NICK ADSL UK
February 12th, 2008, 01:57 PM
Microsoft Security Bulletin(s) for February 12 2008
Note: There may be latency issues due to replication, if the page does not display keep refreshing
Today Microsoft released the following Security Bulletin(s).
Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx
Critical (6)
Microsoft Security Bulletin MS08-007
Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)
http://www.microsoft.com/technet/security/bulletin/ms08-007.mspx
Microsoft Security Bulletin MS08-008
Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)
http://www.microsoft.com/technet/security/bulletin/ms08-008.mspx
Microsoft Security Bulletin MS08-009
Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077)
http://www.microsoft.com/technet/security/Bulletin/MS08-009.mspx
Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)
http://www.microsoft.com/technet/security/bulletin/ms08-010.mspx
Microsoft Security Bulletin MS08-012
Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)
http://www.microsoft.com/technet/security/Bulletin/MS08-012.mspx
Microsoft Security Bulletin MS08-013
Vulnerability in Microsoft Office Could Allow Remote Code Execution 947108
http://www.microsoft.com/technet/security/Bulletin/MS08-013.mspx
Important (5)
Microsoft Security Bulletin MS08-003
Vulnerability in Active Directory Could Allow Denial of Service 946538
http://www.microsoft.com/technet/security/bulletin/ms08-003.mspx
Microsoft Security Bulletin MS08-004
Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
http://www.microsoft.com/technet/security/Bulletin/MS08-004.mspx
Microsoft Security Bulletin MS08-005
Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
http://www.microsoft.com/technet/security/bulletin/ms08-005.mspx
Microsoft Security Bulletin MS08-006
Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)
http://www.microsoft.com/technet/security/bulletin/ms08-006.mspx
Microsoft Security Bulletin MS08-011
Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)
http://www.microsoft.com/technet/security/Bulletin/MS08-011.mspx
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.
As always, download the updates only from the vendors website - visit Windows Update (http://www.windowsupdate.com/) and Office Update (http://office.microsoft.com/OfficeUpdate/) or Microsoft Update (http://update.microsoft.com/microsoftupdate) websites. You may also get the updates thru Automatic Updates (http://www.microsoft.com/athome/security/update/bulletins/automaticupdates.mspx) functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA (http://www.microsoft.com/technet/security/tools/mbsahome.mspx).
Note: There may be latency issues due to replication, if the page does not display keep refreshing
Today Microsoft released the following Security Bulletin(s).
Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx
Critical (6)
Microsoft Security Bulletin MS08-007
Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)
http://www.microsoft.com/technet/security/bulletin/ms08-007.mspx
Microsoft Security Bulletin MS08-008
Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)
http://www.microsoft.com/technet/security/bulletin/ms08-008.mspx
Microsoft Security Bulletin MS08-009
Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077)
http://www.microsoft.com/technet/security/Bulletin/MS08-009.mspx
Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)
http://www.microsoft.com/technet/security/bulletin/ms08-010.mspx
Microsoft Security Bulletin MS08-012
Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)
http://www.microsoft.com/technet/security/Bulletin/MS08-012.mspx
Microsoft Security Bulletin MS08-013
Vulnerability in Microsoft Office Could Allow Remote Code Execution 947108
http://www.microsoft.com/technet/security/Bulletin/MS08-013.mspx
Important (5)
Microsoft Security Bulletin MS08-003
Vulnerability in Active Directory Could Allow Denial of Service 946538
http://www.microsoft.com/technet/security/bulletin/ms08-003.mspx
Microsoft Security Bulletin MS08-004
Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
http://www.microsoft.com/technet/security/Bulletin/MS08-004.mspx
Microsoft Security Bulletin MS08-005
Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
http://www.microsoft.com/technet/security/bulletin/ms08-005.mspx
Microsoft Security Bulletin MS08-006
Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)
http://www.microsoft.com/technet/security/bulletin/ms08-006.mspx
Microsoft Security Bulletin MS08-011
Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)
http://www.microsoft.com/technet/security/Bulletin/MS08-011.mspx
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.
As always, download the updates only from the vendors website - visit Windows Update (http://www.windowsupdate.com/) and Office Update (http://office.microsoft.com/OfficeUpdate/) or Microsoft Update (http://update.microsoft.com/microsoftupdate) websites. You may also get the updates thru Automatic Updates (http://www.microsoft.com/athome/security/update/bulletins/automaticupdates.mspx) functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA (http://www.microsoft.com/technet/security/tools/mbsahome.mspx).