[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Patch Available for "WebTV for Windows Denial of Service" Vulnerability

Title: Patch Available for "WebTV for Windows Denial of Service" Vulnerability
Released by: MS
Date: 11th October 2000
Printable version: Click here 
-----BEGIN PGP SIGNED MESSAGE-----



Microsoft Security Bulletin (MS00-074)

- --------------------------------------



Patch Available for "WebTV for Windows Denial of Service"

Vulnerability

Originally posted: October 11, 2000



Summary

=======

Microsoft has released a patch that eliminates a security

vulnerability in Microsoft(r) WebTV for Windows. The vulnerability

could allow a malicious user to remotely crash systems running WebTV

for Windows.



Frequently asked questions regarding this vulnerability and the patch

can be found at

http://www.microsoft.com/technet/security/bulletin/fq00-074.asp



Issue

=====

There is a denial of service vulnerability in WebTV for Windows that

may allow a malicious user to remotely crash either the WebTV for

Windows application and/or the computer system running WebTV for

Windows. Restarting the application and/or system will return the

system to its normal state.



Although the WebTV for Windows application ships with Windows 98,

98SE and Windows Me products, the application is not installed by

default, and customers who have not installed it would not be at

risk.



Affected Software Versions

==========================

 - Microsoft WebTV for Windows on Windows 98, Windows 98SE, and

   Windows Me



NOTE: This vulnerability is not related to the WebTV(tm) service

provided by WebTV Networks.



Patch Availability

==================

 - Windows 98 and 98SE

http://download.microsoft.com/download/win98SE/Update/12278/W98/EN-US/

274113USA8.EXE



 - Windows Me

http://download.microsoft.com/download/winme/Update/12278/WinMe/EN-US/

274113USAM.EXE



NOTE: The above URLS may have been wrapped



NOTE: Additional security patches are available at the Microsoft

Download Center



More Information

================

Please see the following references for more information related to

this issue.

 - Frequently Asked Questions: Microsoft Security Bulletin MS00-074,

   http://www.microsoft.com/technet/security/bulletin/fq00-074.asp

 - Microsoft Knowledge Base article Q274113 discusses this issue and

   will be available soon.

 - Microsoft TechNet Security web site,

   http://www.microsoft.com/technet/security/default.asp



Obtaining Support on this Issue

===============================

This is a fully supported patch. Information on contacting Microsoft

Product Support Services is available at

http://support.microsoft.com/support/contact/default.asp.



Revisions

=========

 - October 11, 2000: Bulletin Created.



- ----------------------------------------------------------------



THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED

"AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL

WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF

MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT

SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY

DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,

CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF

MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE

POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION

OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO

THE FOREGOING LIMITATION MAY NOT APPLY.



(c) 2000 Microsoft Corporation. All rights reserved. Terms of use



-----BEGIN PGP SIGNATURE-----

Version: PGP Personal Privacy 6.5.3



iQEVAwUBOeUejI0ZSRQxA/UrAQEtBggAg6wt/fo1KE1lTOmw9S3juc6e8+/D6qB+

/3qBUlooN/uZtxp102f+jvt4aCQYF6ralHkFc7CwVapoRu6Ob0TFTu8TZUJ3FxYO

sCkX/NyuR0gRIyHjSi8Fb3Xeu9S9c0HHpcbd+rKH+3tmdbUnUOX78UsVj2R1nnT7

xnsXxEfqOmV+QgCavnbPzR7dciywWdR6RdytB9ibL8YAtPTqWPwk9iEK1hDQ63Wc

lIB7FtUv+/RxhGix++3V1ofASgYQvwiWOv15uUmMAKm5xqYWFqJa3ktWeyI2We0K

nFL91/omcNi5LvlfQjxDguZx74tzY6O/TbotnvCdelWpzfdAnivpNg==

=43ot

-----END PGP SIGNATURE-----



   *******************************************************************

You have received  this e-mail bulletin as a result  of your registration

to  the   Microsoft  Product  Security  Notification   Service.  You  may

unsubscribe from this e-mail notification  service at any time by sending

an  e-mail  to  MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM

The subject line and message body are not used in processing the request,

and can be anything you like.



To verify the digital signature on this bulletin, please download our PGP

key at http://www.microsoft.com/technet/security/notify.asp.



For  more  information on  the  Microsoft  Security Notification  Service

please  visit  http://www.microsoft.com/technet/security/notify.asp.  For

security-related information  about Microsoft products, please  visit the

Microsoft Security Advisor web site at http://www.microsoft.com/security.






(C) 1999-2000 All rights reserved.