If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Security Bulletin: MS04-22: Vulnerability in Task Scheduler Could Allow Code Execution (841873)
Today Microsoft release the following bulletin:
http://www.microsoft.com/technet/sec.../MS04-022.mspx Vulnerability in Task Scheduler Could Allow Code Execution (841873) Issued: July 13, 2004 Version: 1.0 Executive Summary: This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in the Task Scheduler because of an unchecked buffer. The vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. We recommend that customers apply the update immediately Summary Who should read this document: Customers who use Microsoft® Windows® Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Recommendation: Customers should apply the update immediately. Security Update Replacement: None Caveats: Windows NT Workstation 4.0, Windows NT Server 4.0 and Windows NT 4.0 Terminal Server Edition are not affected by default. However if you have installed Internet Explorer 6.0 Service Pack 1 you will have the vulnerable component on your system. Tested Software and Security Update Download Locations: Affected Softwa . Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 - Download the update . Microsoft Windows XP and Microsoft Windows XP Service Pack 1 - Download the update . Microsoft Windows XP 64-Bit Edition Service Pack 1 - Download the update |
Ads |
#2
|
|||
|
|||
Security Bulletin: MS04-22: Vulnerability in Task Scheduler Co
Did you ever get this issue resolved? I'm having the same problem since
July, probably when I installed that update. Can't find much info on Microsoft website or the Net in general. I've seen the resolution to uninstall, but figured Microsoft would have a least addressed the issue. "caifan_mail" wrote: I am having problems running my previously scheduled tasks. In specific, I am not able to create or run tasks based on shortcuts to an executable. For instance, I had a shutdownauto.lnk shortcut that contained the line "C:\Windows\System32\shutdown.exe -s". Before this update, I was able to create a task to run this shortcut every day at 3am. After the update, my task no longer runs. This is only one of many shortcuts that my organization supports. We support a large number of computers and rely on tasks to cleanup and shutdown these pc's at night. Any ideas how I can get this back without having to uninstall KB841873? |
Thread Tools | |
Display Modes | |
|
|