You must be mistaken. I just went to the update site to be
sure but when I scan for updates it has been removed from
the list completely. There is a new critical update
Q815021 and that's all. Goo luck.

"The Reverend XP" > wrote in message
...
> You must be mistaken. I just went to the update site to be
> sure but when I scan for updates it has been removed from
> the list completely. There is a new critical update
> Q815021 and that's all. Goo luck.

This is what I got from Microsoft:

Title: Buffer Overrun in Windows Kernel Message Handling could
Lead to Elevated Privileges (811493)
Released: 16 April 2003
Revised: 28 May 2003 (version 2.0)
Software: Microsoft(r) Windows NT(r) 4.0, Windows(r) 2000 and
Windows(r) XP
Impact: Local Elevation of Privilege
Max Risk: Important

Bulletin: MS03-013

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS03-013.asp
http://www.microsoft.com/security/security_bulletins/ms03-013.asp
- ---------------------------------------------------------------------

Reason for Revision:
====================
Microsoft re-issued this bulletin on May 28, 2003 to advise on the
availability of an updated Windows XP Service Pack 1 patch. This
revised patch corrects the performance issues that some customers
experienced with the original Windows XP Service Pack 1 patch.

Microsoft originally issued this bulletin on April 16, 2003.
Subsequent to that date, Microsoft has received reports of
performance problems with the patch from some Windows XP customers.
Microsoft has investigated this issue and confirmed that there can
be performance problems when the patch is applied to Windows XP
Service Pack 1 systems. Microsoft is actively working on a revised
patch for Windows XP Service Pack 1 and will re-issue that patch
when it has been completed and fully tested. The existing Windows
XP SP1 patch does address the security vulnerability discussed in
this security bulletin.

Windows XP Service Pack 1 customers are encouraged to review this
security bulletin - and in particular the Severity Rating matrix
and assessment below - to assess whether their particular
environments demand that the patch should be applied immediately or
whether their particular level of risk permits delaying deployment
of the patch until it is revised and the performance problem
corrected. If your environment demands that the patch is installed
before it is revised and the performance problem corrected, it is
recommended that you test thoroughly to ascertain if your
particular environment is affected by the performance issue.
Microsoft has published a Knowledge Base article, 819634, that
describes the known circumstances that can cause the performance
problems to manifest themselves, and what affected users can do to
reduce the impact of the problem. The Windows kernel is the core of
the operating system. It provides system level services such as
device and memory management, allocates processor time to processes
and manages error handling.

Issue:
======
There is a flaw in the way the kernel passes error messages to a
debugger. A vulnerability results because an attacker could write a
program to exploit this flaw and run code of their choice. An
attacker could exploit this vulnerability to take any action on the
system including deleting data, adding accounts with administrative
access, or reconfiguring the system.

For an attack to be successful, an attacker would need to be able
to logon interactively to the system, either at the console or
through a terminal session. Also, a successful attack would require
the introduction of code in order to exploit this vulnerability.
Because best practices recommends restricting the ability to logon
interactively on servers, this issue most directly affects client
systems and terminal servers.
Mitigating Factors:

====================
- -A successful attack requires the ability to logon interactively to
the target machine, either directly at the console or through a
terminal session.
- -Properly secured servers would be at little risk from this
vulnerability. Standard best practices recommend only allowing
trusted administrators to log onto such systems interactively;
without such privileges, an attacker could not exploit the
vulnerability.

Risk Rating:
============
- Important

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletins at
http://www.microsoft.com/technet/security/bulletin/ms03-013.asp
http://www.microsoft.com/security/security_bulletins/ms03-013.asp
for information on obtaining this patch.

Acknowledgment:

"Jitterbug" > wrote in message
...
>
> "The Reverend XP" > wrote in message
> ...
> > You must be mistaken. I just went to the update site to be
> > sure but when I scan for updates it has been removed from
> > the list completely. There is a new critical update
> > Q815021 and that's all. Goo luck.

I downloaded 811493 last night and have had no issues :-)


>
> This is what I got from Microsoft:
>
> Title: Buffer Overrun in Windows Kernel Message Handling could
> Lead to Elevated Privileges (811493)
> Released: 16 April 2003
> Revised: 28 May 2003 (version 2.0)
> Software: Microsoft(r) Windows NT(r) 4.0, Windows(r) 2000 and
> Windows(r) XP
> Impact: Local Elevation of Privilege
> Max Risk: Important
>
> Bulletin: MS03-013
>
> Microsoft encourages customers to review the Security Bulletin at:
> http://www.microsoft.com/technet/security/bulletin/MS03-013.asp
> http://www.microsoft.com/security/security_bulletins/ms03-013.asp
> - ---------------------------------------------------------------------
>
> Reason for Revision:
> ====================
> Microsoft re-issued this bulletin on May 28, 2003 to advise on the
> availability of an updated Windows XP Service Pack 1 patch. This
> revised patch corrects the performance issues that some customers
> experienced with the original Windows XP Service Pack 1 patch.
>
> Microsoft originally issued this bulletin on April 16, 2003.
> Subsequent to that date, Microsoft has received reports of
> performance problems with the patch from some Windows XP customers.
> Microsoft has investigated this issue and confirmed that there can
> be performance problems when the patch is applied to Windows XP
> Service Pack 1 systems. Microsoft is actively working on a revised
> patch for Windows XP Service Pack 1 and will re-issue that patch
> when it has been completed and fully tested. The existing Windows
> XP SP1 patch does address the security vulnerability discussed in
> this security bulletin.
>
> Windows XP Service Pack 1 customers are encouraged to review this
> security bulletin - and in particular the Severity Rating matrix
> and assessment below - to assess whether their particular
> environments demand that the patch should be applied immediately or
> whether their particular level of risk permits delaying deployment
> of the patch until it is revised and the performance problem
> corrected. If your environment demands that the patch is installed
> before it is revised and the performance problem corrected, it is
> recommended that you test thoroughly to ascertain if your
> particular environment is affected by the performance issue.
> Microsoft has published a Knowledge Base article, 819634, that
> describes the known circumstances that can cause the performance
> problems to manifest themselves, and what affected users can do to
> reduce the impact of the problem. The Windows kernel is the core of
> the operating system. It provides system level services such as
> device and memory management, allocates processor time to processes
> and manages error handling.
>
> Issue:
> ======
> There is a flaw in the way the kernel passes error messages to a
> debugger. A vulnerability results because an attacker could write a
> program to exploit this flaw and run code of their choice. An
> attacker could exploit this vulnerability to take any action on the
> system including deleting data, adding accounts with administrative
> access, or reconfiguring the system.
>
> For an attack to be successful, an attacker would need to be able
> to logon interactively to the system, either at the console or
> through a terminal session. Also, a successful attack would require
> the introduction of code in order to exploit this vulnerability.
> Because best practices recommends restricting the ability to logon
> interactively on servers, this issue most directly affects client
> systems and terminal servers.
> Mitigating Factors:
>
> ====================
> - -A successful attack requires the ability to logon interactively to
> the target machine, either directly at the console or through a
> terminal session.
> - -Properly secured servers would be at little risk from this
> vulnerability. Standard best practices recommend only allowing
> trusted administrators to log onto such systems interactively;
> without such privileges, an attacker could not exploit the
> vulnerability.
>
> Risk Rating:
> ============
> - Important
>
> Patch Availability:
> ===================
> - A patch is available to fix this vulnerability. Please read the
> Security Bulletins at
> http://www.microsoft.com/technet/security/bulletin/ms03-013.asp
> http://www.microsoft.com/security/security_bulletins/ms03-013.asp
> for information on obtaining this patch.
>
> Acknowledgment:
>
>

I have an issue with the new 811493 in that when it was installed, most of
the functions of my Norton's Systemworks were shut down. Because I had
rather have the Antivirus protection, I have uninstalled the new 811493 and
now my antivirus works fine again. Thanks again Microsoft.
"The Reverend XP" > wrote in message
...
> You must be mistaken. I just went to the update site to be
> sure but when I scan for updates it has been removed from
> the list completely. There is a new critical update
> Q815021 and that's all. Goo luck.