A Penton Media Property
February 13, 2008
If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183592-0-0-0-1-2-207
----------------------------------------
ADVERTISEMENT
Sophos
Instant Messaging, VoIP, P2P, and Games in the Workplace
Take back control of unauthorized applications. Employees installing and
using unauthorized applications like Instant Messaging, VoIP, games and
peer-to-peer file-sharing applications cause many businesses legal
concerns, IT support burdens, network and system overhead as well as
employee productivity issues. This white paper discusses the various
approaches to control applications, and highlights how integrating the
blocking of unauthorized applications into the existing anti-malware
detection and management infrastucture gives IT administrators a simple
solution that removes cost and management overhead.
http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183593-0-0-0-1-2-207
----------------------------------------
ALERT
--11 Microsoft Security Bulletins for February 2008
Orin Thomas, MVP Windows Security, orin@windowsitpro.com
Microsoft released 11 security updates for February, rating six of them
as critical. Here's a brief description of each update; for more
information, go to
www.microsoft.com/technet/security/bulletin/ms08-feb.mspx
(http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183594-0-0-0-1-2-207)
MS08-003: Vulnerability in Active Directory Could Allow Denial of
Service
The attack vector for this vulnerability is a Denial of Service (DoS)
attack against Active Directory Application Mode (ADAM) on client
computers and Active Directory on servers. The most severe consequence
from an attack leveraging this vulnerability is an affected computer
halting and then automatically restarting. This bulletin replaces
previous bulletin MS07-039.
Applies to: Windows 2000, Windows XP, Windows Server 2003
Recommendation: Microsoft rates this update as important. You should
perform testing and deployment of this update as part of your
organization's regular patch management routine.
MS08-004: Vulnerability in Windows TCP/IP Could Allow Denial of Service
The attack vector for this privately reported vulnerability is a
specially crafted DHCP server response that corrupts TCP/IP structures
that cause the affected system to stop responding and restart
automatically. This bulletin replaces previous bulletin MS08-001.
Applies to: Windows Vista
Recommendation: Microsoft rates this update as important. You should
perform testing and deployment of this update as part of your
organization's regular patch management routine.
MS08-005: Vulnerability in Internet Information Services Could Allow
Elevation of Privilege
The attack vector for this privately reported vulnerability is the way
that Microsoft IIS handles file change notifications in the default FTP
and WWW folders. The most severe consequence from an attack leveraging
this vulnerability is the execution of arbitrary code, allowing the
attacker to take full control of an affected computer.
Applies to: Windows 2000, Windows XP, Windows Vista, Windows Server 2008
Recommendation: Microsoft rates this update as important. You should
perform testing and deployment of this update as part of your
organization's regular patch management routine.
MS08-006: Vulnerability in Internet Information Services Could Allow
Remote Code Execution
The attack vector for this privately reported vulnerability is the way
that Microsoft IIS handles input to Active Server Pages (ASP) Web pages.
An attacker who exploits this vulnerability could perform actions on the
IIS server with the same rights as the Worker Process Identity. This
bulletin replaces previous bulletin MS06-034.
Applies to: Windows XP, Windows Server 2003
Recommendation: Microsoft rates this update as important. You should
perform testing and deployment of this update as part of your
organization's regular patch management routine.
MS08-007: Vulnerability in WebDAV Mini-Redirector Could Allow Remote
Code Execution
The attack vector for this vulnerability is the way the WebDAV
Mini-Redirector handles responses. The most severe consequence from an
attack leveraging this vulnerability is complete control of an affected
system.
Applies to: Windows XP, Windows Server 2003, Windows Vista
Recommendation: Microsoft rates this update as critical. You should
perform accelerated testing and deployment of this update.
MS08-008: Vulnerability in OLE Automation Could Allow Remote Code
Execution
The attack vector for this vulnerability is a specially crafted Web
page. The most severe consequence from an attack leveraging this
vulnerability is remote code execution with the privileges of the
currently logged on user. This bulletin replaces previous bulletin
MS07-043.
Applies to: Windows 2000, Windows XP, Windows Server 2003, Windows
Vista, Office 2004 for Mac
Recommendation: Microsoft rates this update as critical. You should
perform accelerated testing and deployment of this update.
MS08-009: Vulnerability in Microsoft Word Could Allow Remote Code
Execution
The attack vector for this vulnerability is a specially crafted
Microsoft Word file. The most severe consequence from an attack
leveraging this vulnerability is complete control of an affected system.
This bulletin replaces previous bulletin MS07-060.
Applies to: Office 2000, Office XP, Office 2003
Recommendation: Microsoft rates this update as critical. You should
perform accelerated testing and deployment of this update.
MS08-010: Cumulative Security Update for Internet Explorer
This cumulative update addresses several vulnerabilities, the most
serious of which involves an attacker using a specially crafted Web page
to take control of an affected system. This bulletin replaces previous
bulletin MS07-069.
Applies to: All versions of Windows
Recommendation: Microsoft rates this update as critical. You should
perform accelerated testing and deployment of this update.
MS08-011: Vulnerability in Microsoft Works File Converter Could Allow
Remote Code Execution
The attack vector for this privately reported vulnerability is a
specially crafted Microsoft Works file. The most severe consequence from
an attack leveraging this vulnerability is complete control of an
affected computer.
Applies to: Microsoft Office 2003, Microsoft Works 8, Microsoft Works
Suite 2005
Recommendation: Microsoft rates this update as important. You should
perform testing and deployment of this update as a part of your
organization's regular patch management routine.
MS08-012: Vulnerabilities in Microsoft Office Publisher Could Allow
Remote Code Execution
The attack vector for this vulnerability is a specially crafted
Microsoft Publisher file. The most severe consequence from an attack
leveraging this vulnerability is an attacker taking complete control of
an affected computer. This bulletin replaces previous bulletin MS06-054.
Applies to: Office 2000, Office XP, Office 2003
Recommendation: Microsoft rates this update as critical. You should
perform accelerated testing and deployment of this update.
MS08-013: Vulnerability in Microsoft Office Could Allow Remote Code
Execution
The attack vector for this vulnerability is a specially crafted
Microsoft Office file with a malformed object inserted into the
document. The most severe consequence from an attack leveraging this
vulnerability is complete control of an affected system. This bulletin
replaces previous bulletin MS06-047.
Applies to: Office 2000, Office XP, Office 2003
Recommendation: Microsoft rates this update as critical. You should
perform accelerated testing and deployment of this update.
CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183595-0-0-0-1-2-207
http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183596-0-0-0-1-2-207
You are subscribed to this newsletter as boy.blogger@gmail.com
Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183597-0-0-0-1-2-207.
Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.
To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183599-0-0-0-1-2-207
About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://ct.email.windowsitpro.com/rd/cts?d=33-2373-803-202-62923-183600-0-0-0-1-2-207
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2008, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment