Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Microsoft Security Bulletin Summary for March 2008
Posted by Philipp Esselbach on: 03/11/2008 11:06 PM [ Print | 0 comment(s) ]
Microsoft published the Security Bulletin Summary for March 2008
This bulletin summary lists security bulletins released for March 2008.
With the release of the bulletins for March 2008, this bulletin summary replaces the bulletin advance notification originally issued March 6, 2008. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.
For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.
Microsoft is hosting a webcast to address customer questions on these bulletins on March 12, 2008, at 11:00 AM Pacific Time (US Canada). Register now for the March Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.
Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.
The security bulletins for this month are as follows, in order of severity:
Bulletin Identifier: Microsoft Security Bulletin MS08-014
Bulletin Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)
Executive Summary: This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will not require a restart.
Affected Software: Microsoft Office. For more information, see the Affected Software and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin MS08-015
Bulletin Title: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031)
Executive Summary: This security update resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will not require a restart.
Affected Software: Microsoft Office. For more information, see the Affected Software and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin MS08-016
Bulletin Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)
Executive Summary: This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will not require a restart.
Affected Software: Microsoft Office. For more information, see the Affected Software and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin MS08-017
Bulletin Title: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
Executive Summary: This critical update resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software: Microsoft Office Web Components. For more information, see the Affected Software and Download Locations section.
With the release of the bulletins for March 2008, this bulletin summary replaces the bulletin advance notification originally issued March 6, 2008. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.
For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.
Microsoft is hosting a webcast to address customer questions on these bulletins on March 12, 2008, at 11:00 AM Pacific Time (US Canada). Register now for the March Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.
Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.
The security bulletins for this month are as follows, in order of severity:
Bulletin Identifier: Microsoft Security Bulletin MS08-014
Bulletin Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)
Executive Summary: This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will not require a restart.
Affected Software: Microsoft Office. For more information, see the Affected Software and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin MS08-015
Bulletin Title: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031)
Executive Summary: This security update resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will not require a restart.
Affected Software: Microsoft Office. For more information, see the Affected Software and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin MS08-016
Bulletin Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)
Executive Summary: This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will not require a restart.
Affected Software: Microsoft Office. For more information, see the Affected Software and Download Locations section.
Bulletin Identifier: Microsoft Security Bulletin MS08-017
Bulletin Title: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
Executive Summary: This critical update resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software: Microsoft Office Web Components. For more information, see the Affected Software and Download Locations section.
Microsoft Security Bulletin Summary for March 2008
Related Threads
07/16/2010 11:12 AM: Microsoft Windows Network - invalid (deleted ) domain (0) by LuRs52
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
10/06/2009 10:44 AM: Microsoft windows network install (7) by danleff
11/16/2008 11:21 PM: Microsoft Xbox 360 Wireless Receiver for Windows (1) by Steiner
06/30/2008 12:27 AM: Microsoft Sidewinder FF Wheel (0) by DenMac70
07/09/2008 10:58 AM: New bigger hard drive - will Microsoft object? (4) by EASEUS Data Recovery
01/06/2008 01:00 PM: Microsoft.NET (4) by Cormac
07/26/2007 09:40 AM: Microsoft SideWinder Precision Wheel Sensitivity (1) by danleff
05/26/2007 05:28 PM: microsoft sidewinder ff wheel shaking non stop (0) by x-c33d
10/11/2009 04:16 AM: Microsoft Windows Network Lost (2) (2) by wlidster
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
10/06/2009 10:44 AM: Microsoft windows network install (7) by danleff
11/16/2008 11:21 PM: Microsoft Xbox 360 Wireless Receiver for Windows (1) by Steiner
06/30/2008 12:27 AM: Microsoft Sidewinder FF Wheel (0) by DenMac70
07/09/2008 10:58 AM: New bigger hard drive - will Microsoft object? (4) by EASEUS Data Recovery
01/06/2008 01:00 PM: Microsoft.NET (4) by Cormac
07/26/2007 09:40 AM: Microsoft SideWinder Precision Wheel Sensitivity (1) by danleff
05/26/2007 05:28 PM: microsoft sidewinder ff wheel shaking non stop (0) by x-c33d
10/11/2009 04:16 AM: Microsoft Windows Network Lost (2) (2) by wlidster