Hej!

Som ett av de företag som dras med brutet budgetår är tiden före sommarens semestrar extra hektisk hos oss. Planering ska vara avklarad och böcker stängda om bara tre veckor, för då börjar vårt nästa verksamhetsår. Men med god planering och framförhållning fungerar det oftast utan större våndor.

Möjligheten till planering och framförhållning är som bekant även skälen för vår månatliga rutin för säkerhetsuppdateringar. I dag är det dags igen och det ligger sju uppdateringar klara för distribution i kväll. Tre av dem kategoriseras som ”kritiska”, varav två berör Windows och en Windows och Internet Explorer. De återstående fyra berör alla Windows, varav tre kategoriseras som ”viktiga” och en som ”moderat”.

Via Windows Update, Microsoft Update, Windows Server Update Services och Download Center uppdateras samtidigt vårt Microsoft Windows Malicious Software Removal Tool.

Innan man mentalt loggar ut för sin efterlängtade semester kan det finnas skäl att reflektera över vad man skriver i bloggar, mikrobloggar och i sociala nätverk som Facebook och MySpace. För många är det lockande att dela med sig av alla sina semesterupplevelser, eller åtminstone krydda sin närvaroinformation med något mer exotiskt än ”äter lunch inne i stan”.

Vad man ofta glömmer är exakt hur många som faktiskt kan nås av den informationen. För många handlar det om avsevärt fler än dem man själv valt att godkänna som ens vänner. Då är det viktigt att inte ge bort information som kan vara olämplig i fel händer, t ex upplysningar om att mitt hus står tomt i juli då familjen är Grekland. Det är ju som att annonsera på AB Ruffel & Bågs anslagstavla om att det är fritt fram för buset att komma på besök. Webben 2.0 möter säkerhet 1.0.

Slutligen har jag noterat att allt fler uttrycker uppskattning för User Access Control (UAC) i Vista. Kul för oss, men viktigare ändå är att det på sikt kommer att göra mångas datoranvändning avsevärt säkrare. 

Om du har frågor kring månadens säkerhetsuppdateringar eller Microsofts säkerhetsarbete i allmänhet är du välkommen att kontakta mig. Du når mig på michael.anderberg@microsoft.com eller via min blogg http://michaelanderberg.se alternativt på telefon 08 – 752 27 55. Jag kan även rekommendera Microsoft Security Response Center Blog, blogs.technet.com/msrc, för information om aktuellt säkerhetsarbete.

Jag återkommer förvisso i juli, men eftersom det är semestertider passar jag på att redan nu önska dig en riktig skön sommar.

Michael

Bulletin Information

Executive Summaries

The security bulletins for this month are as follows, in order of severity:

Critical (3)

Microsoft Security Bulletin MS08-030

Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)

Executive Summary

This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Maximum Severity Rating

Critical

Impact of Vulnerability

Remote Code Execution

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.

 

Microsoft Security Bulletin MS08-031

Cumulative Security Update for Internet Explorer (950759)

Executive Summary

This security update resolves one privately reported and one publicly disclosed vulnerability. The privately reported vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The publicly disclosed vulnerability could allow information disclosure if a user viewed a specially crafted Web page using Internet Explorer.

Maximum Severity Rating

Critical

Impact of Vulnerability

Remote Code Execution

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.

Affected Software

Microsoft Windows, Internet Explorer. For more information, see the Affected Software and Download Locations section.

 

Microsoft Security Bulletin MS08-033

Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

Executive Summary

This security update resolves two privately reported vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Maximum Severity Rating

Critical

Impact of Vulnerability

Remote Code Execution

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.

Important (3)

Microsoft Security Bulletin MS08-034

Vulnerability in WINS Could Allow Elevation of Privilege (948745)

Executive Summary

This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS) that could allow elevation of privilege. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Maximum Severity Rating

Important

Impact of Vulnerability

Elevation of Privilege

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.

 

Microsoft Security Bulletin MS08-035

Vulnerability in Active Directory Could Allow Denial of Service (953235)

Executive Summary

This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008; Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003; and Active Directory Lightweight Directory Service (AD LDS) when installed on Windows Server 2008. The vulnerability could be exploited to allow an attacker to cause a denial of service condition. On Windows XP Professional, Windows Server 2003, and Windows Server 2008, an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could cause the system to stop responding or automatically restart.

Maximum Severity Rating

Important

Impact of Vulnerability

Denial of Service

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.

 

Microsoft Security Bulletin MS08-036

Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

Executive Summary

This security update resolves two privately reported vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system. An attacker who successfully exploited this vulnerability could cause a user’s system to become non-responsive and to require a restart to restore functionality. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.

Maximum Severity Rating

Important

Impact of Vulnerability

Denial of Service

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.

 

Moderate (1)

Microsoft Security Bulletin MS08-032

Cumulative Security Update of ActiveX Kill Bits (950760)

Executive Summary

This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes a kill bit for software produced by BackWeb.

Maximum Severity Rating

Moderate

Impact of Vulnerability

Remote Code Execution

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.