News

Wednesday, September 10, 2008

Security UPDATE Alert: 4 Microsoft Security Bulletins for September 2008

WIN_SECURITY UPDATE_
A Penton Media Property
September 10, 2008


If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447658-0-0-0-1-2-207

----------------------------------------
ADVERTISEMENT
Windows IT Pro

Speed Deployment of Vista and Microsoft Office - Lower Costs and
Increase Efficiency

If you already have Citrix products as your established environment, you
may want to take a closer look at why combining Citrix XenApp, with
Microsoft Windows Vista and Microsoft Office 2007 when deploying makes
good sense. This document looks at the most important aspects both from
an organizational and from a technical perspective in order to make sure
that a strategic decision for the latest Citrix and Microsoft products
will lead to a great solution for end-users.

http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447659-0-0-0-1-2-207
----------------------------------------

ALERT

--Security UPDATE Alert: 4 Microsoft Security Bulletins for September
2008
by Orin Thomas, MVP Windows Security
Microsoft released four security updates for September, rating all of
them as critical. If unpatched, these vulnerabilities leave applicable
software open to the execution of remote code. Patching critical
vulnerabilities in a timely manner is important; exploits have appeared
within a week of the release of an update. Here's a brief description of
each update; for more information, go to

http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447660-0-0-0-1-2-207
(http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447661-0-0-0-1-2-207)

MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution

Applies to: Internet Explorer (IE) 6.0 and .NET Framework on Windows
Server 2008, Windows Vista, Windows Server 2003, Windows 2000; Office
2007, 2003, XP; GDR and QFE update for SQL Server 2005 SP2

Update Size: Between 2MB and 15MB, depending on installed software

This vulnerability can be leveraged to allow the execution of remote
code. As a part of an overall system infiltration strategy, the
execution of remote code can lead to the attacker gaining complete
control of the target computer. This vulnerability is exploited by a
user visiting a specially created website or viewing a specially
modified image file. The update addresses the vulnerability by changing
how GDI+ handles the display of malformed images. This bulletin replaces
previous bulletin MS07-050 for IE 6.0 SP1 on Win2K SP4.

Recommendation: Microsoft rates this update as critical. Given the wide
software footprint of this vulnerability and the ability of attackers to
compromise third-party websites to make them platforms for hosting files
containing this type of exploit, you should test and deploy this update
as a part of your organization's accelerated patch management routine.

MS08-053: Vulnerability in Windows Media Encoder 9 Could Allow Remote
Code Execution

Applies to: Windows Media Encoder 9 Series on Windows Server 2008,
Windows Vista, Windows Server 2003, Windows XP, Windows 2000

Update Size: Approximately 1MB for x86, 2MB for x64

This buffer overrun vulnerability in the WMEX.DLL ActiveX control can be
leveraged to allow the execution of remote code. As a part of an overall
system infiltration strategy, the execution of remote code can lead to
the attacker gaining complete control of the target computer. This
vulnerability is exploited by a user visiting a website that hosts
specifically crafted media files. The update addresses the vulnerability
by changing the way that the controls in Windows Media Encoder interact
with Internet Explorer (IE). This bulletin replaces no previous security
bulletins.

Recommendation: Microsoft rates this update as critical. Given the wide
software footprint of this vulnerability and the ability of attackers to
compromise third-party websites to make them platforms for hosting files
containing this type of exploit, you should test and deploy this update
as a part of your organization's accelerated patch management routine.

MS08-054: Vulnerability in Windows Media Player Could Allow Remote Code
Execution

Applies to: Windows Media Player 11 on Windows Server 2008, Windows
Vista, Windows XP

Update size: 0.5MB

This vulnerability can be leveraged to allow the execution of remote
code. As a part of an overall system infiltration strategy, the
execution of remote code can lead to the attacker gaining complete
control of the target computer. This vulnerability is exploited by a
user streaming a specially crafted audio file from a Windows Media
server. The update addresses the vulnerability by changing the way that
Windows Media Player 11 plays audio files streamed from a server-side
playlist. This bulletin replaces no previous security bulletins.

Recommendation: Microsoft rates this update as critical. Unlike some
other vulnerabilities patched with this set of updates, this
vulnerability cannot be directly leveraged through a specially crafted
web page. Although you should deploy this update as soon as possible,
you should prioritize the deployment of updates related to bulletins
MS08-052 and MS08-053.

MS08-055: Vulnerability in Microsoft Office Could Allow Remote Code
Execution

Applies to: Office 2007, 2003, XP; One Note 2007

Update size: 10MB to 18MB, depending on installed software

This vulnerability can be leveraged to allow the execution of remote
code. As a part of an overall system infiltration strategy, the
execution of remote code can lead to the attacker gaining complete
control of the target computer. This vulnerability is exploited by a
user opening a specially created One Note URL. The update addresses the
vulnerability by modifying the way that Office validates URLs. This
bulletin replaces security bulletins MS08-016 and MS07-025.

Recommendation: Microsoft rates this update as critical. Although you
should deploy this update as soon as possible, you should prioritize the
deployment of updates related to bulletins MS08-052 and MS08-053.


CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447662-0-0-0-1-2-207
http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447663-0-0-0-1-2-207

You are subscribed to this newsletter as boy.blogger@gmail.com

Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447664-0-0-0-1-2-207.

To unsubscribe:
http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447665-0-0-0-1-2-207&list_id=803&email=boy.blogger@gmail.com&message_id=13755

Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.

To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447666-0-0-0-1-2-207
About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at
http://ct.email.windowsitpro.com/rd/cts?d=33-13755-803-202-62923-1447667-0-0-0-1-2-207

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2008, Penton Media, Inc. All rights reserved.

No comments:

Blog Archive