Security Bulletin: December 2008 Update
Just in time for Christmas we have 8 new security bulletins being released today. Please see details of these below and make sure to apply these where it makes sense in your environments.
Bulletin Identifier | Bulletin Title | Maximum Severity | Affected Software | Impact | Restart Requirement |
MS08-070 | Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) | Critical |
Microsoft Developer Tools and Software, Microsoft Office | Remote Code Execution | Requires Restart |
MS08-071 | Vulnerabilities in GDI Could Allow Remote Code Execution (956802) | Critical | Microsoft Windows | Remote Code Execution | Requires Restart |
MS08-072 | Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) | Critical | Microsoft Office | Remote Code Execution | May Require Restart |
MS08-073 | Cumulative Security Update for Internet Explorer (958215) | Critical | Microsoft Windows, Internet Explorer | Remote Code Execution | Requires Restart |
MS08-074 | Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) | Critical | Microsoft Office | Remote Code Execution | May Require Restart |
MS08-075 | Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) | Critical | Microsoft Windows | Remote Code Execution | Requires Restart |
MS08-076 | Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) | Important | Microsoft Windows | Remote Code Execution | May Require Restart |
MS08-077 | Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) | Important | Microsoft Office, Microsoft Server Software | Elevation of Privilege | May Require Restart |
Summaries for these new bulletins can be found here. More technical details of each bulletin can be found in the links in the table above.
Microsoft Windows Malicious Software Removal Tool
We are also releasing an updated version of the Windows Malicious Software Removal Tool on Windows Server Update Services, Windows Update and the download centre. This tool will not be distributed using Software Update Services. More details of this tool can be found here.
High-Priority Non-Security Updates
High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU) or Windows Server Update Services (WSUS) will be detailed in this KB Article.
Technorati Tags: Computer Security,Patching,Updates
Jeffa