JPCERT-AT-2008-0021 JPCERT/CC 2008-11-12 <<< JPCERT/CC Alert 2008-11-12 >>> November 2008 Microsoft Security Bulletin (including one critical patch) http://www.jpcert.or.jp/at/2008/at080021.txt I. Overview Microsoft has released its security bulletin summary for November 2008, which contains one security update with severity rating "Critical". A remote attacker could use this vulnerability to cause a denial of service or execute arbitrary code. For further information about this vulnerability, refer to the following URLs. Microsoft Security Bulletin Summary for November 2008 http://www.microsoft.com/technet/security/bulletin/ms08-nov.mspx [Critical Security Update] MS08-069 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) http://www.microsoft.com/technet/security/bulletin/MS08-069.mspx II. Solution Use means such as Microsoft Update or Windows Update to apply the security update immediately. Microsoft Update https://www.update.microsoft.com/ Windows Update https://windowsupdate.microsoft.com/ Office Update http://office.microsoft.com/en-us/officeupdate/default.aspx III. References Microsoft Security Bulletin Summary for November 2008 http://www.microsoft.com/technet/security/bulletin/ms08-nov.mspx Technical Cyber Security Alert TA08-316A Microsoft Updates for Multiple Vulnerabilities http://www.us-cert.gov/cas/techalerts/TA08-316A.html US-CERT Vulnerability Note (search for ms08-nov) http://www.kb.cert.org/vuls/byid?searchview&query=ms08-nov If you have any information you could provide regarding this alert, please contact us. ====================================================================== JPCERT Coordination Center (JPCERT/CC) MAIL: info@jpcert.or.jp TEL: 03-3518-4600 FAX: 03-3518-4602 http://www.jpcert.or.jp/