Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution

I thought it fascinating that the two MS sites offering this patch describe it as applying in one case according to the Windows OS involved and in the other case according to the version of Internet Explorer involved. This seems to be the result of MS' new policy to offer different announcements on security to corporate IT departments versus "home users ".
Of course that "simplifies" everything.

 

Jim,

I noticed that too! I think it backs up what I have always heard; If you make enough claims, some of them will end up being true.

The challenge to us is, which ones??

 

Since this latest threat is confined to people who do NOT have Windows XP, it will be thought by some that it's a plot to encourage people to upgrade. I would never believe that though.

 

And in today's batch (2) of MS Security patches the info on the Technet site for MS02-066 says it is for Windows98SE and higher, whereas the (peasant, I mean) End-user site says it is for all who use IE 5.01 and higher (no mention of Windows version). I went to the Windows Update site and permitted to install even though I have Win98FE .

 

So I suppose it's OK to install on Win95?

 

I think it's a **** shoot on older systems. Even though, as Jim pointed out, Windows 95 is excluded, IE 5.01, and higher, is included.


Which versions are eligible for the update?

Updates are available for the following product versions. Earlier versions than those listed below are no longer supported and may or may not be affected by the vulnerability:

* Windows NT® 4.0, Windows 98, Windows Me, Windows 2000
* Microsoft Data Access Components (MDAC) 2.1, 2.5, 2.6
* Internet Explorer 5.01, 5.5, 6.0


Important Security Patch for Windows

- Download this patch, which addresses buffer overrun in Microsoft Data Access Components that could lead to code execution. All Windows users need this patch.

Clear as mud, no?

Ramona

 

I DL'ed q329414_mdacall_x86.exe from the link at http://www.microsoft.com/Downloads/Release.asp?ReleaseID=44733
Microsoft Data Access Components: Security Hotfix for Q329414 and installed it. I got a message that setup successful and, after the reboot, I also found a dahotfix.log in C:\Windows with details,
==============c/p============
12:17:24]: File copy complete:
Source file: c:\windows\TEMP\IXP000.TMP\msadco21.dll
TargetFile: C:\Program Files\Common Files\System\msadc\msadco.dll
[12:17:25]: File copy complete:
Source file: c:\windows\TEMP\IXP000.TMP\msadcs21.dll
TargetFile: C:\Program Files\Common Files\System\msadc\msadcs.dll
===========================

(the two files in my C:\Program Files\Common Files\System\msadc folder, msadco.dll and msadcs.dll, show the correct date, version and size compared to the listing for msadco21.dll and msadcs21.dll at http://support.microsoft.com/default.aspx?scid=kb;en-us;Q329414
so I guess the patch worked.

I wasn't really thinking of installing this patch, though! I got to this thread from WelshJim's post in the November Cumulative Patch for Internet Explorer thread . That patch also has confusing information about the installation platform, whether Win98 or higher is needed or not..

On that one, I'm going by the information in the technet article, that the patch is for IE5.5sp2
I already DL'ed that one and will install in a day or two.

 

Funny you should mention this, Zephyr:

Microsoft To Customers: Want Better Security? Upgrade

Microsoft said customers need to upgrade to the latest versions of Windows to get stronger security. Customers' continued reliance on earlier versions of Windows, rather than the current Windows 2000 and Windows XP, is slowing down efforts to secure the global computing infrastructure, Craig Mundie, Microsoft chief technical officer, said in an address at the company's campus in Mountain View, Calif.
---

Yeah, right!

 

Thanks Ramona,

Since reading Craig Mundie's comments, I REALLY feel old. It seems that a "long time ago" doesn't have to go back very far nowadays. Apparently '98 qualifies!

I'm proud to say my 1936 model computer is still functioning although it is suspected of being corrupt and certainly lacks any security feature. It seems to be taking on "Read Only" attributes as it ages.