JPCERT-AT-2008-0015
JPCERT/CC
2008-08-13
<<< JPCERT/CC Alert 2008-08-13 >>>
August 2008 Microsoft Security Bulletin
(including six critical patches)
http://www.jpcert.or.jp/at/2008/at080015.txt
I. Overview
Microsoft has released its security bulletin summary for August
2008, which contains six security updates with severity rating
"Critical".
A remote attacker could use these vulnerabilities to cause a denial
of service or execute arbitrary code.
For further information about these vulnerabilities, refer to the
following URLs.
Microsoft Security Bulletin Summary for August 2008
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
reported in the Microsoft Security Advisory (955179) in July 2008 was
solved in MS08-041.
Microsoft Security Advisory (955179)
http://www.microsoft.com/technet/security/advisory/955179.mspx
[Critical Security Update]
MS08-041
Vulnerability in the ActiveX Control for the Snapshot Viewer for
Microsoft Access Could Allow Remote Code Execution (955617)
http://www.microsoft.com/technet/security/bulletin/MS08-041.mspx
MS08-043
Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution (954066)
http://www.microsoft.com/technet/security/bulletin/MS08-043.mspx
MS08-044
Vulnerabilities in Microsoft Office Filters Could Allow Remote
Code Execution (924090)
http://www.microsoft.com/technet/security/bulletin/MS08-044.mspx
MS08-045
Cumulative Security Update for Internet Explorer (953838)
http://www.microsoft.com/technet/security/bulletin/MS08-045.mspx
MS08-046
Vulnerability in Microsoft Windows Image Color Management System
Could Allow Remote Code Execution (952954)
http://www.microsoft.com/technet/security/bulletin/MS08-046.mspx
MS08-051
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code
Execution (949785)
http://www.microsoft.com/technet/security/bulletin/MS08-051.mspx
II. Solution
Use means such as Microsoft Update or Windows Update to apply the
security updates immediately.
Microsoft Update
https://www.update.microsoft.com/
Windows Update
https://windowsupdate.microsoft.com/
Office Update
http://office.microsoft.com/en-us/officeupdate/default.aspx
III. References
Microsoft Security Bulletin Summary for August 2008
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx
Technical Cyber Security Alert TA08-225A
Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA08-225A.html
US-CERT Vulnerability Note (search for ms08-aug)
http://www.kb.cert.org/vuls/byid?searchview&query=ms08-aug
US-CERT Vulnerability Note VU#309739
Microsoft Color Management System (MSCMS) module remote code
execution
http://www.kb.cert.org/vuls/id/309739
US-CERT Vulnerability Note VU#837785
Microsoft Office Snapshot Viewer ActiveX control race condition
http://www.kb.cert.org/vuls/id/837785
If you have any information you could provide regarding this alert,
please contact us.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600 FAX: 03-3518-4602
http://www.jpcert.or.jp/
Top