Microsoft Security Bulletin(s) for April 8 2008

Discussion in 'other security issues & news' started by NICK ADSL UK, Apr 8, 2008.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for April 8 2008

    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:

    http://www.microsoft.com/technet/security/bulletin/ms08-apr.mspx

    Critical (5)

    Microsoft Security Bulletin MS08-018
    Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
    http://www.microsoft.com/technet/security/Bulletin/MS08-018.mspx

    Microsoft Security Bulletin MS08-021
    Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
    http://www.microsoft.com/technet/security/bulletin/ms08-021.mspx


    Microsoft Security Bulletin MS08-022
    Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution 944338
    http://www.microsoft.com/technet/security/Bulletin/ms08-022.mspx

    Microsoft Security Bulletin MS08-023
    Security Update of ActiveX Kill Bits (948881)
    http://www.microsoft.com/technet/security/bulletin/ms08-023.mspx

    Microsoft Security Bulletin MS08-024
    Cumulative Security Update for Internet Explorer (947864)
    http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

    Important (3)

    Microsoft Security Bulletin MS08-020
    Vulnerability in DNS Client Could Allow Spoofing (945553)
    http://www.microsoft.com/technet/security/bulletin/ms08-020.mspx

    Microsoft Security Bulletin MS08-025
    Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
    http://www.microsoft.com/technet/security/bulletin/ms08-025.mspx

    Microsoft Security Bulletin MS08-019
    Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
    http://www.microsoft.com/technet/security/Bulletin/MS08-019.mspx


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About Microsoft April Security Bulletins (Level 200)
    Event ID: 1032357219


    Language(s): English.
    Product(s): Security.
    Audience(s): IT Professionals.

    Duration: 60 Minutes
    Start Date: Wednesday, April 09, 2008 11:00 AM Pacific Time (US & Canada)

    Event Overview

    On April 8, 2008, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the April security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

    Presenters: Tim Rains, Security Response Communications Lead, Microsoft Corporation, and Adrian Stone, Lead Security Program Manager, Microsoft Corporation


    Register now for the April security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Malicious Software Removal Tool
    Published: January 11, 2005 | Updated: April 8, 2008


    Brief Description
    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

    New Additions
    We have added detection and cleaning capabilities for the following malicious software:

    • Virtumonde
    http://go.microsoft.com/fwlink/?linkid=37020&name=Win32/Virtumonde

    • Vundo
    http://go.microsoft.com/fwlink/?linkid=37020&name=Win32/Vundo

    • Newacc

    http://go.microsoft.com/fwlink/?linkid=37020&name=Win32/Newacc



    http://www.microsoft.com/security/malwareremove/default.mspx
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    April 2008 Security Releases ISO Image
    Brief Description
    This DVD5 ISO image file contains the security updates for Windows released on Windows Update on April 8th, 2008.
    Overview
    This DVD5 ISO image file contains the security updates for Windows released on Windows Update on April 8th, 2008. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

    Important: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

    http://www.microsoft.com/downloads/...21-007f-4ee5-a440-d9caf613ae2a&DisplayLang=en
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions

    Issued: April 9, 2008


    Summary

    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.


    Bulletin Information:

    * MS08-025 - Important

    - http://www.microsoft.com/technet/security/bulletin/ms08-025.mspx
    - Reason for Revision: V1.1 April 9, 2008 Bulletin updated to
    clarify the Known Issues section of the FAQ.
    - Originally posted: April 8, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Important
    - Version: 1.1

    * MS08-022 - Critical


    - http://www.microsoft.com/technet/security/bulletin/ms08-022.mspx
    - Reason for Revision: V1.1 April 9, 2008 Bulletin updated.
    Combined JScript with VBScript in the Vulnerability Severity
    rating table.
    - Originally posted: April 8, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS08-021 - Critical


    - http://www.microsoft.com/technet/security/bulletin/ms08-021.mspx
    - Reason for Revision: V1.1 April 9, 2008 Bulletin updated to
    add a Known Issues link to Microsoft Knowledge Base Article
    948590, to add a Known Issues section to the FAQ, to update
    the uninstall registry path, and to update the Acknowledgments.
    - Originally posted: April 8, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS08-020 - Important

    - http://www.microsoft.com/technet/security/bulletin/ms08-020.mspx
    - Reason for Revision: V1.1 April 9, 2008 Bulletin updated to
    add Windows Vista x64 Edition to the list of affected
    software in the Executive Summary.
    - Originally posted: April 8, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Important
    - Version: 1.1

    * MS08-019 - Important

    - http://www.microsoft.com/technet/security/bulletin/ms08-019.mspx
    - Reason for Revision: V1.1 April 9, 2008 Known Issues updated.
    - Originally posted: April 8, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Important
    - Version: 1.1

    * MS08-018 - Critical

    - http://www.microsoft.com/technet/security/bulletin/ms08-018.mspx
    - Reason for Revision: V1.1 April 9, 2008 Bulletin updated to
    add Microsoft Project 2003 Service Pack 3 to the Non-Affected
    Software table, to add a link to Microsoft Knowledge Base
    Article 950183 in Known Issues, and to add a section for
    Microsoft Project 2003 Service Pack 3 to the FAQ.
    - Originally posted: April 8, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS08-015 - Critical

    - http://www.microsoft.com/technet/security/bulletin/ms08-015.mspx
    - Reason for Revision: V1.3 April 9, 2008 Bulletin updated.
    Added link to Microsoft Knowledge Base Article 949031 in
    Known Issues.
    - Originally posted: March 11, 2008
    - Updated: April 9, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.3
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions
    Issued: April 16, 2008

    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    Bulletin Information:

    =====================

    * MS08-024 - Critical

    - Reason for Revision: V1.1 (April 16, 2008 Corrected the
    uninstall utility path for Windows XP (all editions).
    - Originally posted: April 8, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.1
    http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

    * MS08-023 - Critical

    - Reason for Revision: V1.1 (April 16, 2008 Corrected the
    uninstall utility path for Windows XP (all editions).
    - Originally posted: April 8, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.1
    http://www.microsoft.com/technet/security/bulletin/ms08-023.mspx

    * MS08-019 - Important

    - Reason for Revision: V1.3 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2,
    and clarified affected software.
    - Originally posted: April 8, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Important
    - Version: 1.3
    http://www.microsoft.com/technet/security/bulletin/ms08-019.mspx

    * MS08-018 - Critical

    - Reason for Revision: V1.2 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2,
    and Microsoft Baseline Security Analyzer and Systems
    Management Server tables updated to match the Affected
    Software table.
    - Originally posted: April 8, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.2
    http://www.microsoft.com/technet/security/bulletin/ms08-018.mspx

    * MS08-015 - Critical


    - Reason for Revision: V1.4 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2.
    - Originally posted: March 11, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.4
    http://www.microsoft.com/technet/security/bulletin/ms08-015.mspx

    * MS08-014 - Critical

    - Reason for Revision: V3.1 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2.
    - Originally posted: March 11, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 3.1
    http://www.microsoft.com/technet/security/bulletin/ms08-014.mspx

    * MS08-013 - Critical

    - Reason for Revision: V1.3 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2.
    - Originally posted: February 12, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.3
    http://www.microsoft.com/technet/security/bulletin/ms08-013.mspx

    * MS08-011 - Important

    - Reason for Revision: V1.1 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2.
    - Originally posted: February 12, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Important
    - Version: 1.1

    http://www.microsoft.com/technet/security/bulletin/ms08-011.mspx


    * MS08-010 - Critical

    - Reason for Revision: V1.3 (April 16, 2008 Corrected the
    uninstall utility path for Internet Explorer 6 for Windows XP.
    - Originally posted: February 12, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.3

    http://www.microsoft.com/technet/security/bulletin/ms08-010.mspx

    * MS08-009 - Critical

    - Reason for Revision: V1.1 (April 16, 2008 Bulletin updated:
    Added entry to Update FAQ to describe additional security
    features included for Microsoft Office 2003 Service Pack 2.
    - Originally posted: February 12, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 1.1
    http://www.microsoft.com/technet/security/bulletin/ms08-009.mspx
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Re-Releases - April 16, 2008

    Microsoft Security Bulletin Re-Releases
    Issued: April 16, 2008


    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    Bulletin Information:
    =====================

    * MS08-016 - Critical


    - Reason for Revision: V2.0 (April 16, 2008 Bulletin updated.
    Added Microsoft Office Word Viewer 2003 and Microsoft Office
    Word Viewer 2003 Service Pack 3 as affected software.
    - Originally posted: March 11, 2008
    - Updated: April 16, 2008
    - Bulletin Severity Rating: Critical
    - Version: 2.0
    http://www.microsoft.com/technet/security/bulletin/ms08-016.mspx
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Title: Microsoft Security Advisory Notification
    Issued: April 17, 2008

    ********************************************************************

    Security Advisories Updated or Released Today ==============================================

    * Microsoft Security Advisory (951306)
    - Title: Vulnerability in Windows Could Allow
    Elevation of Privilege
    - http://www.microsoft.com/technet/security/advisory/951306.mspx
    - Revision Note: Advisory published.
     
  9. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions
    Issued: April 18, 2008

    Summary
    =======


    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.


    Bulletin Information:
    =====================

    * MS08-019 - Important


    - http://www.microsoft.com/technet/security/bulletin/ms08-019.mspx
    - Reason for Revision: V1.4 (April 17, 2008 Updated FAQ entry
    about known issue relating to a Visio 2007 detection problem.
    - Originally posted: April 8, 2008
    - Updated: April 18, 2008
    - Bulletin Severity Rating: Important
    - Version: 1.4
     
  10. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Revisions - April 22, 2008

    Microsoft Security Bulletin Revisions
    Issued: April 22, 2008


    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    * MS08-024 - Critical
    * MS07-040 - Critical

    Bulletin Information:
    =====================

    * MS08-024 - Critical
    http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

    - Reason for Revision: V2.0 (April 22, 2008 Added Internet
    Explorer 7 for Windows XP Service Pack 3 and Internet
    Explorer 7 for Windows XP x64 Edition Service Pack 3 to
    affected software.
    - Originally posted: April 8, 2008
    - Updated: April 22, 2008

    - Bulletin Severity Rating: Critical
    - Version: 2.0

    * MS07-040 - Critical
    - http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx

    - Reason for Revision: V3.0 (April 22, 2008 Bulletin updated:
    Added .NET Framework 1.0 (KB928367), .NET Framework 1.1
    (KB928366), and .NET Framework Version 2.0 (KB928365) as
    affected components for Windows XP Service Pack 3 and Windows
    XP Professional x64 Edition Service Pack 3. This is a
    detection update only. There were no changes to the binaries.
    - Originally posted: July 10, 2007
    - Updated: April 22, 2008

    - Bulletin Severity Rating: Critical
    - Version: 3.0
     
Loading...
Thread Status:
Not open for further replies.