Ignoring Windows updates?

Here's why that luxury is over.

This list from Security Focus  (formerly Bugtraq) leaves no doubt that Windows without updates quickly becomes a hackers paradise. Some of the more egregious holes are being exploited in the wild to provide stub loaders into Internet Explorer or  Windows itself that can then redirect the unwitting user to sites that then attack the users system, flooding it with Spyware pop ups that infect it further. Or it simply can push this software directly without even visiting the site. 

What is critical to note about these exploits is that unlike viruses and other Spyware that are external threats outside the operating system, these become internal to Windows itself, making their detection and removal extremely difficult. In addition, firewalls and traditional security system are often useless, owing to the fact that Windows itself is now the threat.

Unfortunately, it's this difficulty removal and detection that makes  in this kind of hacking a growth industry for both malicious hackers and Internet marketers as well.  

Important Note: This list is from Microsoft Corp. only. The Security Focus   database has thousands more exploits and security leaks from hundreds of vendors, with more uncovered every day. This includes Linux, Firebox, etc. and other alternatives to Windows that are touted as hack proof. Without getting into the debate about the alternatives, two things are clear. 

1.) Programs are written by humans and humans make mistakes. Windows XP has 40-60 million of lines of code and hundreds of millions of man-hours of development. In projects this size, no one, no matter how much testing is done, can anticipate  every single way a hackers might misuse their work.  There is no magic bullet in the computer industry. Period.

2.) Finding and applying updates issued to fix problems the hackers find are the only way to minimize the risks of continuing  operations. 

Microsoft Outlook and Outlook Web Access Source Email Address Spoofing Weakness

Microsoft Windows DNS Resource Record Cache Corruption Vulnerability

Microsoft April Advance Notification Unspecified Security Vulnerabilities

Microsoft Windows Server 2003 Service Pack 1 Released - Multiple Vulnerabilities Fixed

Microsoft Windows WINS Name Value Handling Remote Buffer Overflow Vulnerability

Microsoft Windows WINS Association Context Data Remote Memory Corruption Vulnerability

Microsoft Windows Server 2003 SMB Redirector Local Denial Of Service Vulnerability

Microsoft Internet Explorer %USERPROFILE% File Execution Weakness

Microsoft Windows UNC Path Handling Unspecified Buffer Overflow Vulnerability

Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability

Microsoft Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability

Microsoft Windows LoadImage API Function Integer Overflow Vulnerability

Microsoft Windows ANI File Denial of Service Vulnerability

Microsoft Outlook 2002 Connector For IBM Lotus Domino Policy Bypass Vulnerability

Microsoft Windows XP TSShutdn.exe Remote Denial of Service Vulnerability

Microsoft Windows Local Denial Of Service Vulnerability

Microsoft Windows License Logging Service Buffer Overflow Vulnerability

Microsoft Windows Graphical Device Interface Library Denial Of Service Vulnerability

Microsoft InfoPath 2003 Insecure Information Storage Vulnerability

Microsoft Internet Explorer DHTML Method Buffer Overflow Vulnerability

Multiple Vendor loopback (land.c) Denial of Service Vulnerability

Microsoft Windows Server Message Block Handlers Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer MSHTML.DLL CSS Handling Remote Buffer Overflow Vulnerability

Microsoft Exchange Server Mail Box Sub Folder Denial Of Service Vulnerability

Microsoft Windows Hyperlink Object Library Buffer Overflow Vulnerability

Multiple Browser Information Disclosure Weakness

Microsoft SharePoint Portal Client ActiveX Control Remote Arbitrary File Creation Vulnerability

Microsoft Windows 2000 Group Policy Bypass Vulnerability

Microsoft Internet Explorer Pop-up Window Title Bar Spoofing Weakness

Multiple IMAP Client Integer Overflow Vulnerabilities

Microsoft Internet Explorer HTML Form Tags URI Obfuscation Weakness

Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability

Microsoft ASP.NET Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities

Microsoft Internet Explorer Malformed File URI Denial of Service Vulnerability

Microsoft Internet Explorer Favorites List Script Code Execution Vulnerability

Microsoft Internet Explorer Mouse Event URI Status Bar Obfuscation Weakness

Microsoft Internet Explorer Multiple Vulnerabilities

LibPNG Graphics Library Multiple Remote Vulnerabilities

Microsoft Windows Media Player Remote PNG Image Format Buffer Overflow Vulnerability

Microsoft MSN Messenger/Windows Messenger PNG Buffer Overflow Vulnerability

Microsoft Windows Named Pipe Remote Information Disclosure Vulnerability

Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability

Microsoft Internet Explorer URI Decoding Vulnerability

Microsoft Office XP HTML Link Processing Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer Implicit Drag and Drop File Installation Vulnerability

Microsoft Internet Explorer Method Caching Mouse Click Event Hijacking Vulnerability

Multiple Browser URI Obfuscation Weakness

Microsoft Windows DHTML Edit Control Script Injection Vulnerability

Microsoft ASP.NET URI Canonicalization Unauthorized Web Access Vulnerability

Microsoft Internet Explorer Valid File Drag and Drop Embedded Code Vulnerability

Microsoft Windows SharePoint Services Cross-Site Scripting and Spoofing Vulnerability

Microsoft Windows COM Structured Storage Local Privilege Escalation Vulnerability

Microsoft Internet Explorer AddChannel Cross-Zone Scripting Vulnerability

Microsoft OLE Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer Unspecified ActiveX Image Control Vulnerability

Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability

Microsoft Outlook Web Access Login Form Remote URI Redirection Vulnerability

Microsoft Multiple Unspecified Security Vulnerabilities

Multiple Vendor H.323 Protocol Implementation Vulnerabilities

Multiple Vendor HTTP Response Splitting Vulnerability

Microsoft Windows NetDDE Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer Install Engine ActiveX Control Buffer Overflow Vulnerability

Microsoft GDI+ Library JPEG Segment Length Integer Underflow Vulnerability

Microsoft Internet Explorer Remote Information Disclosure Vulnerability

Microsoft Internet Explorer Dynamic IFRAME File Download Security Warning Bypass Weakness

NT IIS4 Buffer Overflow Vulnerability

Microsoft Windows 2000 Resource Kit W3Who.DLL Multiple Remote Vulnerabilities

Microsoft Office Encrypted Documents RC4 Initialization Vector Implementation Vulnerability

Microsoft Windows Indexing Service Buffer Overflow Vulnerability

Microsoft Internet Explorer Modal Dialog Zone Bypass Vulnerability

Microsoft Windows LSASS Connection Validation Privilege Escalation Vulnerability

Microsoft Windows Kernel Unchecked LPC Buffer Privilege Escalation Vulnerability

Microsoft Multiple Unspecified Security Vulnerabilities

Multiple Browser IMG Tag Multiple Vulnerabilities

Microsoft Internet Explorer FTP Client Directory Traversal Vulnerability

Microsoft FrontPage 2000 Internet Publishing Service Provider DAV File Upload Vulnerability

Microsoft Internet Explorer FTP URI Arbitrary FTP Server Command Execution Vulnerability

Microsoft Internet Explorer FTP Protocol Handler Local File Disclosure Weakness

Microsoft Windows winhlp32 Phrase Heap Overflow Vulnerability

Microsoft Windows winhlp32 Phrase Integer Overflow Vulnerability

Microsoft Windows XP Firewall ACL Bypass Vulnerability

Windows Media Player ActiveX Control File Enumeration Weakness

Windows Media Player ActiveX Control Media File Attribute Corruption Weakness

Microsoft Internet Explorer HTML Form Status Bar Misrepresentation Vulnerability

Hilgraeve HyperTerminal Session Data Buffer Overflow Vulnerability

Microsoft Word for Windows 6.0 Converter Font Conversion Buffer Overflow Vulnerability

Microsoft Windows DHCP Server Remote Buffer Overflow Vulnerability

Microsoft Windows DHCP Server Logging Remote Denial Of Service Vulnerability

Microsoft Word for Windows 6.0 Converter Table Conversion Buffer Overflow Vulnerability

Microsoft Office SharePoint Portal Server Local Information Disclosure Weakness

Microsoft Internet Explorer Remote Window Hijacking Vulnerability

Microsoft Windows Multiple Unspecified Vulnerabilities

Microsoft Internet Explorer Search Pane URI Obfuscation Vulnerability

Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer Sysimage Protocol Handler Local File Detection Vulnerability

Microsoft Internet Explorer Double Byte Character Set Handling Address Bar Spoofing Vulnerability

Microsoft Internet Explorer Drag and Drop Vulnerability

Microsoft Internet Explorer Image Download Filename Extension Spoofing Vulnerability

Microsoft Internet Explorer Infinite Array Sort Denial Of Service Vulnerability

Microsoft RPCSS DCERPC DCOM Object Activation Packet Length Heap Corruption Vulnerability

Microsoft Internet Explorer File Download Security Warning Bypass Vulnerability

Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerability

Microsoft Windows Compressed (zipped) Folder Buffer Overflow Vulnerability

Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability

Microsoft Internet Explorer Cookie Overwrite Vulnerability

Microsoft Internet Explorer Embedded Content Status Bar URI Obfuscation Weakness

Microsoft Windows DDEShare Buffer Overflow Vulnerability

Microsoft Internet Explorer Local Resource Enumeration Vulnerability

Microsoft Internet Explorer IFRAME Status Bar URI Obfuscation Weakness

Microsoft XML Parser Remote Denial of Service Vulnerability

Microsoft Internet Explorer TABLE Status Bar URI Obfuscation Weakness

Multiple Vendor Content Filtering Bypass Vulnerabilities

Multiple Vendor Internet Browser User Action Prediction/Interception Weakness

Microsoft Internet Explorer Font Tag Denial Of Service Vulnerability

Microsoft Windows Program Group Converter Filename Local Buffer Overrun Vulnerability

Microsoft Windows Kernel Local Denial of Service Vulnerability

Microsoft Windows WMF/EMF Image Format Rendering Remote Buffer Overflow Vulnerability

Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability

Microsoft Window Management API Local Privilege Escalation Vulnerability

Microsoft Windows Shell Long Share Name Buffer Overrun Vulnerability

Microsoft NNTP Component Heap Overflow Vulnerability

Microsoft Excel File Handler Buffer Overflow Vulnerability

Microsoft RPC Runtime Library Remote Denial Of Service And Information Disclosure Vulnerability

Multiple Vendor TCP Packet Fragmentation Handling Denial Of Service Vulnerability

Microsoft Internet Explorer HHCtrl ActiveX Control Cross-Domain Scripting Vulnerability

Microsoft Internet Explorer Malformed HTML Null Pointer Dereference Vulnerability

Microsoft Windows XP WAV File Handler Denial Of Service Vulnerability

Microsoft Internet Explorer JavaScript Method Assignment Cross-Domain Scripting Vulnerability

Microsoft Internet Explorer Popup.show Mouse Event Hijacking Vulnerability

Microsoft Internet Explorer Style Tag Comment Memory Corruption Vulnerability

Microsoft Internet Explorer Heartbeat ActiveX Control Unspecified Vulnerability

Microsoft Internet Explorer Plug-in Navigations Handling Address Bar Spoofing Vulnerability

Microsoft Internet Explorer Secure Sockets Layer Caching Vulnerability

Microsoft Internet Explorer Unspecified showHelp Zone Bypass Vulnerability

Microsoft Outlook Express Plaintext Email Security Policy Bypass Vulnerability

Microsoft Outlook 2003 Security Policy Bypass Vulnerability

Microsoft IIS WebDAV PROPFIND and SEARCH Method Denial of Service Vulnerability

Microsoft Windows 2003 Services Default SACL Access Right Weakness

Microsoft Frontpage Asycpict.DLL JPEG Handling Remote Denial of Service Vulnerabilities

Microsoft Windows XP Weak Default Configuration Vulnerability

Microsoft CABARC Directory Traversal Vulnerability

Microsoft Internet Explorer Local XML Document Disclosure Vulnerability

Microsoft Word Multiple Remote Denial Of Service Vulnerabilities

Multiple Browser Cross-Domain Cookie Injection Vulnerability

Microsoft SQL Server Remote Denial Of Service Vulnerability

Microsoft Internet Explorer Mouse Click Event Hijacking Vulnerability

Microsoft GDI+ Library Malformed JPEG Handling Unspecified Denial of Service Vulnerability

Microsoft Windows CE KDatastruct Information Disclosure Vulnerability

Microsoft Windows XP Explorer.EXE TIFF Image Denial of Service Vulnerability

Microsoft Internet Explorer User Security Confirmation Bypass Vulnerability

Microsoft WordPerfect Converter Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer Malformed GIF Double Free Code Execution Vulnerability

Microsoft Internet Explorer Bitmap Processing Integer Overflow Vulnerability

Microsoft Outlook Express BCC Field Information Disclosure Vulnerability

Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability

Microsoft NTP Time Synchronization Spoof Weakness

Microsoft Internet Explorer Resource Detection Weakness

Microsoft Windows XP Self-Executing Folder Vulnerability

Microsoft Internet Explorer Shell: IFrame Cross-Zone Scripting Vulnerability

Microsoft Windows XP Explorer Self-Executing Folder Vulnerability

Microsoft Windows HTML Help API Privilege Escalation Vulnerability

Microsoft Windows Message Queuing Service Heap Overflow Vulnerability

Microsoft Internet Explorer MHTML Content-Location Cross Security Domain Scripting Vulnerability

Microsoft Windows XP SP2 Released - Multiple Vulnerabilities Fixed

Microsoft Internet Explorer Spoofed Address Bar Vulnerability

Microsoft Windows Internet Connection Firewall Filter Bypass Vulnerability

Microsoft Windows LSASS Buffer Overrun Vulnerability

Microsoft Exchange Outlook Web Access HTTP Response Splitting Vulnerability

Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability

Microsoft Windows POSIX Subsystem Buffer Overflow Local Privilege Escalation Vulnerability

Microsoft Windows 2000/XP CRL File Failed Integrity Check Denial Of Service Vulnerability

Microsoft Internet Explorer mms Protocol Handler Executable Command Line Injection Vulnerability

Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer HREF Save As Denial of Service Vulnerability

Microsoft Systems Management Server Remote Denial Of Service Vulnerability

Microsoft JVM Cross-Domain Applet Unauthorized Communication Vulnerability

Microsoft Windows Utility Manager Local Privilege Escalation Variant Vulnerability

Microsoft Windows Shell CLSID File Extension Misrepresentation Vulnerability

Microsoft Windows HTML Help Heap Overflow Vulnerability

Microsoft Outlook Express Malformed Email Header Denial Of Service Vulnerability

Microsoft Windows Local Descriptor Table Local Privilege Escalation Vulnerability

Microsoft Windows showHelp CHM File Execution Weakness

Microsoft Internet Explorer Shell.Application Object Script Execution Weakness

Microsoft Internet Explorer URL Local Resource Access Weakness

Microsoft Internet Explorer JavaScript Interface Spoofing Vulnerability

Microsoft Windows 2000 Media Player Control Media Preview Script Execution Vulnerability

Microsoft Internet Explorer JavaScript Null Pointer Exception Denial Of Service Vulnerability

Microsoft Outlook Express Message Window Script Execution Vulnerability

Microsoft Word/Outlook Object Tag Security Setting Compromise Vulnerability

Microsoft Windows Window Message Subsystem Design Error Vulnerability

Microsoft Internet Explorer Self Executing HTML File Vulnerability

Microsoft Internet Explorer Non-FQDN URI Address Zone Bypass Vulnerability

Microsoft Internet Explorer Cross-Domain Frame Loading Vulnerability

Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness

Multiple Vendor FTP pipe Vulnerability

Business Objects Crystal Reports Web Form Viewer Directory Traversal Vulnerability

Multiple Vendor Broadband Router Web-Based Administration Denial Of Service Vulnerability

Microsoft Windows Remote Desktop Protocol Server Key Verification Vulnerability

Microsoft Windows H.323 Remote Buffer Overflow Vulnerability

Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability

Microsoft Virtual DOS Machine Local Privilege Escalation Vulnerability

Microsoft ASN.1 Library Double Free Memory Corruption Vulnerability

Microsoft Windows WMF/EMF Image Formats Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer Wildcard DNS Cross-Site Scripting Vulnerability

Microsoft Windows Management Local Privilege Escalation Vulnerability

Microsoft Windows Logon Process Remote Buffer Overflow Vulnerability

Multiple Microsoft Internet Explorer Script Execution Vulnerabilities

Microsoft DirectX DirectPlay Remote Malformed Packet Denial Of Service Vulnerability

Microsoft ISA Server 2000 FTP Bounce Filtering Vulnerability

Microsoft ISA Server Redirect URI Handler Web Proxy Service Remote Denial Of Service Vulnerability

Microsoft ISA Server Web Proxy Malformed SSL Packet Remote Denial of Service Vulnerability

Microsoft ISA Server HTTP Authentication Scheme Vulnerability

Microsoft ISA Server 2000 Site And Content Rule Bypass Vulnerability

Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability

Microsoft Outlook Mail Client E-mail Address Verification Weakness

Microsoft Outlook 2003 Predictable File Location Weakness

Microsoft Windows 2000 Domain Expired Account Security Policy Violation Weakness

Microsoft Outlook 2003 Media File Script Execution Vulnerability

Multiple Vendor URI Protocol Handler Arbitrary File Creation/Modification Vulnerability

Microsoft Windows Workstation Service Remote Buffer Overflow Vulnerability

Microsoft Internet Explorer CSS Style Sheet Memory Corruption Vulnerability

Microsoft UPnP NOTIFY Buffer Overflow Vulnerability

Microsoft Internet Explorer http-equiv Meta Tag Denial of Service Vulnerability

Microsoft Internet Explorer Codebase Double Backslash Local Zone File Execution Weakness

Microsoft Internet Explorer Double Backslash CHM File Execution Weakness

Microsoft Outlook Express URI Obfuscation Vulnerability

Windows Media Services MX_STATS_LogLine NSIISlog.DLL Remote Buffer Overflow Vulnerability

Microsoft Windows Terminal Server Patch Unspecified Denial Of Service Vulnerability

Microsoft Windows HSC DVD Driver Upgrade Code Execution Vulnerability

Microsoft Windows 2000/NT Terminal Server Service RDP DoS Vulnerability

Microsoft Jet Database Engine Remote Code Execution Vulnerability

Multiple Mail Transfer Agent Embedded Hyperlink URI Obfuscation Variant Weakness

Microsoft Internet Explorer Unconfirmed Memory Corruption Vulnerability

Microsoft Internet Explorer XML Parsing Denial Of Service Vulnerability

Qualcomm Eudora Embedded Hyperlink URI Obfuscation Weakness

Microsoft Internet Explorer Embedded Image URI Obfuscation Weakness

Microsoft ASP.NET Malformed HTTP Request Information Disclosure Vulnerability

Microsoft Internet Explorer Meta Data Foreign Domain Spoofing Vulnerability

Microsoft Outlook Express MHTML Forced File Execution Vulnerability

Microsoft Outlook Express MHTML Redirection Local File Parsing Vulnerability

Microsoft Windows Object Identity Network Communication Vulnerability

Microsoft Windows COM Internet Service/RPC Over HTTP Remote Denial Of Service Vulnerability

Microsoft Windows RPCSS Service Remote Denial Of Service Vulnerability

Microsoft Windows RPCSS Multi-thread Race Condition Vulnerability

Microsoft Negotiate SSP Remote Buffer Overflow Vulnerability

Microsoft Windows 2000 Domain Controller LDAP Denial Of Service Vulnerability

Microsoft Windows SSL Library Denial of Service Vulnerability

Microsoft Windows Help And Support Center URI Validation Code Execution Vulnerability

Microsoft Windows Utility Manager Local Privilege Escalation Vulnerability

Microsoft Visual Studio .NET Debugger Privilege Enforcement Weakness

Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability

Microsoft ASN.1 Library Length Integer Mishandling Memory Corruption Vulnerability

Microsoft Windows 2000 Install Unprotected ADMIN$ Share Vulnerability

Microsoft Internet Explorer Object Element Data Denial Of Service Vulnerability

Multiple Vendor IKE Implementation Certificate Authenticity Verification Vulnerability

Microsoft Outlook/Outlook Express Remote Denial Of Service Vulnerability

Microsoft Remote Procedure Call Service DoS Vulnerability

Microsoft Exchange Server Buffer Overflow Vulnerability

Microsoft Windows SMTP Service Authorization Bypass Vulnerability

Microsoft Exchange Server Invalid MIME Header charset = "" DoS Vulnerability

Microsoft Outlook Express Malformed EML File Denial of Service Vulnerability

Microsoft Internet Explorer Bitmap File Processing Denial of Service Vulnerability

Microsoft SQL Server 2000 Resolution Service Stack Overflow Vulnerability

Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability

Microsoft Windows Media Services NSIISlog.DLL Remote Buffer Overflow Vulnerability

MS Visual Studio RAD Support Buffer Overflow Vulnerability

Microsoft Windows ntdll.dll Buffer Overflow Vulnerability

Microsoft Internet Explorer Remote IFRAME Denial Of Service Vulnerability

Microsoft Internet Explorer Macromedia Flash Player Plug-in Remote Denial of Service Vulnerability

Microsoft Internet Explorer MSWebDVD Object Denial of Service Vulnerability

Microsoft SharePoint Portal Server Unspecified Cross-Site Scripting Vulnerabilities

Multiple Vendor Network Device Driver Frame Padding Information Disclosure Vulnerability

Microsoft Windows XP HCP URI Handler Arbitrary Command Execution Vulnerability

Multiple Vendor Internet Browser Cookie Path Argument Restriction Bypass Vulnerability

Microsoft Visual C++ MFC ISAPI Extension Denial Of Service Vulnerability

Microsoft Windows XP Explorer.EXE Remote Denial of Service Vulnerability

Microsoft Windows XP explorer.exe Remote Denial of Service Vulnerability

Microsoft Outlook Mailto Parameter Quoting Zone Bypass Vulnerability

Microsoft Windows Media Services Remote Denial of Service Vulnerability

Microsoft MSN Messenger Information Disclosure Vulnerability

Microsoft Internet Explorer Script URL Cross-Domain Access Violation Vulnerability

Microsoft Internet Explorer window.open Search Pane Cross-Zone Scripting Vulnerability

Microsoft Internet Explorer window.open Media Bar Cross-Zone Scripting Vulnerability

Microsoft Internet Explorer Cross-Domain Event Leakage Vulnerability

Microsoft Windows XP explorer.exe Multiple Memory Corruption Vulnerabilities

Microsoft ASN.1 Library Multiple Stack-Based Buffer Overflow Vulnerabilities

Multiple Outlook/Outlook Express Predictable File Location Weaknesses

Microsoft Windows XP Help And Support Center Interface Spoofing Weakness

Microsoft Outlook Express Arbitrary Program Execution Vulnerability

Microsoft IIS Unspecified Remote Denial Of Service Vulnerability

Microsoft Internet Explorer Unauthorized Clipboard Contents Disclosure Vulnerability

Microsoft Baseline Security Analyzer Vulnerability Identification Weakness

Microsoft Virtual PC For Mac Temporary File Privilege Escalation Vulnerability

Microsoft Windows Internet Naming Service Buffer Overflow Vulnerability

Microsoft Internet Explorer Double-Null URI Denial Of Service Vulnerability

Microsoft Internet Explorer LoadPicture File Enumeration Weakness

Microsoft Internet Explorer NavigateAndFind() Cross-Zone Policy Vulnerability

Microsoft MDAC Function Broadcast Response Buffer Overrun Vulnerability

Microsoft Exchange Server 2003 Outlook Web Access Random Mailbox Access Vulnerability

Multiple Browser URI Display Obfuscation Weakness

Microsoft Internet Explorer BackToFramedJPU Cross-Domain Policy Vulnerability

Microsoft Windows Samba File Sharing Resource Exhaustion Vulnerability

Multiple Vendor calloc() Implementation Integer Overflow Vulnerability

Microsoft ISA Server 2000 H.323 Filter Remote Buffer Overflow Vulnerability

Multiple Vendor Sun RPC xdr_array Buffer Overflow Vulnerability

Microsoft Word Form Protection Password Removal Weakness

Microsoft Internet Explorer Malicious Shortcut Self-Executing HTML Vulnerability

Microsoft Internet Explorer HTTP Referer Information Disclosure Vulnerability

Microsoft IIS Failure To Log Undocumented TRACK Requests Vulnerability

Microsoft Internet Explorer File Download Warning Bypass Vulnerability

Microsoft Windows Messenger Service Buffer Overrun Vulnerability

Microsoft Outlook Web Access HTML Attachment Script Execution Vulnerability

Multiple Vendor XML DTD Parameter Entity SOAP Server Denial Of Service Vulnerability

Microsoft Roaming Profile Resource Quota Bypass Weakness

Multiple Vendor XML Parser SOAP Server Denial Of Service Vulnerability

Microsoft Exchange Server 2003 Outlook Web Access Lowered Security Settings Weakness

Microsoft Internet Explorer Invalid ContentType Cache Directory Location Disclosure Weakness

Microsoft Internet Explorer Double Slash Cache Zone Bypass Vulnerability

Microsoft Visual Basic For Applications Document Handling Buffer Overrun Vulnerability

Microsoft WordPerfect Converter Buffer Overrun Vulnerability

Microsoft Word Macro Execution Security Model Bypass Vulnerability

Microsoft MSN Messenger Information Leakage Weakness

Microsoft Internet Explorer ExecCommand Cross-Domain Access Violation Vulnerability

Microsoft Internet Explorer Function Pointer Override Cross-Domain Access Violation Vulnerability

Microsoft ASP.NET Request Validation Null Byte Filter Bypass Vulnerability

Microsoft FrontPage Server Extensions Remote Debug Buffer Overrun Vulnerability

Microsoft ListBox/ComboBox Control User32.dll Function Buffer Overrun Vulnerability

Multiple Vendor Invalid X.509 Certificate Chain Vulnerability

Microsoft Internet Explorer XML Object Zone Restriction Bypass Vulnerability

Microsoft Word Macro Name Handler Buffer Overflow Vulnerability

Microsoft FrontPage Server Extensions SmartHTML Interpreter Denial Of Service Vulnerability

Microsoft Excel XLM Macro Security Level Bypass Vulnerability

Microsoft Internet Explorer Self Executing HTML Arbitrary Code Execution Vulnerability

Microsoft Internet Explorer JavaScript Local File Enumeration Vulnerability

Microsoft Internet Explorer Local Resource Reference Vulnerability

Microsoft Windows 2000 TroubleShooter ActiveX Control Buffer Overflow Vulnerability

Microsoft Exchange Server 5.5 Outlook Web Access Cross-Site Scripting Vulnerability

Microsoft Windows Help And Support Center URI Handler Buffer Overflow Vulnerability

Microsoft ActiveX Authenticode Verification Bypass Vulnerability

Microsoft Internet Explorer Scrollbar-Base-Color Partial Denial Of Service Vulnerability

Microsoft RPCSS DCOM Interface Long Filename Heap Corruption Vulnerability

Microsoft Windows Media Player IE Zone Access Control Bypass Vulnerability

Microsoft Windows Media Player Automatic File Download and Execution Vulnerability

Microsoft Internet Explorer XML Page Object Type Validation Vulnerability

Microsoft Internet Explorer Absolute Position Block Denial Of Service Vulnerability

Microsoft Internet Explorer Browser Popup Window Object Type Validation Vulnerability

Microsoft Word Malformed Document Denial of Service Vulnerability

Microsoft Windows PostThreadMessage() Arbitrary Process Killing Vulnerability

Microsoft BizTalk Server Documentation/WebDAV Weak Permissions Vulnerability

Microsoft Windows XP TCP Packet Information Leakage Vulnerability

Microsoft Exchange Server SMTP HELO Argument Buffer Overflow Vulnerability

Multiple Microsoft Windows 2003 Stack Protection Implementation Weaknesses

Microsoft Windows RPCSS DCOM Interface Denial of Service Vulnerability

Microsoft Windows 98 Fragmented UDP Flood Denial Of Service Vulnerability

Microsoft Access Snapshot Viewer ActiveX Control Parameter Buffer Overflow Vulnerability

Microsoft Windows NetBIOS Name Service Reply Information Leakage Weakness

Microsoft Internet Explorer Object Type Validation Vulnerability

Microsoft Internet Explorer BR549.DLL ActiveX Control Buffer Overflow Vulnerability

Microsoft Internet Explorer Zone Restriction Bypass Script Execution Vulnerability

Microsoft Internet Explorer OBJECT Tag Buffer Overflow Vulnerability

Microsoft Data Access Components ODBC Buffer Overflow Vulnerability

Microsoft DirectShow MIDI Filetype Buffer Overflow Vulnerability

Microsoft Data Access Components Buffer Overflow Vulnerability

Microsoft URLScan / RSA Security SecurID Configuration Enumeration Weakness

Microsoft Windows NT File Management Function Denial Of Service Vulnerability

Microsoft MCIWNDX.OCX ActiveX Control Buffer Overflow Vulnerability

Microsoft Windows 2000 Subnet Bandwidth Manager RSVP Server Authority Hijacking Vulnerability

Microsoft Internet Explorer CLASSID Denial of Service Vulnerability

Microsoft Internet Explorer CLASSID Variant Denial Of Service Vulnerability

Microsoft Outlook Express Script Execution Weakness

Multiple Vendor SNMP Request Handling Vulnerabilities

Microsoft SQL Server / MSDE Named Pipes Privilege Escalation Vulnerability

Microsoft SQL Server LPC Port Request Buffer Overflow Vulnerability

Microsoft SQL Server / MSDE Named Pipe Denial Of Service Vulnerability

Microsoft SQL Server / MSDE Multiple Vulnerabilities

Microsoft Multiple IIS 6.0 Web Admin Vulnerabilities

Microsoft ISA Server Cross-Site Scripting Vulnerabilities

Microsoft MSN Messenger Image File Transfer Denial of Service Vulnerability

Microsoft Windows XP Shell Desktop.ini Buffer Overflow Vulnerability

Microsoft Windows CreateFile API Named Pipe Privilege Escalation Vulnerability

Microsoft SMTP Service Invalid FILETIME Denial of Service Vulnerability

Microsoft SQL Server JET Database Engine 4.0 Buffer Overrun Vulnerability

Microsoft Windows HTML Converter HR Align Buffer Overflow Vulnerability

Microsoft Internet Explorer AutoScan Method Browser Security Policy Violation Weakness

Microsoft SMB Request Handler Buffer Overflow Vulnerability

Microsoft Windows Accessibility Utility Manager Privilege Escalation Vulnerability

Microsoft Windows MS DOS Device Name DoS Vulnerability

Microsoft Internet Explorer Custom HTTP Error HTML Injection Vulnerability

Microsoft RunDLL32.EXE Buffer Overflow Vulnerability

Microsoft Windows 2000 Unspecified Cryptnet.DLL Memory Leakage Vulnerability

Microsoft Windows 2000 Unauthorized RPC Connection Weakness

Microsoft Windows Terminal Service Kerberos Double Authorization Data Entry Vulnerability

Microsoft Windows 2000 Terminal Services Named Pipe System Account Access Vulnerability

Microsoft Windows 2000 ModifyDN Request Denial of Service Vulnerability

Microsoft Windows 2000 Domain Controller Spoofing Vulnerability

Microsoft Windows 2000 Port Name Buffers Potential Buffer Overflow Vulnerability

Microsoft Windows 2000 USBH_IoctlGetNodeConnectionDriverKeyName Information Disclosure Vulnerability

Microsoft Windows Security Accounts Manager API Denial Of Service Vulnerability

Microsoft Windows IMAADPCM cbDestLength Buffer Overrun Vulnerability

Microsoft Windows 2000 Active Directory Forest Origin Validation Vulnerability

Microsoft IIS _VTI_BOT Malicious WebBot Elevated Permissions Vulnerability

Microsoft URLScan Tool Information Disclosure Vulnerability

Microsoft Windows 2000 ShellExecute() Buffer Overflow Vulnerability

Microsoft Media Player 9 Unauthorized Media Library Access Vulnerability

Microsoft Windows 2000 Active Directory Remote Stack Overflow Vulnerability

Microsoft NetMeeting Directory Traversal Vulnerability

Microsoft Internet Explorer Remote URLMON.DLL Buffer Overflow Vulnerability

Microsoft Commerce Server 2002 Weak Registry Key Permissions Weakness

Microsoft Windows 2000 SP4 Released - Multiple Vulnerabilities Fixed

Microsoft Internet Explorer MSXML XML File Parsing Cross-Site Scripting Vulnerability

Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability

Microsoft Windows FIN-ACK Network Device Driver Frame Padding Information Disclosure Vulnerability

Microsoft Internet Explorer Classic Mode FTP Client Cross Domain Scripting Vulnerability

Internet Explorer file:// Request Zone Bypass Vulnerability

Microsoft SQL MS Jet Engine Unicode Buffer Overflow Vulnerability

Microsoft Windows 2000/XP/2003 IPV6 ICMP Flood Denial Of Service Vulnerability

Microsoft Windows XP Nested Directory Denial of Service Vulnerability

Microsoft Windows RPC Service Denial of Service Vulnerability

Microsoft URLScan Information Disclosure Weakness

Microsoft Windows Media Services Logging ISAPI Buffer Overflow Vulnerability

Microsoft Internet Explorer False URL Information Vulnerability

Microsoft IIS SSINC.DLL Server Side Includes Buffer Overflow Vulnerability

Microsoft Windows Kernel Message Handling Buffer Overflow Vulnerability

Microsoft IIS ASP Header Denial Of Service Vulnerability

Microsoft IIS Redirection Error Page Cross-Site Scripting Vulnerability

Microsoft Internet Information Service Multiple Vulnerabilities

Microsoft Internet Explorer Malformed JavaScript Denial of Service Vulnerability

Microsoft Internet Connection Firewall IPv6 Traffic Blocking Vulnerability

Microsoft Netmeeting CALLTO URL Buffer Overflow Vulnerability

Microsoft ISA Server Error Page Cross-Site Scripting Vulnerability

Microsoft Windows NT RPC Endpoint Mapper Denial of Service Vulnerability

Microsoft Windows Media Player Skin File Code Execution Vulnerability

Microsoft IIS WebDAV Denial Of Service Vulnerability

Microsoft Internet Explorer DHTML AnchorClick Partial Denial Of Service Vulnerability

Microsoft BizTalk Server DTA Interface SQL Injection Vulnerability

Microsoft BizTalk Server 2002 HTTP Receiver Buffer Overflow Vulnerability

Microsoft MN-500 Plaintext Password Disclosure Weakness

Microsoft IIS User Existence Disclosure Vulnerability

Microsoft Internet Explorer Plugin.OCX EnableFullPage Input Validation Vulnerability

Microsoft Internet Explorer Plugin.OCX Load() Method Buffer Overflow Vulnerability

Microsoft Windows Media Player File Attachment Script Execution Vulnerability

Microsoft Windows NetDDE Privilege Escalation Vulnerability

Multiple Name Server NXDomain Denial Of Service Vulnerability

Microsoft Windows RegEdit.EXE Registry Key Value Buffer Overflow Vulnerability

Microsoft Windows SMB NTLM Authentication Interception Weakness

Microsoft Internet Explorer dragDrop Method Local File Reading Vulnerability

Microsoft Internet Explorer Dialog Style Same Origin Policy Bypass Vulnerability

Microsoft Outlook Express MHTML URL Handler File Rendering Vulnerability

Microsoft Shlwapi.dll Malformed HTML Form Tag Denial of Service Vulnerability

Microsoft Internet Explorer Self-Referential Object Denial of Service Vulnerability

Microsoft Windows Service Control Manager Race Condition Vulnerability

Microsoft Windows 2000/XP Registry Editor Custom Permissions Weakness

Microsoft Windows EngTextOut Non-ASCII Character Denial Of Service Vulnerability

Multiple Vendor SNMP Trap Handling Vulnerabilities

Microsoft Windows Active Directory Policy Bypass Vulnerability

Microsoft Indexing Services .htw Cross-Site Scripting Vulnerability

Microsoft Winsock Proxy Service Remote Denial Of Service Vulnerability

Microsoft Java Virtual Machine Bytecode Verifier Vulnerability

Microsoft Windows Locator Service Buffer Overflow Vulnerability

Microsoft Windows XP Redirector Privilege Escalation Vulnerability

Microsoft ActiveSync Null Pointer Dereference Denial Of Service Vulnerability

Microsoft Windows Script Engine JScript.DLL Heap Overflow Vulnerability

Microsoft ISA Server DNS Intrusion Filter Denial of Service Vulnerability

Microsoft Windows 2000 Help Facility .CNT File :Link Buffer Overflow Vulnerability

Microsoft Windows PostMessage API Unmasked Password Weakness

Microsoft Internet Explorer .MHT File Buffer Overflow Vulnerability

Multiple Vendor 802.11b Authentication-Failed Denial Of Service Vulnerability

Microsoft Windows Help and Support Center Buffer Overflow Vulnerability

Microsoft Windows XP Safe Mode Policy Bypass Weakness

Microsoft Outlook and Outlook Express Arbitrary Program Execution Vulnerability

Windows NT DNS Resolution Remote Buffer Overflow Vulnerability

Microsoft Riched20.dll Attribute Buffer Overflow Vulnerability

Multiple Vendor gethostbyname() Buffer Overflow Vulnerability

Microsoft Internet Explorer ShowHelp Arbitrary Command Execution Vulnerability

Microsoft Internet Explorer Dialog Box Cross-Domain Violation Vulnerability

Microsoft Exchange Server 5.5 IMAP NOOP Denial of Service Vulnerability

Microsoft Windows Remote Registry Modification Weakness

Multiple Vendor Spoofed IGMP Report Denial Of Service Vulnerability

Multiple Vendor TCP Initial Sequence Number Statistical Vulnerability

Multiple Vendor Small TCP MSS Denial of Service Vulnerability

Windows NT Xenroll Library Storage Consumption Vulnerability

Microsoft Windows NT/2000 cmd.exe CD Buffer Overflow Vulnerability

Multiple Vendor Email Client JavaScript Information Leakage Vulnerability

Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability

Microsoft Windows NT/2000/XP LAN Manager Password Hashing Weakness

Microsoft Windows XP HCP URI Buffer Overflow Vulnerability

Microsoft IIS False Logging Weakness

Microsoft IIS Malformed HTTP Get Request Denial Of Service Vulnerability

Microsoft Windows Network Monitor Weak Password Encryption Vulnerability

Microsoft Windows 2000 RPC Service Privilege Escalation Vulnerability

Microsoft Windows 2000 NetBIOS Continuation Packets Kernel Memory Leak Vulnerability

Microsoft Windows NT Win32k.sys Denial of Service Vulnerability

Microsoft SQL Server 7.0/2000 DBCC Buffer Overflow Vulnerability

Microsoft SQL Agent Jobs Privilege Elevation Vulnerability

Microsoft SQL Server Extended Stored Procedure Privilege Elevation Vulnerability

Microsoft Outlook Express S/MIME Buffer Overflow Vulnerability

Microsoft SQL Server Web Task Stored Procedure Privilege Escalation Vulnerability

Microsoft SQL Server 2000 Bulk Insert Procedure Buffer Overflow Vulnerability

Microsoft Windows MSGINA.DLL Read-Lock Denial Of Service Vulnerability

Email: