Old MS Alerts

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../MS08-jun.mspx
June 10, 2008 - "This bulletin summary lists security bulletins released for June 2008...

Critical (3)

Microsoft Security Bulletin MS08-030
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
- http://www.microsoft.com/technet/sec.../ms08-030.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...

Microsoft Security Bulletin MS08-031
Cumulative Security Update for Internet Explorer (950759)
- http://www.microsoft.com/technet/sec.../ms08-031.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows, Internet Explorer...

Microsoft Security Bulletin MS08-033
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
- http://www.microsoft.com/technet/sec.../ms08-033.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...

Important (3)

Microsoft Security Bulletin MS08-034
Vulnerability in WINS Could Allow Elevation of Privilege (948745)
- http://www.microsoft.com/technet/sec.../ms08-034.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege...
Affected Software: Microsoft Windows...

Microsoft Security Bulletin MS08-035
Vulnerability in Active Directory Could Allow Denial of Service (953235)
- http://www.microsoft.com/technet/sec.../ms08-035.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Microsoft Windows...

Microsoft Security Bulletin MS08-036
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
- http://www.microsoft.com/technet/sec.../ms08-036.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Microsoft Windows...

Moderate (1)

Microsoft Security Bulletin MS08-032
Cumulative Security Update of ActiveX Kill Bits (950760)
- http://www.microsoft.com/technet/sec.../ms08-032.mspx
Maximum Severity Rating: Moderate
Impact of Vulnerability: Remote Code Execution...
Affected Software: Microsoft Windows...


• New, Revised, and Released Updates for Microsoft Products Other Than Microsoft Windows.
- http://technet.microsoft.com/en-us/wsus/bb466214.aspx

-------

ISC Analysis
- http://isc.sans.org/diary.html?storyid=4552
Last Updated: 2008-06-10 18:09:18 UTC

MS08-031 - MSIE - Details on attacking CVE-2008-1544 are publicly available

MS08-032 - ActiveX Kill Bits - Publicly discussed

------
Geez...

- http://www.microsoft.com/technet/sec.../ms08-jun.mspx
Revisions
• V1.0 (June 10, 2008): Bulletin summary published.
• V1.1 (June 11, 2008): Corrected the Affected Software table for Windows XP, to clarify the entries for Windows XP Service Pack 2 and Windows XP Service Pack 3 for MS08-030, MS08-031, MS08-032, MS08-033, and MS08-036.

[patflgn]

Windows XP SP3 is crashing BiPAC 5200 series modem/routers. The problem lies with the routers, however, and there is a patch available.

It does not appear that these routers are sold in the US, though.

http://www.billion.com/notice-200805.html

[AplusWebMaster]

FYI...

Microsoft Security Advisory (954474)
System Center Configuration Manager 2007 Blocked from Deploying Security Updates
- http://www.microsoft.com/technet/sec...ry/954474.mspx
June 13, 2008 - "Microsoft is investigating public reports of a non-security issue that affects environments with System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft is aware of reports from customers who are experiencing this issue. Upon completion of the investigation, Microsoft will take the appropriate action to resolve the problem within System Center Configuration Manager 2007.
Mitigating Factors:
• This issue impacts customers using System Center Configuration Manager 2007 servers to deploy updates to SMS 2003 clients..."

[AplusWebMaster]

FYI...

Microsoft Security Advisory (954474)
System Center Configuration Manager 2007 Blocked from Deploying Security Updates
- http://www.microsoft.com/technet/sec...ry/954474.mspx
Updated: June 17, 2008 - "... Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474*. Microsoft encourages customers affected by this issue to review and install this update..."
* http://support.microsoft.com/kb/954474
Last Review: June 17, 2008
Revision: 2.1

[AplusWebMaster]

FYI...

MS08-030 - new patch, for XPSP2 & XPSP3
- http://isc.sans.org/diary.html?storyid=4600
Last Updated: 2008-06-20 01:20:41 UTC - "Microsoft issued a new patch, for XPSP2 & XPSP3, for MS08-030*: Vulnerability in Bluetooth stack could allow remote code execution. "Customers who are running Windows XP Service Pack 2 and Windows XP Service Pack 3 should download and deploy this new security update. Customers running Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 and all supported versions of Windows Vista who have already applied these original security updates do not need to take any further action"... The Technet Security Vulnerability Research & Defense blog** on the vulnerability was "MS08-030: All bark and no bite? The case of the Bluetooth update".
Related update- KB KB951376 Security Update for Windows XP:
http://support.microsoft.com/kb/951376/en-us ..."
Last Review: June 19, 2008
Revision: 2.0

* http://www.microsoft.com/technet/sec.../ms08-030.mspx
Revisions:
• V1.0 (June 10, 2008): Bulletin published.
• V2.0 (June 19, 2008): Added "Why was this security update reoffered on June 19, 2008?" entry to the Update FAQ to advise customers running Windows XP Service Pack 2 and Windows XP Service Pack 3 that a revised version of the security update is available.
"...Customers who are running Windows XP Service Pack 2 and Windows XP Service Pack 3 should download and deploy this new security update..."

** http://preview.tinyurl.com/67t4uw
(blogs.technet.com)

[AplusWebMaster]

FYI...

- http://preview.tinyurl.com/4nhmfr
June 20, 2008 (blogs.technet.com) - "...After its first -day- in MSRT, Taterf components had been removed from over 700,000 machines! For comparison, Win32/Nuwar (aka ‘Storm worm’) was removed from less than half that in its first month... So how does one avoid being infected? Running an up-to-date anti-virus solution is a good start. Running an up-to-date, patched browser is another necessity – many of the Win32/Frethog trojans are installed via browser exploits (there have been instances in the past of links to malicious sites being posted to popular gaming forums – so be wary!). Enabling Automatic Updates helps a whole bunch too. Disabling the Explorer ‘autoplay’ feature is useful in helping to avoid these problems..."

(Charts of disinfections/country available at the URL above.)

[AplusWebMaster]

FYI...

Microsoft Security Advisory (954462)
Rise in SQL Injection Attacks Exploiting Unverified User Data Input
- http://www.microsoft.com/technet/sec...ry/954462.mspx
June 24, 2008 - "Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine.
Mitigating Factors:
This vulnerability is not exploitable in Web applications that follow generally accepted best practices for secure Web application development by verifying user data input...
(See) Suggested Actions..."
• Detection – HP Scrawlr - http://preview.tinyurl.com/4qkk6g ...
• Defense – UrlScan - http://learn.iis.net/page.aspx/473/using-urlscan
• Identifying - Source Code Analyzer for SQL Injection - http://support.microsoft.com/kb/954476
• Additional Info...

Microsoft SQL Injection Prevention Strategy
- http://isc.sans.org/diary.html?storyid=4621
Last Updated: 2008-06-24 22:17:41 UTC - "...Microsoft recommends three approaches to help mitigate SQL Injection.
• Runtime scanning...
• URLScan...
• Code Scanning..."

- http://atlas.arbor.net/briefs/index#361782669
June 25, 2008 - "Microsoft today released security tools to help customers deal with SQL Injection Attacks. UrlScan, Microsoft Source Code Analyzer for SQL Injection and Scrawlr can be used by customers to check for SQL Injection issues in their applications.
Analysis: The release of these tools comes in a time when SQL injection is increasingly exploited. UrlScan is used to restrict HTTP requests that IIS will process."
* http://preview.tinyurl.com/5t2sbh
(blogs.technet.com)

[AplusWebMaster]

FYI...

A reliability and performance update is available for Windows Vista SP1-based computers
- http://support.microsoft.com/kb/952709
Last Review: June 24, 2008
Revision: 1.0
"...This update includes the following improvements on a Windows Vista SP1-based computer:
• This update improves the stability of Windows Vista SP1-based computers by addressing some crashes that may occur when you try to check e-mail by using a POP3 e-mail client such as Windows Mail or Mozilla Thunderbird. The crashes may occur on a Windows Vista SP1-based computer in the following scenario:
• Incoming POP3 and outgoing SMTP traffic monitoring is enabled.
• Both a third-party antivirus application and an antispyware application are installed, such as the following applications:
• ZoneAlarm Internet Security Suite by Check Point Software Technologies Ltd.
• SpySweeper by Webroot Software, Inc.
• This update improves the reliability of the Windows Vista SP1 based-computers by addressing some problems that occur when you delete user accounts by using the User Accounts item in Control Panel. When this problem occurs, the system may stop responding (hang).
• This update improves the reliability of Windows Vista SP1-based computers that experience issues in which large applications cannot run after the computer is turned on for extended periods of time. For example, when you try to start Excel 2007 after the computer is turned on for extended periods of time, a user may receive an error message that resembles the following:
EXCEL.EXE is not a valid Win32 application
• This update improves the reliability of Windows Vista SP1-based computers by reducing the number of crashes that may be caused by the Apple QuickTime thumbnail preview in Windows Live Photo Gallery.
• This update improves the performance of Windows Vista SP1-based computers by reducing audio and video (AV) stuttering. Such AV stuttering may occur when the audio or video component is streaming high definition content from a Windows Vista SP1-based computer that has a NVIDIA network adapter nForce driver version 67.5.4.0 that is installed to a Windows Media Center Extender device..."

[AplusWebMaster]

FYI...

Device Manager may not show any devices and Network Connections may not show any network connections after you install Windows XP Service Pack 3 (SP3)
- http://support.microsoft.com/?kbid=953979
Last Review: June 25, 2008
Revision: -4.2-
SYMPTOMS:
After you install Windows XP Service Pack 3 (SP3), Device Manager may not show any devices and Network Connections may not show any network connections.
This problem may occur when an antivirus application is running during the installation of Windows XP SP3.
CAUSE
This problem occurs when the Fixccs.exe process is called during the Windows XP SP3 installation. This process creates some intermediate registry subkeys, and it later deletes these subkeys. In some cases, some antivirus applications may not let the Fixccs.exe process delete these intermediate registry subkeys.
When this problem occurs, certain applications, such as Device Manager and Network Connections, may be unable to enumerate the device or the connection instances. These applications will report a blank status even though devices and connections still function as expected.
RESOLUTION
Hotfix information:
The following file is available for download from the Microsoft Download Center:
Download the Update for Windows XP (KB953979) package now:
- http://preview.tinyurl.com/3jgjap
File Name: WindowsXP-KB953979-x86-ENU.exe
Download Size: 64 KB...
Prerequisites:
To use this hotfix, you must have Windows XP Service Pack 3 installed on the computer...
Restart requirement:
To apply this hotfix, you must restart the computer in Safe Mode..."

Steps to take -before- you install Windows XP Service Pack 3
- http://support.microsoft.com/kb/950717/
Last Review: May 21, 2008 - Revision: 3.0 - "...Important
• If the configuration of your antivirus software prevents certain system files from being changed, the Windows XP SP3 installation may fail. Try temporarily disabling your antivirus software. To do this, right-click your antivirus program icon, and then click Disable. This icon typically appears in the lower right corner of the computer screen.
• If you disable your antivirus software before you install Windows XP SP3, make sure that you know the risks that are involved, and make sure that you enable the antivirus software after Windows XP SP3 is installed..."

[AplusWebMaster]

FYI...

Microsoft Security Advisory (954960)
Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates
- http://www.microsoft.com/technet/sec...ry/954960.mspx
June 30, 2008 - "Microsoft is investigating public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft is aware of reports from customers who are experiencing this issue. Upon completing the investigation, Microsoft will take appropriate action to resolve the issue within Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1.

Note: The issue affecting System Center Configuration Manager 2007 first described in Microsoft Security Advisory 954474, where System Center Configuration Manager 2007 systems were blocked from deploying security updates, is separate from the issue described in this advisory.
Mitigating Factors:
• This issue is limited to customers who deploy updates through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1, and have Microsoft Office 2003 installed in their environments..."

- http://preview.tinyurl.com/6xdp79
June 30, 2008 (MSRC blog)