A Penton Media Property
August 13, 2008
If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261881-0-0-0-1-2-207
ALERT
--Security UPDATE Alert: 11 Microsoft Security Bulletins for August 2008
by Orin Thomas, MVP Windows Security
Microsoft released eleven security updates for August, rating six of
them as critical. Here's a brief description of each update; for more
information, go to
http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261882-0-0-0-1-2-207
(http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261883-0-0-0-1-2-207)
MS08-041: Vulnerability in the ActiveX Control for the Snapshot Viewer
for Microsoft Access Could Allow Remote Code Execution
The attack vector for this exploit is a specially created web page. The
exploit targets the ActiveX control for the Snapshot Viewer for
Microsoft Access. When exploited, the ActiveX control downloads a file
from the Internet and writes it to any path on the local disk. This
vulnerability, if unpatched, could allow the execution of remote code,
gaining the same rights as the currently logged on user. This bulletin
replaces MS03-038.
Applies to: Microsoft Office 2003, XP, 2000
Recommendation: Microsoft rates this update as critical, and exploits
have been reported in the wild. You should promptly perform testing and
deployment of this update.
MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code
Execution
The attack vector for this exploit is a specially created Microsoft Word
document. If leveraged, an attacker could take complete control of an
affected computer.
Applies to: Microsoft Office 2003, XP
Recommendation: Although Microsoft rates this update as important, the
ubiquitous nature of Word documents being transmitted over email means
that you should promptly perform testing and deployment of this update.
MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution
The attack vector for this exploit is a specially crafted Microsoft
Excel file. If the target of the attack opens one of these specially
crafted files, the attacker could gain complete control of the computer
that they are logged on to. The amount of damage that an attacker could
cause will be proportional to the rights and privileges of the logged on
user. This bulletin replaces MS08-014 and MS08-026.
Applies to: All versions of Microsoft Office from 2007 to 2000, as well
as SharePoint Server 2007
Recommendation: Microsoft rates this update as critical. This
vulnerability can be exploited on all versions of the Office suite. You
should promptly perform testing and deployment of this update.
MS08-044: Vulnerabilities in Microsoft Office Filters Could Allow Remote
Code Execution
This update addresses five privately reported vulnerabilities, all of
which address attacks that leverage specially crafted image files
against Microsoft Office. The severity of the attack depends upon the
rights of the logged on user. This bulletin replaces MS06-039.
Applies to: Microsoft Office 2003, XP, 2000; Microsoft Project 2002;
Microsoft Office File Converter Pack; Microsoft Works 8
Recommendation: Microsoft rates this update as critical for Office 2000
and important for all other versions of the affected software. If your
organization still uses Office 2000, you should prioritize the testing
and deployment of this update.
MS08-045: Cumulative Security Update for Internet Explorer
This update fixes five privately reported vulnerabilities and one
publicly reported vulnerability, all of which could allow remote code
execution if the subject of an attack views a specially created web page
in Internet Explorer (IE). This bulletin replaces bulletin MS08-031.
Applies to: All versions of IE
Recommendation: You should test and deploy this update as soon as
possible.
MS08-046: Vulnerability in Microsoft Windows Image Color Management
System Could Allow Remote Code Execution
This update addresses a vulnerability in the Microsoft Image Color
Management (ICM) system that could be leveraged to allow remote code
execution with the privileges of the currently logged on user. The
vector for exploiting this vulnerability is getting the logged on user
to open a specially modified image file.
Applies to: Windows Server 2003, XP, 2000
Recommendation: Microsoft rates this update as critical. If your
organization uses the vulnerable OSs, you should promptly perform
testing and deployment of this update.
MS08-047: Vulnerability in IPsec Policy Processing Could Allow
Information Disclosure
This vulnerability relates to the way that IPsec rules are applied and
could cause computers to ignore IPsec policies and transmit data across
the network in an unencrypted format.
Applies to: Windows Server 2008, Vista
Recommendation: Microsoft rates this vulnerability as important. If your
organization deploys IPsec policies with Windows Server 2008 or
Vista-based systems, you should test and deploy this update as a part of
your organization's normal patch management cycle.
MS08-048: Security Update for Outlook Express and Windows Mail
The attack vector for this exploit is a specially created web page. If
unpatched, the exploit could be leveraged to allow information
disclosure through Outlook Express or Windows Mail. This bulletin
replaces bulletin MS07-056.
Applies to: Windows Server 2008, Vista, Server 2003, XP, 2000
Recommendation: Microsoft rates this update as important. If your
organization uses Outlook Express or Windows Mail, you should test and
deploy this update as a part of your patch management cycle.
MS08-049: Vulnerabilities in Event System Could Allow Remote Code
Execution
The attack vector for this exploit involves subscriptions to the event
system. An attacker who successfully leverages this exploit can take
complete control of a targeted computer.
Applies to: Windows Server 2008, Vista, Server 2003, XP, 2000
Recommendation: Although Microsoft rates this update as important, you
should consider accelerated testing and deployment of this update given
the wide number of vulnerable OSs.
MS08-050: Vulnerability in Windows Messenger Could Allow Information
Disclosure
The attack vector for this exploit is an ActiveX control that can be
leveraged through a messenger session to allow information disclosure
about the currently logged on user. If unpatched, an attacker could
initiate audio and video sessions without the knowledge of the logged on
user. It is also possible for the attacker to leverage this exploit to
capture the user's logon ID and password.
Applies to: Windows Server 2003, XP, 2000
Recommendation: Microsoft rates this update as important. If your
organization uses Windows Messenger, you should test and deploy this
update as a part of your regular patch management cycle.
MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote
Code Execution
This update addresses three privately reported vulnerabilities in
PowerPoint and PowerPoint Viewer. The attack vector for this exploit is
a specially crafted PowerPoint file. This exploit can be leveraged to
take complete control of a targeted computer. This bulletin replaces
MS06-058.
Applies to: PowerPoint 2007, 2003, 2002, 2000
Recommendation: This update is rated critical for PowerPoint 2000 and
important for all other editions of PowerPoint. You should perform
accelerated testing and deployment on this patch if your organization
uses PowerPoint 2000; otherwise, test and deploy as a part of your
normal patch management cycle.
CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261884-0-0-0-1-2-207
http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261885-0-0-0-1-2-207
You are subscribed to this newsletter as boy.blogger@gmail.com
Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261886-0-0-0-1-2-207.
Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.
To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261888-0-0-0-1-2-207
About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://ct.email.windowsitpro.com/rd/cts?d=33-12162-803-202-62923-1261889-0-0-0-1-2-207
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2008, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment