Microsoft Security Bulletin(s) for January 2008

Discussion in 'other security issues & news' started by NICK ADSL UK, Jan 8, 2008.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for January 2008

    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:

    http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx

    Critical (1)

    Microsoft Security Bulletin MS08-001
    Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)

    http://go.microsoft.com/fwlink/?LinkId=104919

    Important (1)

    Microsoft Security Bulletin MS08-002
    Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)
    http://go.microsoft.com/fwlink/?LinkID=104921

    Non-Security, High-Priority Updates on MU, WU, and WSUS
    For this month:


    • Microsoft has released five non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

    • Microsoft has released two non-security, high-priority updates for Windows on Windows Update (WU) and WSUS.


    Note that this information pertains only to non-security, high-priority updates on Microsoft Update, Windows Update, and Windows Server Update Services released on the same day as the security bulletin summary. Information is not provided about non-security updates released on other days.

    This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About Microsoft January Security Bulletins (Level 200)
    Event ID: 1032357213


    Language(s): English.
    Product(s): Security.
    Audience(s): IT Professionals.

    Duration: 60 Minutes
    Start Date: Wednesday, January 09, 2008 11:00 AM Pacific Time (US & Canada)


    Event Overview

    On January 8, 2008, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the January security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

    Presenters: Tim Rains, Security Response Communications Lead, Microsoft Corporation, and Adrian Stone, Lead Security Program Manager, Microsoft Corporation

    Register now for the January security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    January 2008 Security Releases ISO Image
    Brief Description
    This DVD5 ISO image file contains the security updates for Windows released on Windows Update on January 8th, 2008.

    Overview
    This DVD5 ISO image file contains the security updates for Windows released on Windows Update on January 8th, 2008. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

    Important: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

    http://www.microsoft.com/downloads/...11-213f-461a-ac68-090a353cece2&DisplayLang=en
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    "********************************************************************
    Title: Microsoft Security Bulletin Re-Releases
    Issued: January 9, 2008
    ********************************************************************
    Microsoft Security Bulletin MS07-042 - Critical
    Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
    Published: August 14, 2007 | Updated: January 9, 2008

    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    * MS07-042 - Critical

    Bulletin Information:
    =====================

    * MS07-042 - Critical
    http://www.microsoft.com/technet/security/bulletin/ms07-042.mspx

    Reason for Revision: Bulletin updated: Added Microsoft Word
    Viewer 2003 as an affected product. Also added an Update FAQ
    clarifying the kill bit for Microsoft XML Parser 2.6 and its
    applicability to this security update.
    - Originally posted: August 14, 2007
    - Updated: January 9, 2008
    - Bulletin Severity Rating: Critical
    - Version: 3.0
     
Loading...
Thread Status:
Not open for further replies.