News

Wednesday, April 09, 2008

Security UPDATE Alert: 8 Microsoft Security Bulletins for April 2008

WIN_SECURITY UPDATE_
A Penton Media Property
April 9, 2008


If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529230-0-0-0-1-2-207

----------------------------------------
ADVERTISEMENT
Symantec

Messaging Management

Fundamentals eBook - Best Practices & Service Comparison
Email and messaging infrastructures are the backbone of today's business
operations, they are so essential that if they go down, an
organization's business stops. With this level of importance put on
these systems, protecting your email and messaging infrastructures is
the primary goal of email and messaging management solutions. Email and
management solutions can mitigate the risks related to information loss,
leakage, or unauthorized data access. Read this eBook to learn about the
best practices of designing an email and messaging management
infrastructure in Exchange-centric environments.

http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529231-0-0-0-1-2-207
----------------------------------------

ALERT

--Security UPDATE Alert: 8 Microsoft Security Bulletins for April 2008
by Orin Thomas, MVP Windows Security
Microsoft released eight security updates for April, rating five of them
as critical. Here's a brief description of each update; for more
information, go to

www.microsoft.com/technet/security/bulletin/ms08-apr.mspx
(http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529232-0-0-0-1-2-207)

MS08-018: Vulnerability in Microsoft Project Could Allow Remote Code
Execution

The attack vector for this vulnerability is a specially created
Microsoft Project document. The most severe consequence from an attack
leveraging this vulnerability is an attacker gaining complete control
over the affected computer. This bulletin replaces previous bulletins.

Applies to: Project 2000, Project 2002, and Project 2003. Does not
affect Project 2007 or Project Server 2003.

Recommendation: Microsoft rates this update as critical. The priority
you assign this update should depend on the frequency with which your
organization uses and shares Project documents.

MS08-019: Vulnerabilities in Microsoft Visio Could Allow Remote Code
Execution

The attack vector for this vulnerability is a specially created Visio
file. The most severe consequence from an attack leveraging this
vulnerability is an attacker gaining complete control over the affected
computer. This bulletin replaces previous bulletin MS07-030.

Applies to: Visio 2002, Visio 2003, and Visio 2007. Does not apply to
Visio Viewer.

Recommendation: Microsoft rates this update as important. The urgency
you attach to deploying this update should be proportional to the
frequency with which your organization uses and shares Visio documents.

MS08-020: Vulnerability in DNS Client Could Allow Spoofing

The attack vector for this vulnerability is a specially crafted response
to a DNS request. The most severe consequence from an attack leveraging
this vulnerability is a client being redirected away from legitimate
destinations.

Applies to: Windows 2000, Windows XP, Windows Server 2003, and Windows
Vista without SP1. Does not apply to Vista SP1 or Windows Server 2008.

Recommendation: Microsoft rates this update as important. You should
test and deploy this update as a part of your normal patch management
routine.

MS08-021: Vulnerability in GDI could allow Remote Code Execution

The attack vector for this vulnerability is a specially created EMF or
WMF image file which exploits the Windows Graphics Device Interface
(GDI). The most severe consequence from an attack leveraging this
vulnerability is an attacker gaining complete control over the affected
computer. This bulletin replaces previous bulletin MS07-046.

Applies to: All Windows OSs.

Recommendation: Microsoft rates this update as critical. Given that this
exploit can be leveraged against all Windows OSs, you should perform
accelerated testing and deploy this update to computers in your
environment as soon as possible.

MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could
Allow Remote Code Execution

The attack vector for this vulnerability is specially crafted VBScript
and JScript scripts. The most severe consequence from an attack
leveraging this vulnerability is an attacker gaining complete control
over the affected computer. This bulletin replaces previous bulletin
MS06-023.

Applies to: Windows 2000, Windows XP, and Windows Server 2003. Does not
apply to Windows Vista or Windows Server 2008.

Recommendation: Microsoft rates this update as critical. You should test
and deploy this update to computers in your environment as soon as
possible.

MS08-023: Security Update of ActiveX Kill Bits

The attack vector for this vulnerability is a specifically created Web
page viewed by using Microsoft Internet Explorer (IE). Depending on the
OS attacked, the consequences range from complete control over the
affected computer to basic remote code execution.

Applies to: Windows 2000 and Windows XP (Critical), Windows Server 2003
(Moderate), Windows Vista (Important), and Windows Server 2008 (Low).

Recommendation: Microsoft rates this update as critical for some OSs to
low for others. The priority that you apply to this update should
reflect your organization's OS deployment. An organization that has only
Windows Server 2008 and Windows Vista computers can deploy this patch
according to their normal patch management cycle; an organization that
has Windows 2000 or Windows XP clients should perform more rapid testing
and deployment.

MS08-024: Cumulative Update for Internet Explorer

The attack vector for this vulnerability is a specially created Web
page. The most severe consequence from an attack leveraging this
vulnerability is an attacker gaining complete control over the affected
computer. This bulletin replaces previous bulletin MS08-010.

Applies to: All versions of Microsoft Internet Explorer.

Recommendation: Microsoft rates this update as critical. You should give
high priority to the testing and deployment of this update.

MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of
Privilege

This attack requires the attacker to be logged on locally. The most
severe consequence from an attack leveraging this vulnerability is
attackers elevating their privileges so that they have administrative
rights.

Applies to: All versions of Windows.

Recommendation: Microsoft rates this update as important. Because this
attack can be leveraged only by a locally logged-on user, you can test
and deploy this patch as a part of your normal patch management routine.

CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).

http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529233-0-0-0-1-2-207

http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529234-0-0-0-1-2-207

You are subscribed to this newsletter as boy.blogger@gmail.com

Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529235-0-0-0-1-2-207.

To unsubscribe:
http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529236-0-0-0-1-2-207&list_id=803&email=boy.blogger@gmail.com&message_id=5408

Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.

To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529237-0-0-0-1-2-207

About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://ct.email.windowsitpro.com/rd/cts?d=33-5408-803-202-62923-529238-0-0-0-1-2-207

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2008, Penton Media, Inc. All rights reserved.

No comments:

Blog Archive