Jeff Alexander's Weblog

Technical Evangelist - Windows Infrastructure

Security Bulletin: December 2008 Update

Security Bulletin: December 2008 Update

  • Comments 1
  • Likes

security bulletin
Just in time for Christmas we have 8 new security bulletins being released today.  Please see details of these below and make sure to apply these where it makes sense in your environments.

Bulletin Identifier Bulletin Title Maximum Severity Affected Software Impact Restart Requirement
MS08-070 Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Critical

Microsoft Developer Tools and Software, Microsoft Office Remote Code Execution Requires Restart
MS08-071 Vulnerabilities in GDI Could Allow Remote Code Execution (956802) Critical Microsoft Windows Remote Code Execution Requires Restart
MS08-072 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) Critical Microsoft Office Remote Code Execution May Require Restart
MS08-073 Cumulative Security Update for Internet Explorer (958215) Critical Microsoft Windows, Internet Explorer Remote Code Execution Requires Restart
MS08-074 Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) Critical Microsoft Office Remote Code Execution May Require Restart
MS08-075 Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) Critical Microsoft Windows Remote Code Execution Requires Restart
MS08-076 Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) Important Microsoft Windows Remote Code Execution May Require Restart
MS08-077 Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) Important Microsoft Office, Microsoft Server Software Elevation of Privilege May Require Restart

Summaries for these new bulletins can be found here.  More technical details of each bulletin can be found in the links in the table above.


Microsoft Windows Malicious Software Removal Tool

We are also releasing an updated version of the Windows Malicious Software Removal Tool on Windows Server Update Services, Windows Update and the download centre.  This tool will not be distributed using Software Update Services.  More details of this tool can be found here.

High-Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU) or Windows Server Update Services (WSUS) will be detailed in this KB Article.

Jeffa

Comments
  • Will Vista SP2 build 16497 be affected? Thanks~

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment