Bugtraq mailing list archives

Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error

From: VR <violentrain () HOTMAIL COM>
Date: Sat, 16 Dec 2000 12:16:41 -0600

I somewhat apologize for the HTML formatting for those of you using a
text-based editor.  Right or Wrong, I love the formatting.

Check out the Microsoft DLL help database at
http://support.microsoft.com/servicedesks/fileversion/dllinfo.asp.

A query for mstask.exe results in the following:
      File Name    Version        More Information     Description
       mstask.exe    4.71.2137.1       More Information     Task Scheduler
Engine
       mstask.exe    4.71.2113.1       More Information     Task Scheduler
Engine
       mstask.exe    4.71.1964.1       More Information     Task Scheduler
Engine
       mstask.exe    4.71.1960.1       More Information     Task Scheduler
Engine
       mstask.exe    4.71.1959.1       More Information     Task Scheduler
Engine


A query for mstask.dll...
      File Name    Version        More Information     Description
       mstask.dll    4.71.2137.1       More Information     Task Scheduler
interface DLL
       mstask.dll    4.71.2113.1       More Information     Task Scheduler
interface DLL
       mstask.dll    4.71.1964.1       More Information     Task Scheduler
interface DLL
       mstask.dll    4.71.1960.1       More Information     Task Scheduler
interface DLL
       mstask.dll    4.71.1955.1       More Information     Task Scheduler
interface DLL


The drill-down is very interesting if you'd like to know exactly which
products were RTM'd with that particular mstask.exe/dll ver.

http://support.microsoft.com/support/kb/articles/Q260/3/39.ASP desribed a
bugfix included in IE5.5 SP1 which results in a new release of mstask.dll:

5/31/2000  6:41PM  4.71.1965.1  234,832  Mstant.dll

I think the file name is mispelled.  I believe it should be mstask.dll.
This fix only applies to the following:

Microsoft Internet Explorer versions 5.01, 5.01 Service Pack 1, 5.5 for
Windows NT 4.0

Something else to note is the two different versioning paths - one for Win2k
and one for everything else that has Task Scheduler.

      Name: mstask.dll
      Description: Task Scheduler interface DLL
      Version: 4.71.1964.1
      DLLSelfRegister: No

      PRODUCTS CONTAINING THIS VERSION:
      PRODUCT    SIZE    MOD DATE    CAB/IEXPRESS    RELATIVE PATH
      Commerce Server 2000    245,824    3/27/2000    ts95.cab
\support\ie
      Commerce Server 2000    234,320    3/27/2000    tsnt.cab
\support\ie
      Internet Explorer 5.5    245,824    3/27/2000    ts95.cab
      Internet Explorer 5.5    234,320    3/27/2000    tsnt.cab
      Windows Millenium Edition    258,048    6/8/2000    win_13.cab
\win9x


      Name: mstask.dll
      Description: Task Scheduler interface DLL
      Version: 4.71.2137.1
      DLLSelfRegister: No

      PRODUCTS CONTAINING THIS VERSION:
      PRODUCT    SIZE    MOD DATE    CAB/IEXPRESS    RELATIVE PATH
      Windows 2000 BETA RC3    218,384    11/14/1999
      Windows 2000 Professional    218,384    12/2/1999        \i386
      Windows 2000 Server    218,384    12/2/1999        \i386


It is important to note that schedule.exe (on NT4) will be upgraded to Task
Scheduler when the Offline Browsing Pack is installed during IE5.x setup.
The same will happen with IE4.x if you download the Task Scheduler
component.  You can avoid the upgrade by choosing not to install the Offline
Browsing Pack (NT4 only).  However, you will not be able to synchronize web
pages for offline reading.

http://support.microsoft.com/support/kb/articles/Q174/8/28.ASP (Describes
components available in IE4)

To cover all bases, yes Task Scheduler is used for more than just scheduled
web synchronizations.  The Microsoft Critical Update Notification, PCHealth,
Tune-Up, etc. automatically schedule themselves too.  Win98 and newer will
automatically use Task Scheduler for these things.

Cheers, VR
----- Original Message -----
From: "Dan Carleton" <dan () FIPOINT COM>
To: <BUGTRAQ () SECURITYFOCUS COM>
Sent: Friday, December 15, 2000 8:57 AM
Subject: Re: [BUGTRAQ] Vulnerability Report For Microsoft Windows NT 4.0
MSTask.exe code error

Win 98 DOES have a task scheduler, MSTask.exe, although I don't know if it
has the same vulnerability as NT.

from TechNet:

http://www.microsoft.com/TechNet/win98/reskit/part5/wrkc23.asp

"The Scheduled Task Wizard is automatically installed when you install
Windows 98. The executable file, Mstask.exe, is located in your \Windows
\System folder."

-----Original Message-----
From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of Andrew
Church
Sent: Wednesday, December 13, 2000 11:31 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: Re: Vulnerability Report For Microsoft Windows NT 4.0
MSTask.exe code error

Windows 95/98 not vulnerable, because they has no MSTask.exe

Current thread:

Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error Andrew Church (Dec 15)
- Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error Geoffroy RIVAT (Dec 16)
- Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error Dan Carleton (Dec 16)
  - Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error Wade, Philip (Dec 18)
  - Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error VR (Dec 18)