The official corporate security response blog
@MSFTSecResponse
How to Report a Vulnerability to the MSRC
Hi,
During this month’s webcast we were able to address 15 questions in the time allotted. There were several questions regarding ActiveX for the Cumulative IE Update (MS08-045), the Access Snapshot Viewer (MS08-041), Outlook Express Messenger (MS08-050) and the ActiveX Kill bits Security Advisory. We also fielded several questions around various deployment tools used for updating and we addressed some questions about the IPSec Update (MS08-047).
Here is the link to the full Q&A so you can see all of the answers that were provided for these great questions:
http://blogs.technet.com/msrc/pages/monthly-security-bulletin-webcast-q-a-august-2008.aspx
Also, here is the link to the Q&A index page in case you want to view previous months:
http://blogs.technet.com/msrc/pages/microsoft-security-bulletin-webcast-q-a-index-page.aspx
As always, customers experiencing issues installing any of the updates this month should contact our Customer Service and Support group:
Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.
Thanks!
Al Brown
*This posting is provided "AS IS" with no warranties, and confers no rights.*
Hello again! This is Tami Gallupe (MSRC Release Manager) and I want to let you know that we just posted our August 2008 Bulletins. This month we released 11 bulletins, one new advisory and revised an existing advisory. We also revised four bulletins to update detection changes. Here is a brief overview of the bulletins and other content we released today.
You may notice that we removed one of the bulletins that we had mentioned in the “Advanced Notification Service” that we released last week. We did this prior to today’s bulletin release because of a last minute quality issue. Microsoft has heard from customers that the quality of updates is very important and, as part of the process at the Microsoft Security Response Center (MSRC), Microsoft tests these updates continuously until they are ready for distribution to customers through our regularly scheduled security bulletin release.
Bulletins:
· MS08-041 – Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) – Critical
· MS08-042 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048) – Important
· MS08-043 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066) – Critical
· MS08-044 – Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090) – Critical
· MS08-045 – Cumulative Security Update for Internet Explorer (953838) – Critical
· MS08-046 – Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) – Critical
· MS08-047 – Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733) – Important
· MS08-048 – Security Update for Outlook Express and Windows Mail (951066) – Important
· MS08-049 – Vulnerabilities in Event System Could Allow Remote Code Execution (950974) – Important
· MS08-050 – Vulnerability in Windows Messenger Could Allow Information Disclosure (955702) – Important
· MS08-051 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) – Critical
We also revised the following bulletins to update detection changes
· MS08-022 – major revision, added XP SP3 detection
· MS08-033 – major revision, added XP SP3 detection
· MS07-047 – major revision, update detection
· MS08-040 – minor revision, update detection
Advisories:
· Release Advisory 955179
· Revised Advisory 954960
You can also read about this month’s Security Vulnerability Research & Defense blog at http://blogs.technet.com/swi/.
And finally, I also want to highlight my favorite event of the release: the webcast that starts tomorrow (Wednesday, August 13th) at 11:00 AM PST. To me this is a wonderful event that gives us a chance to hear from you, to take your questions and answer them live, on the air. Click here to register for TechNet Webcast: Information About Microsoft August Security Bulletins. We look forward to hearing from you tomorrow.
Cheers!
Tami
Hello,
This is Christopher Budd.
While some of us are down at Black Hat this week, meeting with customers and researchers and announcing exciting new programs, today is also the Thursday before the second Tuesday in August. That means we’ve just posted this month’s Advance Notification for next week’s bulletin release, which will occur on Tuesday, August 12, 2008 around 10 a.m. Pacific Standard Time.
I did want to remind you that this information is intended to help with your planning for testing and deployment for next week’s release. It is preliminary information and it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Seven Microsoft Security Bulletins with maximum severity of Critical, and five with maximum severity of Important. These updates may require a restart and will be detectable using the newly released version of the Microsoft Baseline Security Analyzer.
As we do each month, we’ll be releasing an updated version of the Microsoft Windows Malicious Software Removal Tool.
And finally, we are planning to release high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS). You can get additional information, in the “Other Information” section of the Advanced Notification.
Also, please do register for next week’s TechNet Monthly Security Bulletin webcast. This month’s will be on Wednesday August 13, 2008 at 11 AM Pacific time. We’ll be reviewing the bulletins during the call and then taking your questions live on the air and providing answers to them from our panel of subject matter experts.
You can register for the webcast here:
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032374631&EventCategory=4&culture=en-US&CountryCode=US
Remember that if you can’t join us for the live webcast, you can view it on-demand at the same URL. And, if you didn’t see it, Jerry Bryant announced last week that we’ll also be posting the text of the questions and answers from each month’s webcast. You can see a full listing of the posted questions and answers on this page.
Thanks,
Christopher Budd
Hey Andrew Cushman here…
It’s August in Vegas and you know what that means—Black Hat. Microsoft has quite a contingent here through its MSRC Operations and Ecosystem Strategy teams. We are here because Black Hat is one of the premier events in the security industry, it provides a wealth of information and insight into the pulse of the security landscape, and is a fantastic opportunity for face-to-face communication with the researchers, vendors, ISVs, CERTs and companies we work with throughout the year.
Additionally, there’s something more going on this year. The online threat landscape continues to evolve, attacks are more sophisticated than ever, the issues are more complex, and the security industry is challenged to keep pace with innovative solutions. It’s becoming ever more apparent – no company can tackle this issue of security alone. Collaboration across borders, and across segments, is imperative to help improve the broader security ecosystem.
For years we’ve seen this on a more micro level through gatherings like Black Hat, but now the need exists to shift this approach to a more macro level. Consider the efforts behind the multi-vendor release around the current DNS issue and the recent formation of the Industry Consortium for Advancement of Internet Security (ICASI) as validation for such a community-based shift.
Looking back over our history with Black Hat, our involvement has evolved from listening to and learning from researchers, to engaging with them, and finally to today where we’re excited to share our lessons learned and guidance to help mobilize the greater community in an effort to protect our mutual customers.
I’m excited to introduce you to several announcements Microsoft is making here at the show in areas like collaboration and information sharing that will truly help fuel this Community-Based Defense approach. Be sure to visit our new Ecosystem Strategy blog throughout the week for more details and news.
Stay tuned, there’s lots more to come.
Andrew