• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows WMF/EMF Image Formats Remote Buffer Overflow Vulnerability

Solution:
Avaya has released an advisory to announce that Avaya System Products shipping on Microsoft platforms are also affected by this vulnerability. Avaya advise that customers follow the Microsoft recommendations for the resolution of this issue. The aforementioned advisory can be viewed at the following location:
http://support.avaya.com/japple/css/japple?temp.groupID=&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=161384&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()

Microsoft has released a security bulletin MS04-011 with fixes to address this and other issues. Please see the referenced bulletin for more information.

US-CERT has released an advisory TA04-104A to address this and other issues. Please see the referenced advisory for more information.

June 15, 2004 - Microsoft has updated security bulletin MS04-011 to release a Windows NT 4.0 Workstation update for the Pan Chinese language. The Pan Chinese update should be installed by customers who installed Windows NT 4.0 Workstation for Pan Chinese update or who use the Pan Chinese product.


Microsoft Windows 2000 Server SP2

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Advanced Server SP2

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows NT Server 4.0 SP6a

• Microsoft Security Update for Windows NT Server 4.0 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=67A6F461-D2FC -4AA0-957E-3B8DC44F9D79&displaylang=en

Microsoft Windows NT Terminal Server 4.0 SP6

• Microsoft Security Update for Windows NT Server, Terminal Server Edition (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=62CBA527-A827 -4777-8641-28092D3AAE4F&displaylang=en

Microsoft Windows XP Professional

• Microsoft Security Update for Windows XP (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en

Microsoft Windows NT Workstation 4.0 SP6a

• Microsoft Security Update for Windows NT Workstation 4.0 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7F1713FC-F95C -43E5-B825-3CF72C1A0A3E&displaylang=en

Microsoft Windows XP 64-bit Edition SP1

• Microsoft Security Update for Windows XP 64 Bit Edition (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C6B55EF2-D9FE -4DBE-AB7D-73A20C82FF73&displaylang=en

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Professional SP3

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Professional SP2

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows XP Home

• Microsoft Security Update for Windows XP (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en

Microsoft Windows 2000 Advanced Server SP3

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows XP Home SP1

• Microsoft Security Update for Windows XP (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003 SP1

• Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en

Microsoft Windows 2000 Server SP3

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003

• Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en

Microsoft Windows NT Enterprise Server 4.0 SP6a

• Microsoft Security Update for Windows NT Server 4.0 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=67A6F461-D2FC -4AA0-957E-3B8DC44F9D79&displaylang=en

Microsoft Windows 2000 Server SP4

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows XP Professional SP1

• Microsoft Security Update for Windows XP (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en