881
KB885882

Windows Server 2003
Important
Not Applicable

Windows Server 2003 64-Bit Edition
Important
Not Applicable

Windows XP 64-Bit Edition Version 2003
Important
Not Applicable

Exchange Server 2003 when installed on Windows Server 2003
Critical [1]
None [2]

Exchange Server 2003 Service Pack 1 when installed on Windows Server 2003
Critical [1]
Not Applicable

Exchange Server 2003 when installed on Windows 2000 Service Pack 3 or Windows 2000 Service Pack 4
Not Applicable
Critical

[1] This is the Windows Server 2003 update.

[2] This update can be installed on these systems but is not necessary to be protected from this vulnerability. See the next FAQ for more information.

Is it possible to install the Exchange Routing Engine component update (KB885882) on Windows Server 2003-based systems?
Yes.It is possible to install the Exchange Routing Engine component update on Windows Server 2003-based systems if you haveExchange Server 2003 installed, but you have not yet installed Exchange Server 2003 Service Pack 1. However, you may not want to because doing this does not help protect against this vulnerability on Windows Server 2003-based systems. It only helps protect against this vulnerability on Windows 2000-based systems. To help protect against this vulnerability on Windows Server 2003-based systems, you must install the Windows Server 2003 SMTP component update (KB885881).

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could take complete control of the affected system or could cause the SMTP component, and other services that are hosted by Internet Information Services on the same system, to repeatedly fail.

Who could exploit the vulnerability?
On Exchange Server 2003, or on systems that use the Windows Server 2003 SMTP component, any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability.

How could an attacker exploit the vulnerability?
An attacker could attempt to exploit the vulnerability by creating a specially crafted DNS response message and sending the message to an affected system, which could then cause the affected system to execute code.

What systems are primarily at risk from the vulnerability?
Systems using Windows 2000 are only vulnerable to this issue when they use Exchange Server 2003. When Exchange Server 2003 Service Pack 1 is installed, systems using Windows 2000 are no longer at risk from this vulnerability.

Systems using Windows Server 2003 are at risk from this vulnerability when they use the native SMTP component that is provided as part of the operating system, when they run Exchange Server 2003, or when they run Exchange Server 2003 Service Pack 1.

Is the Windows 2000 SMTP component affected?
No. The vulnerability does not affect the Windows 2000 SMTP component.

Could the vulnerability be exploited over the Internet?
Yes. An attacker may be able to exploit this vulnerability over the Internet.

What does the update do?
The update removes the vulnerability by modifying the way that the SMTP component validates the length of a message before it passes the message to the allocated buffer.

When this security bulletin was issued, had this vulnerability been publicly disclosed?
No. Microsoft had not received any information indicating that this vulnerability had been publicly disclosed when this security bulletin was originally issued.

Top of section
Top of section
Top of section
Security Update Information

Installation Platforms and Prerequisites:

For information about the specific security update for your platform, click the appropriate link:

Windows Server 2003 (all versions) and Windows XP 64-Bit Edition Version 2003

Note For Windows XP 64-Bit Edition Version 2003, this security update is the same as the Windows Server 2003 64-Bit Edition security update.

Prerequisites
This security update requires a release version of Windows Server 2003 or the release version of Windows XP 64-Bit Edition Version 2003.

Inclusion in Future Service Packs:
The update for this issue will be included in Windows Server 2003 Service Pack 1.

Installation Information

This security update supports the following setup switches:

  /help                 Displays the command line options

Setup Modes

  /quiet                Quiet mode (no user interaction or display)

  /passive            Unattended mode (progress bar only)

  /uninstall          Uninstalls the package

Restart Options

  /norestart          Do not restart when installation is complete

  /forcerestart      Restart after installation

Special Options

  /l                        Lists installed Windows hotfixes or update packages

  /o                       Overwrite OEM files without prompting

  /n                       Do not back up files needed for uninstall

  /f                        Force other programs to close when the computer shuts down

  /extract             Extracts files without starting setup

Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the previous version of the setup utility uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Windows Server 2003:

Windowsserver2003-kb885881-x86-enu /passive /quiet

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows Server 2003:

Windowsserver2003-kb885881-x86-enu /norestart

For information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

To remove this update, use the Add or Remove Programs tool in Control Panel.

System administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the %Windir%\$NTUninstallKB885881$\Spuninst folder. The Spuninst.exe utility supports the following setup switches:

/?: Show the list of installation switches.

/u: Use unattended mode.

/f: Force other programs to quit when the computer shuts down.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

File Information

The English version of this update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Windows Server 2003 Enterprise Edition, Windows Server 2003 Standard Edition, Windows Server 2003 Web Edition, and Windows Server 2003 Datacenter Edition:

Date Time Version Size File name Folder

15-Sep-2004 02:27 6.0.3790.211 456192 Smtpsvc.dll RTMGDR
15-Sep-2004 02:14 6.0.3790.211 460288 Smtpsvc.dll RTMQFE

Windows Server 2003 64-Bit Enterprise Edition and Windows Server 2003 64-Bit Datacenter Edition:

Date Time Version Size File name Platform Folder

15-Sep-2004 02:31 6.0.3790.211 1174528 Smtpsvc.dll IA-64 RTMGDR
15-Sep-2004 02:15 6.0.3790.211 1182208 Smtpsvc.dll IA-64 RTMQFE

Note When you install this security update on Windows Server 2003 or on Windows XP 64-Bit Edition Version 2003, the installer checks to see if any of the files that are being updated on your system have previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE files to your system. Otherwise, the installer copies the RTMGDR files to your system. For more information, see Microsoft Knowledge Base Article 824994.

Verifying Update Installation

• Microsoft Baseline Security Analyzer

To verify that a security update is installed on an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. This tool allows administrators to scan local and remote systems for missing security updates and for common security misconfigurations. For more information about MBSA, visit the Microsoft Baseline Security Analyzer Web site.

• File Version Verification

Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.

Click Start, and then click Search.

In the Search Results pane, click All files and folders under Search Companion.

In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.

In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

Note Depending on the version of the operating system or programs installed, some of the files that are listed in the file information table may not be installed.

On the Version tab, determine the version of the file that is installed on your computer by comparing it to the version that is documented in the appropriate file information table.

Note Attributes other than file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying the update installation. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.

• Registry Key Verification

You may also be able to verify the files that this security update has installed by reviewing the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP1\KB885881\Filelist

Note This registry key may not contain a complete list of installed files. Also, this registry key may not be created correctly if an administrator or an OEM integrates or slipstreams the 885881 security update into the Windows installation source files.

Top of section
Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4

Prerequisites
This security update requires a release version of Exchange Server 2003. This prerequisite applies only to systems where all the following conditions are true:

• The operating system is Windows Server 2000 Service Pack 3 or Windows Server 2000 Service Pack 4.

• Exchange Server 2003 is installed.

• Exchange Server 2003 Service Pack 1 is not installed.

Inclusion in Future Service Packs:
The update for this issue is included in Microsoft Exchange Server 2003 Service Pack 1.

Installation Information

This security update supports the following setup switches:

/? Show the list of installation switches.

/u Use unattended mode (same as /m).

/m Use unattended mode (same as /u).

/f Force other programs to quit when the computer shuts down.

/n Do not back up files for removal.

/o Overwrite OEM files without prompting.

/z Do not restart when the installation is complete.

/q Use Quiet mode (no user interaction) and unattended mode (same as /u or /m).

/l List installed hotfixes.

/x Extract the files without running Setup.

See Microsoft Knowledge Base Article 331646 for additional information about installer switches.

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt:

Exchange2003-kb885882-x86-enu /q

Restart Requirement

You do not have to restart your computer after you apply this security update.

However, the installer will restart Internet Information Services (IIS) and all dependent services. Therefore, we recommend that you apply this security update at a time when there are no users using any Exchange services on the system. Also, the restart of IIS stops the routing engine and the SMTP component if the front-end Exchange server is tasked with this role. Therefore, no e-mail messages will be routed during this restart of the IIS service. This includes incoming and outgoing SMTP e-mail traffic. The File Transfer Protocol (FTP) and Network News Transfer Protocol (NNTP) services will also be affected.

Removal Information

To remove this security update, use the Add or Remove Programs tool in Control Panel.

System administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the %Windir%\$ExchUninstall885882$\Spuninst folder. The Spuninst.exe utility supports the following setup switches:

/?: Show the list of installation switches.

/u: Use unattended mode.

/f: Force other programs to quit when the computer shuts down.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

File Information

The English version of this update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Note Date, time, file name, or size information could change during installation. See the Verifying Update Installation section for details about how to verify an installation.

Exchange Server 2003 Enterprise Edition and Exchange Server 2003 Standard Edition:

Date Time Version Size File name

09-Sep-2004 09:35 6.5.6980.98 823,808 Reapi.dll

Verifying Update Installation

• File Version Verification

Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.

Click Start, and then click Search.

In the Search Results pane, click All files and folders under Search Companion.

In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.

In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

Note Depending on the version of the operating system or programs installed, some of the files that are listed in the file information table may not be installed.

On the Version tab, determine the version of the file that is installed on your computer by comparing it to the version that is documented in the appropriate file information table.

Note Attributes other than file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying the update installation. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.

• Registry Key Verification

You may also be able to verify the files that this security update has installed by reviewing the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange Server 2003\SP1\885882

Note This registry key may not contain a complete list of installed files. Also, this registry key may not be created correctly when an administrator or an OEM integrates or slipstreams the 885882 security update into the Windows installation source files.

Top of section
Top of section
Obtaining Other Security Updates:

Updates for other security issues are available from the following locations:

• Security updates are available from the Microsoft Download Center. You can find them most easily by doing a keyword search for "security_patch."

• Updates for consumer platforms are available from the Windows Update Web site.

Support:

• Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.

• International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Security Resources:

• The Microsoft TechNet Security Web site provides additional information about security in Microsoft products.

• Microsoft Software Update Services

• Microsoft Baseline Security Analyzer (MBSA)

• Windows Update

• Windows Update Catalog: For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.

• Office Update

Software Update Services:

By using Microsoft Software Update Services (SUS), administrators can quickly and reliably deploy the latest critical updates and security updates to Windows 2000 and Windows Server 2003-based servers, and to desktop Windows 2000 Professional or Windows XP Professional.

For more information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Systems Management Server:

Microsoft Systems Management Server (SMS) delivers a highly-configurable enterprise solution for managing updates. By using SMS, administrators can identify Windows-based systems that require security updates and to perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users. For more information about how administrators can use SMS 2003 to deploy security updates, see the SMS 2003 Security Patch Management Web site. SMS 2.0 users can also use Software Updates Service Feature Pack to help deploy security updates. For information about SMS, visit the SMS Web site.

Note SMS uses the Microsoft Baseline Security Analyzer and the Microsoft Office Detection Tool to provide broad support for security bulletin update detection and deployment. Some software updates may not be detected by these tools. Administrators can use the inventory capabilities of the SMS in these cases to target updates to specific systems. For more information about this procedure, visit the following Web site. Some security updates require administrative rights following a restart of the system. Administrators can use the Elevated Rights Deployment Tool (available in the SMS 2003 Administration Feature Pack and in the SMS 2.0 Administration Feature Pack) to install these updates.

Disclaimer:

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions:

• V1.0 (October 12, 2004): Bulletin published

Related for SECURITYVULNS:DOC:6980