Welcome, Guest. Please Login or Register.
Search
Members
Login
Register
   Mischel Internet Security Forum
   Internet Security
   News (Moderators: Helena, Gavin_Coe, Magnus)
   Microsoft Security Bulletin(s) for December 9 2008		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Microsoft Security Bulletin(s) for December 9 2008  (Read 690 times)
NICK_ADSL_UK
Senior Member
****






   
WWW  

Gender: male
 Posts: 329
Microsoft Security Bulletin(s) for December 9 2008
« on: Dec 9th, 2008, 2:01pm »		 Quote Quote  Modify Modify
Microsoft Security Bulletin(s) for December 9 2008
 
Note: There may be latency issues due to replication, if the page does not display keep refreshing
 
Today Microsoft released the following Security Bulletin(s).  
 
Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
 
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
 
Bulletin Summary:
 
http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx
 
Critical (6 )
 
Microsoft Security Bulletin MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
http://www.microsoft.com/technet/security/Bulletin/ms08-071.mspx
 
Microsoft Security Bulletin MS08-075 – Critical
Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)
http://www.microsoft.com/technet/security/Bulletin/ms08-075.mspx
 
Microsoft Security Bulletin MS08-073 - Critical
Cumulative Security Update for Internet Explorer (958215)
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx
 
Microsoft Security Bulletin MS08-070 - Critical
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)
http://www.microsoft.com/technet/security/Bulletin/ms08-070.mspx

Microsoft Security Bulletin MS08-072 - Critical
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx

Microsoft Security Bulletin MS08-074 - Critical
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx
 
Important (2)
 
Microsoft Security Bulletin MS08-077 - Important
Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
http://www.microsoft.com/technet/security/bulletin/ms08-077.mspx
 
Microsoft Security Bulletin MS08-076 – Important
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx
 
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.  
 
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.
 
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
 
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
IP Logged

Wilders Security Forum Admin
Microsoft MVP - Consumer Security
NICK_ADSL_UK
Senior Member
****






   
WWW  

Gender: male
 Posts: 329
Re: Microsoft Security Bulletin(s) for December 9
« Reply #1 on: Dec 17th, 2008, 6:35pm »		 Quote Quote  Modify Modify
Microsoft Out-Of-Band Security Bulletin(s) for December 17, 2008
Microsoft Security Bulletin(s) for December 17, 2008  
 
Published: December 9, 2008 | Updated: December 17, 2008
 
Note: There may be latency issues due to replication, if the page does not display keep refreshing
 
Today Microsoft released the following Security Bulletin(s) out of band critacal update  
 
Microsoft Security Bulletin MS08-078 - Critical
Security Update for Internet Explorer (960714)
Published: December 17, 2008
 
Version: 1.0
 
General Information
Executive Summary
This security update resolves a publicly disclosed vulnerability. The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
 
This security update is rated Critical for Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, and Internet Explorer 7. For information about Internet Explorer 8 Beta 2, please see the section, Frequently Asked Questions (FAQ) Related to This Security Update. For more information, see the subsection, Affected and Non-Affected Software, in this section.
 
The security update addresses the vulnerability by modifying the way Internet Explorer validates data binding parameters and handles the error resulting in the exploitable condition. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information.
 
Recommendation. Microsoft recommends that customers apply the update immediately.
 
Known Issues. None
 
 
This security update also addresses the vulnerability first described in Microsoft Security Advisory 961051
http://www.microsoft.com/technet/security/advisory/961051.mspx
 
http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx
IP Logged

Wilders Security Forum Admin
Microsoft MVP - Consumer Security
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »