Quiet month? Two patches? No mention of the Kodak viewer exploit?

This is what my WSUS server emailed me last night:

Critical and Security Updates

Update for Windows Server 2003 (KB936357)

This is a reliability update. Install this microcode update to improve the reliability of systems with Intel processors. After you install this item, you may have to restart your computer.

Update for Windows XP (KB936357)

This is a reliability update. Install this microcode update to improve the reliability of systems with Intel processors. After you install this item, you may have to restart your computer.

Security Update for Windows 2000 (KB923810)

A security issue has been identified in Windows Kodak Image Viewer that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 (KB923810)

A security issue has been identified in Windows Kodak Image Viewer that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows XP (KB923810)

A security issue has been identified in Windows Kodak Image Viewer that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows XP (KB943460)

A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB939653)

Security issues have been identified that could allow an attacker to compromise a system running Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB939653)

Security issues have been identified that could allow an attacker to compromise a system running Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Outlook Express 5.5 Service Pack 2 (KB941202)

A security issue has been identified in Outlook Express that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Outlook Express 6 Service Pack 1 (KB941202)

A security issue has been identified in Outlook Express that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows 2000 (KB941672)

A security issue has been identified in the Microsoft DNS Service that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 (KB941672)

A security issue has been identified in the Microsoft DNS Service that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 for Itanium-based Systems (KB941672)

A security issue has been identified in the Microsoft DNS Service that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 x64 Edition (KB941672)

A security issue has been identified in the Microsoft DNS Service that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 (KB943460)

A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 for Itanium-based Systems (KB943460)

A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows Server 2003 x64 Edition (KB943460)

A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security Update for Windows XP x64 Edition (KB943460)

A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Update for Outlook Junk Email Filter 2003 (KB943552)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in November 2007.

Update for Outlook Junk Email Filter 2007 (KB943559)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in November 2007.

Maybe this is a quiet month :-(

Erm, I for one wrote a working exploit for this issue in 2004 (Multi platform perl script, very ganchy but it works), after reading an article about it in Phrack. And published it, albeit fairly quietly, on the web. Probably still lurking out there somewhere.

So in fact this extremely serious and very amusing bug has had working 'point and click' exploit code in the wild for at least that long. I have no idea if anyone has ever used it.

I really thought that this was fixed in SP2 (never checked, had moved on to other things), clearly I was mistaken. Shame on MS for taking so long to sort this out. No bloody wonder the world is overrun with botnets.

"An expected update involving a flaw in the SafeDisc copy protection software from Macrovision that comes bundled with Windows XP and 2003 is missing in action. Users are advised to apply Macrovision's update."

Oh, yes, of course. And I'll just go and rip the DVD player out of my hifi system, too, while I'm at it. After all, we wouldn't want consumers actually *viewing* the content we told them we were selling them (but that we were actually only renting to them, according to the terms of the "shrink-wrap" agreement).

I don't THINK so!

With all of the noise anti-virus vendors and their puppets (read: SANS, Securityfocus, etc) made over the past five years, why didn't I have to worry about their dire predictions of doom? And I supposedly manage a couple hundred machines belonging to a few clients here and there.

Seems a lot quieter when you tune out the real noise makers.

I only saw two new patches as stated the rest are revisions or definitions.