Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Microsoft Security Bulletin Summary for September 2008
Posted by Philipp Esselbach on: 09/10/2008 02:00 PM [ Print | 0 comment(s) ]
Microsoft published the Microsoft Security Bulletin Summary for September 2008:
1) Bulletin Identifier
Microsoft Security Bulletin MS08-054
Bulletin Title
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
Executive Summary
This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update does not require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software and Download Locations section.
2) Bulletin Identifier
Microsoft Security Bulletin MS08-052
Bulletin Title
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
Executive Summary
This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Visual Studio. For more information, see the Affected Software and Download Locations section.
3) Bulletin Identifier
Microsoft Security Bulletin MS08-053
Bulletin Title
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
Executive Summary
This security update resolves a privately reported vulnerability in Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software and Download Locations section.
4) Bulletin Identifier
Microsoft Security Bulletin MS08-055
Bulletin Title
Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
Executive Summary
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. Mostly, the update does not require a restart.
Affected Software
Microsoft Office. For more information, see the Affected Software and Download Locations section.
Microsoft Security Bulletin MS08-054
Bulletin Title
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
Executive Summary
This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update does not require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software and Download Locations section.
2) Bulletin Identifier
Microsoft Security Bulletin MS08-052
Bulletin Title
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
Executive Summary
This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Visual Studio. For more information, see the Affected Software and Download Locations section.
3) Bulletin Identifier
Microsoft Security Bulletin MS08-053
Bulletin Title
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
Executive Summary
This security update resolves a privately reported vulnerability in Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software and Download Locations section.
4) Bulletin Identifier
Microsoft Security Bulletin MS08-055
Bulletin Title
Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
Executive Summary
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. Mostly, the update does not require a restart.
Affected Software
Microsoft Office. For more information, see the Affected Software and Download Locations section.
Related Threads
07/16/2010 11:12 AM: Microsoft Windows Network - invalid (deleted ) domain (0) by LuRs52
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
10/06/2009 10:44 AM: Microsoft windows network install (7) by danleff
11/16/2008 11:21 PM: Microsoft Xbox 360 Wireless Receiver for Windows (1) by Steiner
06/30/2008 12:27 AM: Microsoft Sidewinder FF Wheel (0) by DenMac70
07/09/2008 10:58 AM: New bigger hard drive - will Microsoft object? (4) by EASEUS Data Recovery
01/06/2008 01:00 PM: Microsoft.NET (4) by Cormac
07/26/2007 09:40 AM: Microsoft SideWinder Precision Wheel Sensitivity (1) by danleff
05/26/2007 05:28 PM: microsoft sidewinder ff wheel shaking non stop (0) by x-c33d
10/11/2009 04:16 AM: Microsoft Windows Network Lost (2) (2) by wlidster
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
10/06/2009 10:44 AM: Microsoft windows network install (7) by danleff
11/16/2008 11:21 PM: Microsoft Xbox 360 Wireless Receiver for Windows (1) by Steiner
06/30/2008 12:27 AM: Microsoft Sidewinder FF Wheel (0) by DenMac70
07/09/2008 10:58 AM: New bigger hard drive - will Microsoft object? (4) by EASEUS Data Recovery
01/06/2008 01:00 PM: Microsoft.NET (4) by Cormac
07/26/2007 09:40 AM: Microsoft SideWinder Precision Wheel Sensitivity (1) by danleff
05/26/2007 05:28 PM: microsoft sidewinder ff wheel shaking non stop (0) by x-c33d
10/11/2009 04:16 AM: Microsoft Windows Network Lost (2) (2) by wlidster