Win 95/98/ME/NT/2000/XP Microsoft Security Bulletin Center - 2002
Subscribe to the Microsoft Security Notification Service
MS Windows NT 4.0, MS Windows 2000 (MS02-001)
Patch Available for "Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data" Vulnerability
MS Office v.X (MS02-002)
Patch Available for "Malformed Network Request can cause Office v. X for Mac to Fail Originally posted: February 06, 2002" Vulnerability
Microsoft Exchange Server 2000 (MS02-003)
Patch Available for "Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions" Vulnerability
Telnet Service in Microsoft Windows 2000, Telnet Daemon in Microsoft Interix 2.2 (MS02-004)
Patch Available for “Unchecked Buffer in Telnet Server Could Lead to Arbitrary Code Execution” Vulnerability
MS Internet Explorer 5.01, MS Internet Explorer 5.5, MS Internet Explorer 6.0 (MS02-005)
11 February 2002 Cumulative Patch for Internet Explorer
MS Win 95, MS Win 98, MS Win 98SE, MS Win NT 4.0, MS Win NT 4.0 Server, Terminal Server Edition, MS Win 2000, MS Win XP (MS02-006)
Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
MS SQL Server 7.0, MS SQL Server 2000 (MS02-007)
Patch Available for “SQL Server Remote Data Source Function Contain Unchecked Buffers” Vulnerability
MS Windows XP, MS Internet Explorer 6.0, MS SQL Server 2000 (MS02-008)
Patch Available for “XMLHTTP Control Can Allow Access to Local Files” Vulnerability
MS Internet Explorer 5.01, MS Internet Explorer 5.5, MS Internet Explorer 6.0 (MS02-009)
Patch Available for “Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files” Vulnerability
Microsoft Commerce Server 2000 (MS02-010)
Patch Available for “Unchecked Buffer in ISAPI Filter Could Allow Commerce Server Compromise” Vulnerability
Microsoft Windows 2000, Microsoft Exchange Server 5.5 (MS02-011)
Patch Available for “Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service” Vulnerability
MS Windows 2000, MS Windows XP Professional, MS Exchange 2000 (MS02-012)
Patch Available for “Malformed Data Transfer Request can Cause Windows SMTP Service to Fail” Vulnerability
All builds of the Microsoft VM up to and including build 3802 (MS02-013)
Patch Available for “Java Applet Can Redirect Browser Traffic” Vulnerability
MS Win 98, MS Win 98 Second Edition, MS Win NT 4.0, MS Win NT 4.0 Terminal Server Edition, MS Win 2000 (MS02-014)
Patch Available for “Unchecked Buffer in Windows Shell Could Lead to Code Execution” Vulnerability
MS Internet Explorer 5.01, MS Internet Explorer 5.5, MS Internet Explorer 6.0 (MS02-015)
28 March 2002 Cumulative Patch for Internet Explorer
MS Windows 2000 Server, MS Windows 2000 Advanced Server, MS Windows 2000 Datacenter Server (MS02-016)
Q318593: Opening Group Policy Files for Exclusive Read Blocks Policy Application
MS Win NT 4.0 Workstation, MS Win NT 4.0 Server, MS Win NT 4.0 Server, Enterprise Edition, MS Win NT 4 Terminal Server Edition,
Q311967: Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution
MS Internet Information Server 4.0, MS Internet Information Services 5.0, MS Internet Information Services 5.1 (MS02-018)
Cumulative Patch for Internet Information Services (Q319733)
MS Internet Explorer 5.1 for MAC OS X, MS Internet Explorer 5.1 for MAC OS 8 & 9, MS Outlook Express 5.0.-5.0.3 for MAC, MS Entourage v. X for MAC,
Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309)
Microsoft SQL Server 7.0, Microsoft SQL Server 2000 (MS02-020)
SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)
Microsoft Outlook 2000, Microsoft Outlook 2002 (MS02-021)
E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804)
Microsoft MSN Chat Control, Microsoft MSN Messenger 4.5 and 4.6, which includes the MSN Chat control,
Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)
MS Internet Explorer 5.01, MS Internet Explorer 5.5, MS Internet Explorer 6.0 (MS02-023)
15 May 2002 Cumulative Patch for Internet Explorer (Q321232)
MS Windows NT 4.0, MS Windows NT 4.0 Server - Terminal Server Edition, MS Windows 2000 (MS02-024)
Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206)
Microsoft Exchange 2000 (MS02-025)
Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources (Q320436)
Microsoft .NET Framework version 1.0, of which ASP.NET is a component. (MS02-026)
Unchecked Buffer in ASP.NET Worker Process (Q322289)
Microsoft Internet Explorer ,Microsoft Proxy Server 2.0, Microsoft ISA Server 2000 (MS02-027)
Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Q323889)
Microsoft Internet Information Server 4.0, Microsoft Internet Information Services 5.0 (MS02-028)
Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise (Q321599)
Microsoft Windows NT 4.0, Microsoft Windows NT 4.0 Terminal Server Edition, Microsoft Windows 2000, Microsoft Windows XP,
Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
Microsoft SQLXML, which ships as part of SQL Server 2000 and can be downloaded separately. (MS02-030)
Unchecked Buffer in SQLXML Could Lead to Code Execution (Q321911)
MS Excel 2000 for Windows, MS Office 2000 for Windows, MS Excel 2002 for Windows, MS Word 2002 for Windows, MS Office XP for Windows (MS02-031)
Cumulative Patches for Excel and Word for Windows (Q324458)
MS Windows Media Player 6.4, MS Windows Media Player 7.1, MS Windows Media Player for Windows XP (MS02-032)
26 June 2002 Cumulative Patch for Windows Media Player (Q320920)
MS Commerce Server 2000, MS Commerce Server 2002 (MS02-033)
Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273)
MS SQL Server 2000 all editions, MS SQL Server Desktop Engine (MSDE) 2000 (MS02-034)
Cumulative Patch for SQL Server (Q316333)
MS SQL Server 7, including Microsoft Data Engine 1.0 (MSDE 1.0), MS SQL Server 2000 (MS02-035)
SQL Server Installation Process May Leave Passwords on System (Q263968)
Microsoft Metadirectory Services 2.2 (MS02-036)
Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation (Q317138)
Microsoft Exchange Server 5.5 (MS02-037)
Server Response To SMTP Client EHLO Command Results In Buffer Overrun (Q326322)
Microsoft SQL Server 2000, Microsoft Desktop Engine (MSDE) 2000 (MS02-038)
Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution (Q316333)
Microsoft SQL Server 2000, Microsoft Desktop Engine (MSDE) 2000 (MS02-039)
Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875)
MS Data Access Components 2.5, MS Data Access Components 2.6, MS Data Access Components 2.7 (MS02-040)
Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)
Microsoft Content Management Server 2001 (MS02-041)
Unchecked Buffer in Content Management Server Could Enable Server Compromise (Q326075)
Microsoft Windows 2000 (MS02-042)
Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886)
MS SQL Server 7.0, MS Desktop Engine (MSDE) 1.0, MS SQL Server 2000, MS Desktop Engine (MSDE) 2000 (MS02-043)
Cumulative Patch for SQL Server (Q316333)
MS BackOffice® Server 2000, MS BizTalk® Server 2000, MS BizTalk Server 2002, MS Commerce Server 2000,
Unsafe Functions in Office Web Components (Q328130)
MS Win NT 4.0 Workstation, MS Win NT 4.0 Server, MS Win NT 4.0 Server, Terminal Sever Edition, MS Win 2000 Professional,
Unchecked Buffer in Network Share Provider Can Lead to Denial of Service (Q326830)
Microsoft Terminal Services Advanced Client (TSAC) ActiveX control, which can be installed on any Windows system. (MS02-046)
Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521)
Microsoft Internet Explorer 5.01, Microsoft Internet Explorer 5.5, Microsoft Internet Explorer 6.0 (MS02-047)
Cumulative Patch for Internet Explorer (Q323759)
MS Win 98, MS Win 98 Second Edition, MS Win Millennium, MS Win NT 4.0, MS Win 2000, MS Win XP (MS02-048)
Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172)
Microsoft Visual FoxPro 6.0 (MS02-049)
Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning (Q326568)
MS Win 98, MS Win 98 Second Edition, MS Win Me, MS Win NT® 4.0, MS Win NT 4.0, Terminal Server Edition,
Certificate Validation Flaw Could Enable Identity Spoofing (Q328145)
Microsoft Windows 2000
Microsoft Windows XP (MS02-051)
Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure (Q324380)
Versions of the Microsoft virtual machine (Microsoft VM) are identified by build numbers, which can be determined
Flaw in Microsoft VM JDBC Classes Could Allow Code Execution (Q329077)
Microsoft FrontPage Server Extensions 2000
MS FrontPage Server Extensions 2002, MS Win 2000 (shipped FPSE 2000), MS Win XP (shipped FPSE 2000)(MS02-053)
Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
MS Windows 98 with Plus! Pack, MS Windows Me, MS Windows XP (MS02-054)
Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)
MS Win 98, MS Win 98 SE, MS Win ME, MS Win NT 4.0, MS Win NT 4.0, Terminal Server Edition, MS Win 2000, MS Win XP (MS02-055)
Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)
MS SQL Server 7.0, Data Engine (MSDE) 1.0, MS SQL Server 2000, MS Desktop Engine (MSDE) 2000 (MS02-056)
Cumulative Patch for SQL Server (Q316333)
MS Win NT 4.0, MS Win 2000, MS Win XP (MS02-057)
Flaw in Services for Unix 3.0 Interix SDK Could Allow Code Execution (Q329209)
Microsoft Outlook Express 6.0, Microsoft Outlook Express 5.5 (MS02-058)
Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)
MS Word 2002, MS Word 2000, MS Word 97, MS Word 98(J), MS Word X for Macintosh,
Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008)
Microsoft Windows XP (MS02-060)
Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)
MS SQL Server 7.0, MS Data Engine (MSDE) 1.0, MS SQL Server 2000, MS Desktop Engine (MSDE) 2000 (MS02-061)
Elevation of Privilege in SQL Server Web Tasks (Q316333)
MS Internet Information Server 4.0, MS Internet Information Server 5.0, MS Internet Information Server 5.1 (MS02-062)
Cumulative Patch for Internet Information Service (Q327696)
Microsoft Windows 2000, Microsoft Windows XP (MS02-063)
Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)
Microsoft Windows 2000 (MS02-064)
Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522)
MS Data Access Components (MDAC) 2.1, 2.5, 2.6 and MS Internet Explorer 5.01, 5.5, 6.0 (MS02-065)
Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
MS Internet Explorer 5.01, 5.5, 6.0 (MS02-066)
Cumulative Patch for Internet Explorer (Q328970)
Microsoft Outlook 2002 (MS02-067)
E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)
MS Internet Explorer 5.5, MS Internet Explorer 6.0 (MS02-068)
Cumulative Patch for Internet Explorer (324929)
Microsoft Windows: All builds of the Microsoft VM up to and including build 5.0.3805 (MS02-069)
Flaw in Microsoft VM Could Enable System Compromise (810030)
Microsoft Windows 2000, Microsoft Windows XP (MS02-070)
Flaw in SMB Signing Could Enable Group Policy to be Modified (309376)
MS Windows NT 4.0, MS Windows NT 4.0, Terminal Server Edition, MS Windows 2000, MS Windows XP (MS02-071)
Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310)
MS Win XP Home Edition, MS Win XP Professional, MS Win XP Tablet PC Edition, MS Win XP Media Center Edition (MS02-072)
Unchecked Buffer in Windows Shell Could Enable System Compromise (329390)
GOTO: Microsoft Security Bulletin Center - 2000 Microsoft Security Bulletin Center - 2001 Microsoft Security Bulletin Center - 2003 Microsoft Security Bulletin Center - 2004 Microsoft Security Bulletin Center - 2005 Microsoft Security Bulletin Center - 2006 Microsoft Security Bulletin Center - 2007 Microsoft Security Bulletin Center - 2008