Microsoft Revises Five Security Bulletins

Microsoft has recently revised five security bulletins: MS02-071 (Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Escalation), MS02-39 (Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution), MS02-56 (Cumulative Patch for SQL Server), MS02-043 (Cumulative Patch for SQL Server), MS02-32 (26 June 2002 Cumulative Patch for Windows Media Player). The changes to MS02-071 pertain to a flaw in Windows' WM_TIMER message handling, which could allow privilege elevation. Microsoft changed the bulletin to note that the Windows NT 4.0 version of the related patch had problems and the patch has been corrected and reissued.

Bulletins MS02-039, MS02-056, and MS02-043 were superceded by bulletin MS02-061 (Elevation of Privilege in SQL Server Web Tasks). So if you load the patch related to MS02-061, you don't need to load those patches. However, Microsoft also noted that you have to consider installation order when applying the additional hotfix related to the Microsoft article "FIX: Handle Leak Occurs in SQL Server When Service or Application Repeatedly Connects and Disconnects with Shared Memory Network Library" at The hotfix related to this article corrects the problem of a handle leak that occurs in SQL Server when a service or application repeatedly connects and disconnects with the shared memory network library.

Bulletin MS02-032 discusses a bug in Windows Media Player 7.1. Microsoft corrected the bulletin because the download link to the patch was broken.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.