Security Advisories

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Subject: US-CERT Technical Cyber Security Alert TA08-344A -- Microsoft Updates for Multiple Vulnerabilities
From: CERT Advisory <This email address is being protected from spambots. You need JavaScript enabled to view it.>
Date: Tue, 9 Dec 2008 18:35:56 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA08-344A


Microsoft Updates for Multiple Vulnerabilities

   Original release date: December 09, 2008
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Windows and related components
     * Microsoft Internet Explorer
     * Microsoft Word, Excel and related components
     * Microsoft Office SharePoint Server
     * Microsoft Visual Basic 6


Overview

   Microsoft has released updates that address vulnerabilities in
   Microsoft Windows, Internet Explorer, Word, Excel, SharePoint
   Server, Visual Basic 6 and related components.


I. Description

   As part of the Microsoft Security Bulletin Summary for November
   2008, Microsoft released updates to address vulnerabilities that
   affect Microsoft Windows, Internet Explorer, Word, Excel,
   SharePoint Server, Visual Basic 6 and other related components.


II. Impact

   A remote, unauthenticated attacker could gain elevated privileges,
   execute arbitrary code or cause a vulnerable application to crash.


III. Solution

   Microsoft has provided updates for these vulnerabilities in the
   Microsoft Security Bulletin Summary for December 2008. The security
   bulletin describes any known issues related to the updates.
   Administrators are encouraged to note these issues and test for any
   potentially adverse effects. Administrators should consider using
   an automated update distribution system such as Windows Server
   Update Services (WSUS). 


IV. References

 * Microsoft Security Bulletin Summary for December 2008 -
   <http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx>

 * Microsoft Update -
   <https://www.update.microsoft.com/microsoftupdate/>

 * Windows Server Update Services -
   <http://www.microsoft.com/windowsserversystem/updateservices/
   default.mspx>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA08-344A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <This email address is being protected from spambots. You need JavaScript enabled to view it.> with "TA08-344A Feedback VU#752876" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2008 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
  
  December 09, 2008: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBST7+DXIHljM+H4irAQJNKAf8C8IB6g6MpH+fK+8IrxVnfYkmWr+42Mar
0tCIZ++mz3BumPsqFyRfMoNtCwfetS27A0Ijx7m9f0gCT8ve5uQm7x53W1flUxwj
ZLC4Pp47CK2UCJx4B8VDrbm/LYgZxUelU9sKzRL0EFoR/qUanS6FtJHuX7Wyysbn
1e79m20uSMZCmFs1xrlvsiDmDTelyUjKJ9uAqltVUvutIurJduWi1Dk/5VFflPvE
daEOFg78v9ECJWywFKNXYMSUrsQ3QtewKHC+tRQCQsC9PPBmKr7TEJ/J5aTzO/p6
u8Xyg8NoranbCtMG3tEEvspl5iFsFzHz1hO9vXeUcF4VzHHrJPC7+w==
=3w32
-----END PGP SIGNATURE-----

Powered by:

MHonArc