Old MS Alerts

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../MS08-feb.mspx
Published: February 7, 2008 - "This is an advance notification of -twelve- security bulletins that Microsoft is intending to release on February 12, 2008...

> Critical (7)

Bulletin Identifier: Microsoft Security Bulletin 5
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows...

Bulletin Identifier: Microsoft Security Bulletin 6
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, Office, Visual Basic...

Bulletin Identifier: Microsoft Security Bulletin 7
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, VBScript, JScript...

Bulletin Identifier: Microsoft Security Bulletin 8
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, Internet Explorer...

Bulletin Identifier: Microsoft Security Bulletin 10
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office...

Bulletin Identifier: Microsoft Security Bulletin 11
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office...

Bulletin Identifier: Microsoft Security Bulletin 12
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office...


> Important (5)

Bulletin Identifier: Microsoft Security Bulletin 1
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service
Affected Software: Windows, Active Directory, ADAM...

Bulletin Identifier: Microsoft Security Bulletin 2
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Windows...

Bulletin Identifier: Microsoft Security Bulletin 3
Maximum Severity Rating:Important
Impact of Vulnerability: Elevation of Privilege...
Affected Software: Windows, IIS...

Bulletin Identifier: Microsoft Security Bulletin 4
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, IIS...

Bulletin Identifier: Microsoft Security Bulletin 9
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office, Works, Works Suite...

------------------------------

Microsoft Windows Malicious Software Removal Tool
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Non-Security, High-Priority Updates on MU, WU, and WSUS
For this month:
• Microsoft is planning to release -seven- non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
• Microsoft is planning to release -two- non-security, high-priority updates for Windows on Windows Update (WU) and WSUS.

Note that this information pertains only to non-security, high-priority updates on Microsoft Update, Windows Update, and Windows Server Update Services released on the same day as the security bulletin summary. Information is not provided about non-security updates released on other days..."

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../ms08-feb.mspx
February 12, 2008

"This bulletin summary lists security bulletins released for February 2008...

> Critical (6)

Microsoft Security Bulletin MS08-007
Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)
- http://www.microsoft.com/technet/sec.../ms08-007.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows...

Microsoft Security Bulletin MS08-008
Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)
- http://www.microsoft.com/technet/sec.../ms08-008.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, Office, Visual Basic...

Microsoft Security Bulletin MS08-009
Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077)
- http://www.microsoft.com/technet/sec.../ms08-009.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office...

Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)
- http://www.microsoft.com/technet/sec.../ms08-010.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, Internet Explorer...

Microsoft Security Bulletin MS08-012
Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)
- http://www.microsoft.com/technet/sec.../ms08-012.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office...

Microsoft Security Bulletin MS08-013
Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108)
- http://www.microsoft.com/technet/sec.../ms08-013.mspx
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office...


> Important (5)

Microsoft Security Bulletin MS08-003
Vulnerability in Active Directory Could Allow Denial of Service (946538)
- http://www.microsoft.com/technet/sec.../ms08-003.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Windows, Active Directory, ADAM...

Microsoft Security Bulletin MS08-004
Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
- http://www.microsoft.com/technet/sec.../ms08-004.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Denial of Service...
Affected Software: Windows...

Microsoft Security Bulletin MS08-005
Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
- http://www.microsoft.com/technet/sec.../ms08-005.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege...
Affected Software: Windows, IIS...

Microsoft Security Bulletin MS08-006
Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)
- http://www.microsoft.com/technet/sec.../ms08-006.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, IIS...

Microsoft Security Bulletin MS08-011
Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)
- http://www.microsoft.com/technet/sec.../ms08-011.mspx
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Affected Software: Office, Works, Works Suite..."
----------------------

ISC Analysis
- http://isc.sans.org/diary.html?storyid=3973
Last Updated: 2008-02-12 19:23:49 UTC

.

[AplusWebMaster]

FYI...

- http://isc.sans.org/diary.html?storyid=3973
Last Updated: 2008-02-13 18:25:13 UTC ...(Version: 3)
"...
MS08-007... WebDAV - Exploit instructions public... Critical
Vulnerability in WebDAV Mini-Redirector allows Remote Code Execution

MS08-010... IE - Exploit publicly available... PATCH NOW
Cumulative Security Update for Internet Explorer

MS08-011... Works - Exploit publicly available... Critical
Multiple vulnerabilities in Microsoft Works File Converter allow Remote Code Execution ..."

> http://forums.spybot.info/showpost.p...9&postcount=33

[AplusWebMaster]

FYI...

- http://isc.sans.org/diary.html?storyid=3973
Last Updated: 2008-02-15 01:51:27 UTC ...(Version: 4)

MS08-006 - IIS - Detailed discussion and DoS exploit made public - Important
Vulnerability in IIS Handling of HTML-encoded ASP Web Pages allows Remote Code Execution

> http://forums.spybot.info/showpost.p...9&postcount=33

[AplusWebMaster]

FYI...

- http://isc.sans.org/diary.html?storyid=3998
Last Updated: 2008-02-19 21:13:32 UTC - "We received information in regards to Microsoft Vista getting into a reboot loop after running the Windows Update..."

(Details at the URL above.)

[AplusWebMaster]

FYI...

Vista SP1 pre-req "temporarily suspended"
- http://preview.tinyurl.com/yqvvoa
February 19, 2008 (Windows Vista blog) - "We've heard a few reports about problems customers may be experiencing as a result of KB937287*, the servicing stack update I blogged about last week, and I wanted to provide a quick update for you. Immediately after receiving reports of this error, we made the decision to temporarily suspend automatic distribution of the update to avoid further customer impact while we investigate possible causes... Customers who may be experiencing this issue can use system restore to correct it or contact 1-866-PC-Safety for help troubleshooting..."
* http://support.microsoft.com/kb/937287

[AplusWebMaster]

FYI...

Dual-booting XP deletes Vista restore points
- http://windowssecrets.com/comp/080221#known0
2008-02-21 - "... booting to XP on a dual-boot system has the negative side-effect of deleting any Vista restore points, in addition to all but its latest backup file, and a Registry workaround* is required to prevent this..."
* http://support.microsoft.com/kb/926185

[AplusWebMaster]

FYI...

Vista SP1 Blocks AV Programs
- http://www.informationweek.com/share...leID=206801120
Feb. 21, 2008 - "A major update to Microsoft's Windows Vista operating system could leave computers vulnerable to hackers and malware as the service pack prevents several widely used antivirus programs from operating, the company said. The list of security products that Windows Vista Service Pack 1 blocks includes Zone Alarm Security Suite 7.1, Trend Micro Internet Security 2008, and BitDefender 10. It also blocks the 2008 version of the Jiangmin antivirus product. Microsoft said the blocks occur because the antivirus programs are not compatible with Vista SP1. "For reliability reasons, Microsoft blocks these programs from starting after you install Windows Vista SP1," the company said in a statement posted Wednesday on its support Web site*..."
* http://support.microsoft.com/kb/935796
Last Review: February 22, 2008
Revision: 3.0

[AplusWebMaster]

FYI...

- http://preview.tinyurl.com/yqvvoa
February 19, 2008 (Windows Vista blog) - "We've heard a few reports about problems customers may be experiencing as a result of KB937287*..."
* http://support.microsoft.com/kb/937287

The update is not installed successfully, you receive a message, and the computer restarts when you try to install an update in Windows Vista
> http://support.microsoft.com/kb/949358/en-us
Last Review: February 22, 2008
Revision: 1.0
"...To avoid this problem, install update 937287 separately from all other updates. Install the update that applies to your version of Windows Vista to enable future updates to be installed successfully..."

[AplusWebMaster]

- http://blog.washingtonpost.com/secur...cebook_my.html
February 23, 2008 - "If you use Internet Explorer (versions 6 or 7) to browse the Web, listen up: Criminals are starting to exploit security holes in several widely installed IE plug-ins to plant invasive software when users are coerced or tricked into visiting one of several Web sites. In an alert posted Friday evening, security software vendor Symantec said it is seeing malicious Web sites popping up trying to exploit vulnerabilities in a set of ActiveX controls produced by Aurigma, a technology company whose image transfer browser plug-in is licensed and distributed by a number of major Web sites to help IE users upload pictures. Currently, Facebook.com and MySpace.com are among the biggest distributors of this ActiveX plug-in, but they are hardly the only ones... The malicious Web sites identified by Symantec actually redirects visitors to a fake MySpace.com login page in an attempt to steal MySpace credentials, all while trying the various plug-in exploits quietly in the background... The sites all download a series of executable programs, including some that Symantec said appear to be placeholders for whatever nasties the bad guys want to stuff in there later. The company said it is still in the process of analyzing the programs to see what they do, but it's doubtful they will turn out to be harmless... If you haven't checked out the free, easy-to-use fixit tool* released by incident handlers at the SANS Internet Storm Center, please do so now. The simple, graphical program sets a marker in the Windows registry so that if the vulnerable ActiveX components are installed, then the operating system will not let anyone or anything make use or activate those components... If you ever want to -undo- any part of what (the tool does), run the tool again and uncheck the relevant boxes and hit "set."
* http://isc.sans.org/diary.html?storyid=3931
Last Updated: 2008-02-05 19:48:41 UTC ...(Version: 3)
(Direct link for tool - http://handlers.sans.org/tliston/KillBitGui-Feb08.exe )