Updates with File-Version-Number Problems

In February 2001, Microsoft acknowledged that file-version-number problems affect 24 English-language security updates and two OS updates. The list below shows the Microsoft articles that include the affected updates.

"Buffer Overflow in Network Monitor May Cause Vulnerability"

"Cookies Are Not Marked as Secure in IIS"
(http://support .microsoft.com/support/kb/articles/q274/1/49.asp)

"Denial of Service Can Occur with Microsoft NetMeeting"

"GET on HTR File Can Cause a 'Denial of Service' or Enable Directory Browsing"
(http://support.microsoft.com/support/kb/ articles/q267/5/59.asp)

"HTML E-mail Link Transmits User Name and Password to Unauthorized Server"
(http://support.microsoft.com/support/kb/ articles/q272/7/43.asp)

"IIS 4: Fix for Cross-Site Scripting Issues"
(http://support .microsoft.com/support/kb/articles/q260/3/47.asp)

"INFO: Fix List for the Microsoft Virtual Machine Build 3316 and Associated Windows 2000 SP1 Hotfix"
(http://support.microsoft .com/support/kb/articles/q273/7/35.asp)

"INFO: Fix List for the Microsoft Virtual Machine Build 3318 and Associated Windows 2000 SP1 Hotfix"
(http://support.microsoft .com/support/kb/articles/q275/5/26.asp)

"INFO: Fix List for the Microsoft Virtual Machine Build 3319 and Associated Windows 2000 SP1 Hotfix"
(http://support.microsoft .com/support/kb/articles/q277/0/07.asp)

"Internet Information Service May Return Source of Active Server Pages File"
(http://support.microsoft.com/support/kb/ articles/q256/8/88.asp)

"Malicious User Can Shut Down Computer Browser Service"

"NetBIOS Vulnerability May Cause Duplicate Name on the Network Conflicts"
(http://support.microsoft.com/support/kb/ articles/q269/2/39.asp)

"Patch Available for 'Web Server File Request Parsing' Vulnerability"
(http://support.microsoft.com/support/kb/articles/q277/ 8/73.asp)

"Patch Available for ActiveX Parameter Validation Vulnerability"

"Patch for Numerous Vulnerabilities in the LPC Port System Calls"
(http://support.microsoft.com/support/kb/articles/q266/ 4/33.asp)

"Patch Released for 'Domain Account Lockout' Vulnerability"

"Patch Released for Canonicalization Error Issue"
(http://support .microsoft.com/support/kb/articles/q269/8/62.asp)

"Registry-Invoked Programs Use Standard Search Path"
(http:// support.microsoft.com/support/kb/articles/q269/0/49.asp)

"RPC Server Service Stops Responding"
(http://support.microsoft .com/support/kb/articles/q272/3/03.asp)

"Service Control Manager Named Pipe Impersonation Vulnerability"
(http://support.microsoft.com/support/kb/articles/q269/ 5/23.asp)

"Update Available for Indexing Service Vulnerability"
(http:// support.microsoft.com/support/kb/articles/q278/4/99.asp)

"Users Might Gain Full Control of a System via the 'Simplified Chinese IME State Recognition' Vulnerability"
(http://support .microsoft.com/support/kb/articles/q270/6/76.asp)

"Windows 2000 Still Image Service Exposes User Elevation Vulnerability"
(http://support.microsoft.com/support/kb/articles/ q272/7/36.asp)

"Windows 2000 Telnet Server Stops Responding After Binary Input"
(http://support.microsoft.com/support/kb/articles/q267/ 8/43.asp)

"Error SC_E_LOGON_DENIED After a Reset of Local Machine Account Password"
(http://support.microsoft.com/support/kb/ articles/q271/9/07.asp)

"Performance Degradation When Heap Is Fragmented"
(http:// support.microsoft.com/support/kb/articles/q257/3/57.asp)

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.