myITforum.com Community Forum myITforum.com Community Forum

Home  Forums  Blogs  Live Support chat  Search Articles  Wiki  FAQ  Email Lists  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

All Forums RSS Feed Subscription:


           



Microsoft Security Patches - May 2008

 
View related threads: (in this forum | in all forums)

Logged in as: Guest
  Printable Version
All Forums >> [Security, AntiVirus, and Patching] >> Breaking Virus & Security News >> Microsoft Security Patches - May 2008 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Microsoft Security Patches - May 2008 - 5/13/2008 2:34:24 PM   
awenlock


Posts: 327
Score: 171
Joined: 3/8/2005
Status: offline 		So it's another "Patch Tuesday", this time covering May's security patches.  Microsoft have released details of the 4 patches, 3 Critical & 1 Moderate, that they have released this month.  They are as follows:

Microsoft Security Bulletin MS08-026

Title: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)

Summary:
This security update resolves several privately reported vulnerabilities in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Rating: Critical
Impact: Remote Code Execution
Affected Software: Word

Link: http://www.microsoft.com/technet/security/bulletin/ms08-026.mspx

-----

Microsoft Security Bulletin MS08-027

Title: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)

Summary:
This security update resolves a privately reported vulnerability in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Rating: Critical
Impact: Remote Code Execution
Affected Software: Publisher   

Link: http://www.microsoft.com/technet/security/bulletin/ms08-027.mspx

-----

Microsoft Security Bulletin MS08-028

Title: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

Summary:
This security update resolves a security vulnerability in the Microsoft Jet Database Engine (Jet) in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Rating: Critical
Impact: Remote Code Execution
Affected Software: Windows

Link: http://www.microsoft.com/technet/security/bulletin/ms08-028.mspx

-----

Microsoft Security Bulletin MS08-029

Title: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

Summary:
This security update resolves two privately reported vulnerabilities in the Microsoft Malware Protection Engine. An attacker could exploit either of the vulnerabilities by constructing a specially crafted file that could allow denial of service when received by the target computer system and scanned by the Microsoft Malware Protection Engine. An attacker who successfully exploited either vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart.

Rating: Moderate
Impact: Denial of Service
Affected Software: Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, Microsoft Forefront Security.

Link: http://www.microsoft.com/technet/security/bulletin/ms08-029.mspx



Links:
ISC: http://isc.sans.org/diary.html?storyid=4411  (Excellent Summary of the patches)
Microsoft: http://www.microsoft.com/technet/security/bulletin/ms08-may.mspx


Happy testing and if you discover any issues post are more than welcome here :)

Regards
Alan
Post #: 1
RE: Microsoft Security Patches - May 2008 - 5/13/2008 5:45:49 PM   
hwaldron


Posts: 3539
Score: 258
Joined: 9/12/2002
From: Roanoke VA, USA
Status: offline 		Thanks Alan for sharing this ... I'm two for two at work as both XP SP3 PCs updated fine (with no reboot, as these were mostly Office related udpates).

_____________________________


Harry Waldron - Security News & Best Practices Blog

(in reply to awenlock)
Post #: 2
Page:   [1]
All Forums >> [Security, AntiVirus, and Patching] >> Breaking Virus & Security News >> Microsoft Security Patches - May 2008 Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.203