JPCERT-AT-2008-0010
                                                             JPCERT/CC
                                                            2008-06-11

                  <<< JPCERT/CC Alert 2008-06-11 >>>

                June 2008 Microsoft Security Bulletin
                  (including three critical patches)

             http://www.jpcert.or.jp/at/2008/at080010.txt

I. Overview

  Microsoft has released its security bulletin summary for June 2008,
which contains three security updates with severity rating "Critical".

  A remote attacker could use these vulnerabilities to cause a denial
of service or execute arbitrary code.

    Microsoft Security Bulletin Summary for June 2008
    http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx

  For further information about these vulnerabilities, refer to the
following URLs.

  [Critical Security Update]

    MS08-030
    Vulnerability in Bluetooth Stack Could Allow Remote Code Execution
      (951376)
    http://www.microsoft.com/technet/security/bulletin/ms08-030.mspx

    MS08-031
    Cumulative Security Update for Internet Explorer (950759) 
    http://www.microsoft.com/technet/security/bulletin/MS08-031.mspx

    MS08-033
    Vulnerabilities in DirectX Could Allow Remote Code Execution 
      (951698) 
    http://www.microsoft.com/technet/security/bulletin/MS08-033.mspx


II. Solution

  Use means such as Microsoft Update or Windows Update to apply the
security updates immediately.

    Microsoft Update
    https://www.update.microsoft.com/

    Windows Update
    https://windowsupdate.microsoft.com/


III. References

    Microsoft Security Bulletin Summary for June 2008
    http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx

    Technical Cyber Security Alert TA08-162B
    Microsoft Updates for Multiple Vulnerabilities
    http://www.us-cert.gov/cas/techalerts/TA08-162B.html

    US-CERT Vulnerability Note (search for ms08-jun)
    http://www.kb.cert.org/vuls/byid?searchview&query=ms08-jun

    US-CERT Vulnerability Note VU#216153
    BackWeb Lite Install Runner ActiveX stack buffer overflows
    http://www.kb.cert.org/vuls/id/216153


  If you have any information you could provide regarding this alert,
please contact us.

======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600  FAX: 03-3518-4602
http://www.jpcert.or.jp/