32 or 64 bit xp?????

[john ranger]

Operating System System Model
Windows XP Professional Service Pack 1 (build 2600)


How do I find out what I have ?I need to know.

Thanks

[scott_d]

You have 32 bit xp, there is no such thing as 64 bit xp.

[john ranger]

Quote:

Originally posted by scott_d You have 32 bit xp, there is no such thing as 64 bit xp.

Take a look at the attachement.

I got an eamail to upload a patch ffrom Micro and it said 32 or 64?

[bailey]

Quote:

Originally posted by scott_d You have 32 bit xp, there is no such thing as 64 bit xp.

wrong
there is a microsoft windows xp-pro in a 64 bit version for servers and work stations

[scott_d]

really? i was under the impression that the first real 64-bit os would be longhorn.
Even still, I dont think john would have the 64 bit version yet.

[bailey]

right, I don't think it can be bought over the counter like best-buy

[john ranger]

Well I downloaded the 32 bit guys,I figure that has to be the one I'm definitely not a server.

Thanks

[bailey]

you downloaded what ??

[lil Jimmie]

He downloaded a 32 bit patch from MS.

[andyms18a]

are you shore the email is from microsoft a lot of viruses come as an email saying thay are from ms but the program or patch you download turns out to be a virus

[bailey]

as far as I know ms does not send out e-mailes on patches

[john ranger]

Security Update for Microsoft Windows







Buffer Overrun In HTML Converter Could Allow Code Execution (823559)



Download size: 305 KB, < 1 minute

An identified security issue in Microsoft Windows could allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions. For example, an attacker could execute code on the system. By installing this update, you can help protect your computer. After you install this item, you may have to restart your computer.



Originally posted: July 9, 2003

Summary
Who should read this bulletin: Users running Microsoft ® Windows ®

Impact of vulnerability: Run code of attacker’s choice

Maximum Severity Rating: Critical

Recommendation: Systems administrators should apply the patch immediately

Affected Software:

· Microsoft Windows 98

· Microsoft Windows 98 Second Edition

· Microsoft Windows Me

· Microsoft Windows NT 4.0 Server

· Microsoft Windows NT 4.0 Terminal Server Edition

· Microsoft Windows 2000

· Microsoft Windows XP

· Microsoft Windows Server 2003




What’s the scope of the vulnerability?

This is a buffer overrun vulnerability. If an attacker were to successfully exploit this vulnerability –for example, if the user visits a site under the attacker’s control or receives an HTML email from the attacker-- , then the HTML converter could allow arbitrary code to execute in the context of the logged on user.

What causes the vulnerability?

The vulnerability results because of an unchecked buffer in the HTML converter that can be encountered when a cut-and-paste operation is made by a Web page to Internet Explorer.

What is an HTML converter?

The HTML converter is an extension which allows applications to convert HTML data into Rich Text Format (RTF) while maintaining the formatting and structure of the data as well as the text. The converter also supports the conversion of RTF data into HTML.

What could this vulnerability enable an attacker to do?

This vulnerability could enable an attacker to cause Internet Explorer to fail in such a way that it could execute code of the attacker's choice. This could allow an attacker to take any action on a user’s system in the security context of the currently logged in user.

How could an attacker exploit this vulnerability?

An attacker could seek to exploit this vulnerability by hosting a specially constructed Web page. If the user visited this Web page, Internet Explorer could fail and could allow arbitrary code to execute in the context of the user. Alternatively, an attacker could also craft an HTML email that attempted to exploit this vulnerability.

Does this mean the flaw is in Internet Explorer?

No - The flaw is in the underlying HTML conversion component in Windows. Internet Explorer has the ability to use this functionality and therefore exposes the vulnerability.

I am running Internet Explorer on Windows Server 2003. Does this mitigate this vulnerability?

Yes. By default, Internet Explorer on Windows Server 2003 runs in a restricted mode known as Enhanced Security Configuration.

What is Internet Explorer Enhanced Security Configuration?

Internet Explorer Enhanced Security Configuration is a group of preconfigured Internet Explorer settings that reduce the likelihood of a user or administrator downloading and running malicious Web content on a server. Internet Explorer Enhanced Security Configuration reduces this risk by modifying numerous security-related settings, including Security and Advanced tab settings in Internet Options. Some of the key modifications include:

·Security level for the Internet zone is set to High. This setting disables scripts, ActiveX Controls, Microsoft virtual machine (Microsoft VM), HTML content, and file downloads.

·Automatic detection of intranet sites is disabled. This setting assigns all intranet Web sites and all Universal Naming Convention (UNC) paths that are not explicitly listed in the Local intranet zone to the Internet zone.

·Install On Demand and non-Microsoft browser extensions are disabled. This setting prevents Web pages from automatically installing components and prevents non-Microsoft extensions from running.

·Multimedia content is disabled. This setting prevents music, animations, and video clips from running.

Disabling Internet Explorer Enhanced Security Configuration would remove the protections put in place that help prevent this vulnerability from being exploited. For more information regarding Internet Explorer Enhanced Security Configuration, please consult the Managing Internet Explorer Enhanced Security Configuration guide, which can be found at the following location:

http://www.microsoft.com/downloads/d...DisplayLang=en

Is there any configuration of Windows Server 2003 that is likely to have Internet Explorer Enhanced Security Configuration Disabled?

Yes. Systems Administrators who have deployed Windows Server 2003 as a Terminal Server would likely disable Internet Explorer Enhanced Security Configuration to allow users of the Terminal Server to use Internet Explorer in an unrestricted mode.

What does the patch do?

The patch corrects the vulnerability by removing the unchecked buffer in the HTML converter.




Workarounds

Are there any workarounds that can be used to block exploitation of this vulnerability while I am testing or evaluating the patch?

Yes. Although Microsoft urges all customers to apply the patch at the earliest possible opportunity, there are a number of workarounds that can be applied to help prevent the vector used to exploit this vulnerability in the interim.

It should be noted that these workarounds should be considered temporary measures as they just help block paths of attack rather than correcting the underlying vulnerability.

The following sections are intended to provide you with information to help protect your computer from attack. Each section describes the workarounds that you may want to use depending on your computer’s configuration.

·Rename HTML32.cnv

Renaming the HTML32.CNV file will help prevent the vulnerability from being exploited. To rename this file, perform the following steps:

1. Click on the Start button
2. Click on the menu item Run
3. Type explorer to open Windows Explorer
4. Click on the Search button in the upper toolbar
5. Search for the file HTML32.cnv
6. Right-click on the file name HTML32.cnv in the search window
7. Click on Rename in the menu items
8. Change the last 3 characters in the filename from “cnv” to “old”

·Disable Allow paste operations via script in the Internet zone:

You can help protect against this vulnerability by changing your settings for the Internet security zone to disable "Allow paste operations via script". To do this, perform the following steps:

1. In Internet Explorer, select Tools, Internet Options
2. Click on the Security tab
3. Highlight the Internet icon and click on the Custom Level button
4. Scroll through the list to the Scripting section
5. Under Allow paste operations via script click Disable
6. Click OK, then click OK again to return to Internet Explorer

·Turn off active scripting support in Internet Explorer

You can turn off support for active scripting by performing the steps in the following knowledge base article:

http://support.microsoft.com/default...b;en-us;154036

Note that disabling scripting support in Internet Explorer will affect the functionality of many Web sites on the Internet and should be considered a temporary workaround only.

·Restrict Web sites to only your trusted Web sites

As another workaround for this vulnerability, you can add sites that you trust to the Trusted sites zone in Internet Explorer after disabling active scripting in the Internet zone. This will allow you to continue using trusted Web sites exactly as you do today, while tightening the restrictions on untrusted sites. When you are able to deploy the patch, you'll be able to re-enable active scripting in the Internet zone.

To do this, perform the following steps:

·Select Tools, then Internet Options. Click the Security tab.

·In the box labeled Select a Web content zone to specify its current security settings, click Trusted Sites, then click Sites

·If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https for all sites in this zone check box.

·In the box labeled Add this Web Site to the zone, type the URL of a site that you trust, then click the Add button. Repeat for each site that you want to add to the zone.

·Click OK twice to accept the changes and return to Internet Explorer.

Add any sites that you trust not to take malicious action on your computer. One in particular that you may want to add is http://windowsupdate.microsoft.com. This is the site that hosts the patch, and it requires active scripting to install the patch.

Note that there is generally a trade-off between ease-of-use and security; by selecting a high-security configuration, you could make it extremely unlikely that a malicious Web site could take action against you, but at the cost of missing a lot of rich functionality. The appropriate balance between security and ease-of-use is different for everyone, and you should pick a configuration that fits your needs. The good news is that it's easy to change your configuration, and you can try different configurations until you find the right one for you until you can install the patch.

·If you are using Outlook 2002, to help protect yourself from the HTML email attack vector, read email in plain text format.

Users of Microsoft Outlook 2002 who have applied Service Pack 1 can enable a feature to view all nondigitally-signed e-mail or nonencrypted e-mail messages in plain text only.

Digitally signed e-mail or encrypted e-mail messages are not affected by the setting and may be read in their original formats. Information on enabling this setting in Outlook 2002 can be found in the following Knowledge Base article:

http://support.microsoft.com/default...b;en-us;307594

Are there any side effects to renaming HTML32.CNV?

Yes. When performing certain actions in Microsoft FrontPage, you might receive the following error:

Unable to run text converter c:\Program Files\Common Files\Microsoft Shared\Textconv\Html32.cnv

·If you insert a file in FrontPage and choose any Office file format, it will fail with this error.

·If you drag an Office file to an open .htm page in FrontPage, it will fail with this error.

If you require this functionality, you should consider enacting one of the other supplied workarounds.

Are there any side-effects to disabling active scripting?

Yes. Many Web sites on the Internet use scripting to provide additional functionality. For instance, an online e-commerce site or banking site might use active scripting to provide menus, ordering forms, or even account statements.

Disabling active scripting is a global setting for all Internet sites. If you feel that there are sites on the Internet where you require the page to use active scripting, you can instead use the “Restrict Web sites to only your trusted Web sites” workaround.

Are there any side-effects to disabling paste operations from scripts in the Internet zone?

Yes. Paste operations will not work correctly from script in Internet Explorer for sites viewed in the Internet zone.

Are there any side effects to restricting Web sites from my trusted Web sites?

Yes. For those sites you have not configured to be in your Trusted sites zone, their functionality will be impaired if they require active scripting to display properly. Adding sites to your Trusted sites zone will cause them to be able to use active scripting and display correctly. However you should only add Web sites you trust to the Trusted sites zone.

Are there any side-effects to reading email in plain text format?

Yes. E-mail viewed in plain text format cannot contain pictures, specialized fonts, animations, or other rich content. In addition:

·The changes are applied to the preview pane and open messages.

·Pictures become attachments to avoid loss.

·The object model (custom code solutions) may behave unexpectedly because the message is still in Rich Text or HTML format in the mail store.

Patch availability
Download locations for this patch

· Windows 98 and Windows 98 Second Edition

· Windows Me

· Windows NT 4.0 Server

· Windows NT 4.0 Terminal Server Edition

· Windows 2000

· Windows XP 32 bit Edition

· Windows XP 64 bit Edition

· Windows Server 2003 32 bit Edition

· Windows Server 2003 64 bit Edition






Installation platforms:

·The Window 98 patch can be installed on systems running Windows 98 Gold.

·The Window 98 Second Edition patch can be installed on systems running Windows 98SE Gold.

·The Windows Me patch can be installed on systems running Windows Me Gold.

·The Windows NT 4.0 patch can be installed on systems running Service Pack 6a.

·The Windows NT 4.0, Terminal Server Edition patch can be installed on systems running Windows NT 4.0, Terminal Server Edition Service Pack 6.

·The Windows 2000 patch can be installed on systems running Windows 2000 Service Pack 3, or Service Pack 4.

·The patch for Windows XP can be installed on systems running Windows XP Gold or Service Pack 1.

·The patch for Windows Server 2003 can be installed on systems running Windows Server 2003 Gold.

Inclusion in future service packs:
The fix for this issue will be included in Windows 2000 Service Pack 5, Windows XP Service Pack 2, and Windows Server 2003 Service Pack 1.

Reboot needed: No.

Patch can be uninstalled: Yes.

Superseded patches: None.

Verifying patch installation:

·Windows 98, Windows 98 Second Edition, Windows Me:
To verify that the patch has been installed on the machine consult the file manifest in Knowledge Base article 823559.

·Windows NT 4.0:
To verify that the patch has been installed on the machine, confirm that all files listed in the file manifest in Knowledge Base article 823559 are present on the system.

·Windows NT 4.0 Terminal Server Edition:
To verify that the patch has been installed on the machine, confirm that all files listed in the file manifest in Knowledge Base article 823559 are present on the system.

·Windows 2000:
To verify that the patch has been installed on the machine, confirm that the following registry key has been created on the machine:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP5\KB823559.

To verify the individual files, use the date/time and version information provided in the file manifest in Knowledge Base article 823559 are present on the system.

·Windows XP:
To verify that the patch has been installed on the machine, confirm that the following registry key has been created on the machine:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\KB823559.

To verify the individual files, use the date/time and version information provided in the file manifest in Knowledge Base article 823559 are present on the system.

·Windows Server 2003:
To verify that the patch has been installed on the machine, confirm that the following registry key has been created on the machine:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Window Server 2003\SP1\KB823559.

To verify the individual files, use the date/time and version information provided in the file manifest in Knowledge Base article 823559 are present on the system.

Caveats:
None

Localization:
Localized versions of this patch are available at the locations discussed in “Patch Availability”.

Obtaining other security patches:
Patches for other security issues are available from the following locations:

·Security patches are available from the Microsoft Download Center, and can be most easily found by doing a keyword search for "security_patch".

·Patches for consumer platforms are available from the WindowsUpdate web site

Other information:
Support:

· Microsoft Knowledge Base article 823559 discusses this issue and will be available approximately 24 hours after the release of this bulletin. Knowledge Base articles can be found on the Microsoft Online Support web site.

· Technical support is available from Microsoft Product Support Services. There is no charge for support calls associated with security patches.

Security Resources: The Microsoft TechNet Security Web Site provides additional information about security in Microsoft products.