From secnotif@MICROSOFT.COM Wed Jun 21 11:31:36 2000 From: Microsoft Product Security Resent-From: mea culpa To: MICROSOFT_SECURITY@ANNOUNCE.MICROSOFT.COM Resent-To: jericho@attrition.org Date: Tue, 20 Jun 2000 17:14:47 -0700 Subject: Microsoft Security Bulletin MS00-038 Update The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. ******************************** -----BEGIN PGP SIGNED MESSAGE----- On May 30, 2000, we released Microsoft Security Bulletin MS00-038 "Malformed Windows Media Encoder Request" (http://www.microsoft.com/technet/security/bulletin/ms00-038.asp), eliminating a security vulnerability in Microsoft(r) Windows(r) Media Encoder, which ships as a component of the Windows Media Technologies. The vulnerability could allow a malicious user to interfere with a digital content provider's ability to supply real-time audio and video broadcasts. On June 20, 2000, Microsoft re-released this patch to fix a regression that was introduced by the original patch. We recommend that any customers who previously applied the original patch to re-apply this new patch to ensure the regression is eliminated. We are very sorry for any inconvenience caused by this error, and will do our best to ensure that it does not occur again. Regards, Secure@microsoft.com -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQEVAwUBOVAI8I0ZSRQxA/UrAQEvTwf+MGvxSCaNyalMty6sDU6oVIjeiL2WNgU1 GIVTLZBVC7GKTGdYO+RNMPWv3CmYHckzLfwIg6Ixtxx5eM4+74vEjaPKXFL1ZgW2 tgjIkY3X4fnXyHhdF9/imYkiQyzMXTxAtR/Ab48orHsGaAEPNqoWKsGQKE8BK4rP dGUrkIpUTkCkJXH+/c+rajMUG2YUFcw0kqJ6tvuhFWS/1mfIAtwvECFcTZTiiTNp X+hjgOFitBuWE0LClOkp2pM00T4sG4fJ3QQzmwo1s+ul5NHxKi1EBPNEuIquclyL YpNluSiZek5ntdEdr6r42aghOZ7FOnuqy6hqbvlbgbfBRgYj5KxtJw== =L8Jf -----END PGP SIGNATURE----- ******************************************************************* You have received this e-mail bulletin as a result of your registration to the Microsoft Product Security Notification Service. You may unsubscribe from this e-mail notification service at any time by sending an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM The subject line and message body are not used in processing the request, and can be anything you like. To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp. For more information on the Microsoft Security Notification Service please visit http://www.microsoft.com/technet/security/notify.asp. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.