Microsoft Security Bulletin(s) for August 12 2008

Microsoft Security Bulletin(s) for August 12 2008

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx


Critical (6 )
Microsoft Security Bulletin MS08-046
Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
http://www.microsoft.com/technet/security/bulletin/MS08-046.mspx

Microsoft Security Bulletin MS08-045
Cumulative Security Update for Internet Explorer (953838
http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx

Microsoft Security Bulletin MS08-041
Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)
http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx

Microsoft Security Bulletin MS08-043
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx

Microsoft Security Bulletin MS08-051
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx

Microsoft Security Bulletin MS08-044
Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
http://www.microsoft.com/technet/security/bulletin/ms08-044.mspx


Important (5)

Microsoft Security Bulletin MS08-047
Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)
http://www.microsoft.com/technet/security/bulletin/MS08-047.mspx

Microsoft Security Bulletin MS08-049
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
http://www.microsoft.com/technet/security/bulletin/ms08-049.mspx

Microsoft Security Bulletin MS08-048
Security Update for Outlook Express and Windows Mail (951066)
http://www.microsoft.com/technet/security/bulletin/ms08-048.mspx

Microsoft Security Bulletin MS08-050
Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
http://www.microsoft.com/technet/security/bulletin/ms08-050.mspx

Microsoft Security Bulletin MS08-042
Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048
http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information About Microsoft August Security Bulletins (Level 200)
Event ID: 1032374631

Language(s): English.
Product(s): Security.
Audience(s): IT Professionals.


Duration: 60 Minutes
Start Date: Wednesday, August 13, 2008 11:00 AM Pacific Time (US & Canada)



Event Overview

On August 12, 2008, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the August security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

Presenters: Bill Sisk, Security Response Communications Manager, Microsoft Corporation and Adrian Stone, Lead Security Program Manager, Microsoft Corporation


Register now for the August security bulletin webcast.

 

Malicious Software Removal Tool
Published: January 11, 2005 | Updated: August 12, 2008

New Additions
We have added detection and cleaning capabilities for the following malicious software:

• Matcash

http://www.microsoft.com/security/portal/Entry.aspx?name=Win32/Matcash

 

Microsoft Security Bulletin Re-Releases - August 12, 2008

********************************************************************
Title: Microsoft Security Bulletin Re-Releases
Issued: August 12, 2008
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS08-022 - Critical
* MS07-047 - Important

Bulletin Information:
=====================

* MS08-022 - Critical

http://www.microsoft.com/technet/security/bulletin/ms08-022.mspx

- Reason for Revision: V2.0 (August 12, 2008 Added known issues
link. Also added an entry to the section, Frequently Asked
Questions (FAQ) Related to this Security Update, about the
known issues and solutions. The solutions include a
deployment change for this security update for one issue and
a workaround for another. Customers who have successfully
updated their systems do not need to reinstall this update.
- Originally posted: April 8, 2008
- Updated: August 12, 2008
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS07-047 - Important

http://www.microsoft.com/technet/security/bulletin/ms07-047.mspx
- Reason for Revision: V2.0 (August 12, 2008 Added Windows XP
Service Pack 3 as affected software. This is a detection
change only; there were no changes to the binaries. Customers
who have successfully updated their systems do not need to
reinstall this update.
- Originally posted: August 14, 2007
- Updated: August 12, 2008
- Bulletin Severity Rating: Important
- Version: 2.0
--

* Microsoft Security Advisory (953839)-
Title: Cumulative Security Update of ActiveX Kill Bits
http://www.microsoft.com/technet/security/advisory/953839.mspx
- Revision Note: Advisory Published

 

Screen shot of these updates which include the updates for Microsoft office 2007

 

August 2008 Security Releases ISO Image
Brief Description
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on August 12th, 2008.

Overview
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on August 12th, 2008. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

Important: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.
http://www.microsoft.com/downloads/...05-f2b2-47ab-8ef3-dbee36e8c60b&DisplayLang=en

 

Microsoft Security Bulletin Re-Releases
Issued: August 20, 2008
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment. Please see the appropriate bulletin for more details.

* MS08-051 - Critical

Bulletin Information:
=====================

* MS08-051 - Critical
http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx


- Reason for Revision: V2.0 (August 20, 2008 Added note to the Affected Software table and entries to the Frequently Asked Questions (FAQ) Related to This Security Update section explaining that Microsoft has posted new update packages, labeled Version 2, for Microsoft Office PowerPoint 2003 Service Pack 2 and Microsoft Office PowerPoint 2003 Service Pack 3 to the Microsoft Download Center. Customers who manually installed Version 1 of this update from Microsoft Download Center need to reinstall Version 2 of this update. Customers who have installed this update using Microsoft Update or Office Update do not need to reinstall. Also removed erroneous mitigations from the vulnerability information sections for Memory Allocation Vulnerability - CVE-2008-0120 and Memory Calculation Vulnerability - CVE-2008-0121.
- Originally posted: August 12, 2008
- Updated: August 20, 2008
- Bulletin Severity Rating: Critical
- Version: 2.0