- --------------------------------------------------------------------
Title: Microsoft Windows Security Bulletin Summary for
April 2004
Issued: April 13, 2004
Version Number: 1.0
Bulletin:
http://www.microsoft.com/technet/sec...n/winapr04.asp

- --------------------------------------------------------------------

Summary:
========
Included in this advisory are updates for newly discovered vulnerabilities in Microsoft Windows. These vulnerabilities, broken down by severity are:

** Critical Security Bulletins

MS04-011 - Security Update for Microsoft Windows (835732)

- Affected Software:
- Windows NT Workstation 4.0 Service Pack 6a
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Windows 2000 Service Pack 2
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition
- Microsoft NetMeeting

- Review the FAQ section of bulletin MS04-011 for information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)

- Impact: Remote Code Execution
- Version Number: 1.0


MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)

- Affected Software:
- Windows NT Workstation 4.0 Service Pack 6a
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Windows 2000 Service Pack 2
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition

- Review the FAQ section of bulletin MS04-012 for information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)

- Impact: Remote Code Execution
- Version Number: 1.0


MS04-013 - Cumulative Security Update for Outlook Express
(837009)

- Affected Software:
- Windows NT Workstation 4.0 Service Pack 6a
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Windows 2000 Service Pack 2
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition

- Review the FAQ section of bulletin MS04-013 for information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)

- Impact: Remote Code Execution
- Version Number: 1.0

** Important Security Bulletins

MS04-014 - Vulnerability in the Microsoft Jet Database Engine
Could Allow Code Execution (837001)

- Affected Software:
- Windows NT Workstation 4.0 Service Pack 6a
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition Service Pack 6
- Windows 2000 Service Pack 2
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition

- Review the FAQ section of bulletin MS04-014 for information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)

- Impact: Remote Code Execution
- Version Number: 1.0


Update Availability:
===================
Updates are available to fix these vulnerabilities.
For additional information, including Technical Details, Workarounds, answers to Frequently Asked Questions, and Update Deployment Information please read the Microsoft Windows Security Bulletin Summary for April at:
http://www.microsoft.com/technet/sec...n/winapr04.asp

Viele Grüße
Dieter