Severity Rating: Critical - Revision Note: V1.3 (October 1, 2008): Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, to explain what components of the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats are updated by this bulletin. Also corrected two "Bulletins Replaced" links in the Affected Software table for Microsoft Office Compatibility Pack to properly point to MS08-014. This is an informational change only. There were no changes to the security update binaries. Summary: This security update resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V3.3 (October 1, 2008): Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, to explain what components of the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats are updated by this bulletin. This is an informational change only. There were no changes to the security update binaries. Summary: This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Revision Note: V2.1 (September 17, 2008): Bulletin summary updated to change Microsoft Office Project 2002 Service Pack 2 in the Affected Software table to Microsoft Office Project 2002 Service Pack 1. This is a name change only. There were no changes to the binaries or detection.Summary: This bulletin summary lists security bulletins released for September 2008.
Severity Rating: Critical - Revision Note: V2.1 (September 17, 2008): Changed references to Microsoft Office Project 2002 Service Pack 2 as affected software to Microsoft Office Project 2002 Service Pack 1. This is a name change only. There were no changes to the binaries or detection.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V2.0 (September 15, 2008): Added entry to the Frequently Asked Questions (FAQ) Related to This Security Update section to communicate the re-release of the Norwegian language update for Windows Media Player 11 on all supported 32-bit editions of Windows XP. Customers who require the Norwegian language update need to download and install the re-released update. Also removed an erroneous entry from the Non-Affected software table.Summary: This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V2.0 (September 15, 2008): Added entry to the Frequently Asked Questions (FAQ) Related to This Security Update section to communicate the re-release of the Norwegian language update for Windows Media Encoder 9 Series running on Microsoft Windows 2000 Service Pack 4, Windows Media Encoder 9 Series running on Windows XP Service Pack 2 and Windows XP Service Pack 3, and Windows Media Encoder 9 Series running on Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2. Customers who require the Norwegian language updates need to download and install the re-released updates.Summary: This security update resolves a privately reported vulnerability in Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V1.1 (September 10, 2008): Corrected the installation switches and deployment information for OneNote 2007, and added to the list of non-affected software. Also, updated FAQ entries explaining why this update is offered to systems with non-affected software.Summary: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V2.1 (September 10, 2008): Added Microsoft Office Live Meeting 2005 client and Microsoft Office Live Meeting 2007 client to the list of non-affected software.Summary: This security update resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Important - Revision Note: V1.1 (September 10, 2008): Corrected a registry key verification entry for Windows XP.Summary: This update resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Severity Rating: Critical - Revision Note: V1.3 (September 10, 2008): Bulletin updated: Added entry to Update FAQ to clarify why this update is Critical for Project 2000 but only Important for all other affected versions of Project.Summary: This security update resolves a privately reported vulnerability in Microsoft Project that could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V1.2 (September 10, 2008): Bulletin updated to add FAQ entry to clarify why non-vulnerable versions of Microsoft Office can be offered this update.Summary: This critical security update resolves two privately reported vulnerabilities in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V1.2 (September 10, 2008): Bulletin updated: Added entry to Update FAQ to clarify why non-vulnerable versions of Microsoft Office can be offered this update.Summary: This critical security update resolves one privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Important - Revision Note: V2.1 (September 10, 2008): Removed Windows Media Player 9 on Windows XP Service Pack 3 from the Affected Software table. This is a bulletin change only; there were no changes to detection or to the binaries. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This important security update resolves two privately reported vulnerabilities. These vulnerabilities could allow code execution if a user viewed a specially crafted file in Windows Media Player. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V2.1 (September 3, 2008): Corrected security update entries for Windows XP and Windows Server 2003 to include -v2 in the file package names. This is a correction to the package names only, customers who have successfully updated their systems do not need to reinstall this update.Summary: This critical security update resolves a privately reported vulnerability in the VBScript and JScript scripting engines in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Severity Rating: Critical - Revision Note: V2.0 (August 26, 2008): Bulletin revised to include Internet Explorer 7 for Windows XP Service Pack 3.Summary: This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Revision Note: V2.0 (August 20, 2008): Added note to MS08-043 in Affected Software and Download Locations to clarify that this update applies to servers that have Excel Services installed, such as the default configuration of Microsoft Office SharePoint Server 2007 Enterprise and Microsoft Office SharePoint Server 2007 For Internet Sites. Microsoft Office SharePoint Server 2007 Standard does not include Excel Services. Also added note to MS08-051 in Affected Software and Download Locations, that Microsoft has posted new update packages, labeled Version 2, for Microsoft Office PowerPoint 2003 Service Pack 2 and Microsoft Office PowerPoint 2003 Service Pack 3 to the Microsoft Download Center. Customers who manually installed Version 1 of this update from Microsoft Download Center need to reinstall Version 2 of this update. Customers who have installed this update using Microsoft Update or Office Update do not need to reinstall.Summary: This bulletin summary lists security bulletins released for August 2008.
Severity Rating: Critical - Revision Note: V1.1 (August 20, 2008): Corrected a registry key verification entry for Windows XP and added a mitigating factor for CVE-2008-2256.Summary: This security update resolves five privately reported vulnerabilies and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V2.2 (August 20, 2008): Bulletin updated to change Windows Media Format Runtime 9 to a non-affected component for Windows XP Service Pack 3.Summary: This critical security update resolves a privately reported vulnerability in Windows Media File Format. This vulnerability could allow remote code execution if a user viewed a specially crafted file in Windows Media Format Runtime. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Important - Revision Note: V1.1 (August 13, 2008): Corrected log file location, removal information, and registry key verification in the reference tables of this bulletin. Also added an entry to explain why this update is rated Important for supported editions of Windows XP and Windows Vista and rated Low for supported editions of Windows Server 2003 and Windows Server 2008.Summary: This security update resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Important - Revision Note: V1.1 (August 13, 2008): Added Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 to the Non-Affected Software table.Summary: This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network.
Severity Rating: Critical - Revision Note: V1.1 (August 13, 2008): Clarified that the update for Microsoft Office Project 2002 Service Pack 1 is the same as the update for Microsoft Office XP Service Pack 3. Customers who have already successfully installed this update do not have to reinstall.Summary: This security update resolves five privately reported vulnerabilities. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using Microsoft Office. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Revision Note: August 13, 2008: Updated to include links to HP’s AdvisoriesSummary: Microsoft is releasing a new set of ActiveX kill bits with this advisory.
Severity Rating: Important - Revision Note: Bulletin published.Summary: This security update resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user.
Severity Rating: Critical - Revision Note: Bulletin published.Summary: This update resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Important - Revision Note: Bulletin published.Summary: This security update resolves a publicly reported vulnerability in Microsoft Word. This vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: Bulletin published.Summary: This security update resolves a privately reported vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
Severity Rating: Important - Revision Note: V1.6 (August 12, 2008): Added entry to the Frequently Asked Questions (FAQ) Related to This Security Update to communicate a change in the installation code for the security update for SQL Server 2005 Service Pack 2. This is an installation code change only. There were no changes to the security update binaries.Summary: This security update resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of an affected system. An authenticated attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Severity Rating: Critical - Revision Note: V2.1 (August 12, 2008): Added known issues link. Also added an entry to the section, Frequently Asked Questions (FAQ) Related to this Security Update, about the known issues and solutions. The solutions include a change to Microsoft Baseline Security Analyzer (MBSA) 2.1 to correctly detect this update.Summary: This security update resolves two privately reported vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Revision Note: V5.0 (June 24, 2008): Affected Software table updated to add Windows XP Service Pack 3 as an affected platform upon which Windows Media Player 9, Windows Media Player 10, and Windows Media Player 11 run. This is a detection change only. There were no changes to the binaries.Summary: This bulletin summary lists security bulletins released for August 2007.
Revision Note: Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS08-041 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-041. The vulnerability addressed is the Snapshot Viewer Arbitrary File Download Vulnerability - CVE-2008-2463.
Revision Note: August 12, 2008: Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update to communicate that the re-release of the update to fix a known installation issue with Windows Server 2008 systems is now available via Microsoft Update.Summary: Microsoft has completed the investigation into public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954960. Microsoft encourages customers affected by this issue to review and install this update.
Revision Note: Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-042 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-042. The vulnerability addressed is the Word Record Parsing Vulnerability - CVE-2008-2244.
Severity Rating: Important - Revision Note: V2.2 (July 25, 2008): Added three new known issues entries to Frequently Asked Questions (FAQ) Related to This Security Update.Summary: This security update resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.
Revision Note: July 25, 2008: Advisory published.Summary: Microsoft released Microsoft Security Bulletin MS08-037, Vulnerabilities in DNS Could Allow Spoofing (953230), on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted. Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet.
Revision Note: V2.0 (July 16, 2008): Added DirectX 9.0a as affected software for MS08-033.Summary: This bulletin summary lists security bulletins released for June 2008.
Severity Rating: Important - Revision Note: V1.2 (July 16, 2008): Added Microsoft Exchange Server 2000 Service Pack 3 as non-affected software. Also provided links to additional information on Outlook Web Access Light and Outlook Web Access Premium in the Mitigating Factors sections. Finally, updated the applicable software under the “Windows Server Update Services” heading in the section, Detection and Deployment Tools and Guidance.Summary: This security update resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session.
Severity Rating: Critical - Revision Note: V1.3 (July 16, 2008): Removed link to Microsoft Knowledge Base Article 950749 under Known Issues in the Executive Summary.Summary: This security update resolves a security vulnerability in the Microsoft Jet Database Engine (Jet) in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Revision Note: V2.0 (July 16, 2008): Bulletin updated to reflect changes to the affected software of MS07-064 bulletin.Summary: This bulletin summary lists security bulletins released for December 2007.
Severity Rating: Critical - Revision Note: V3.0 (July 16, 2008): Bulletin updated to reflect that the update for DirectX 9.0 also applies to DirectX 9.0a.Summary: This critical security update resolves two privately reported vulnerabilities in Microsoft DirectX. These vulnerabilities could allow code execution if a user opened a specially crafted file used for streaming media in DirectX. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Important - Revision Note: Bulletin published.Summary: This security update resolves a publicly reported vulnerability in Windows Explorer that could allow remote code execution when a specially crafted saved-search file is opened and saved. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Revision Note: July 2, 2008: Updated the Suggested Actions.Summary: Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.
Revision Note: June 25, 2008: Removed erroneous references to form field and cookie value testing from the HP Scrawlr tool description.Summary: Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine.
Severity Rating: Critical - Revision Note: V4.0 (June 24, 2008): Bulletin updated: Added Windows XP Service Pack 3, Windows Vista Service Pack 1, Windows Vista x64 Edition Service Pack 1, Windows Server 2008 for 32-bit Systems, Windows Server 2008 for x64-based Systems, and Windows Server 2008 for Itanium-based Systems as affected software. This is a detection update only. There were no changes to the binaries.Summary: This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Severity Rating: Critical - Revision Note: V2.0 (June 18, 2008): Added "Why was this security update reoffered on June 18, 2008?" entry to the Update FAQ to advise customers running Windows XP Service Pack 2 and Windows XP Service Pack 3 that a revised version of the security update is available.Summary: This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Severity Rating: Critical - Revision Note: V6.0 (June 18, 2008): Bulletin updated to remove Microsoft Windows XP Service Pack 3 from the Affected Software list for Microsoft Windows Media Player 6.4 and to add Microsoft Windows Media Player 6.4 when installed on Microsoft Windows XP Service Pack 3 to the Non-Affected Software list.Summary: This update resolves two newly discovered vulnerabilities. These vulnerabilities are documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
Revision Note: June 17, 2008: Advisory updated to reflect availability of fix.Summary: Microsoft has completed the investigation into public reports of a non-security issue that affects environments with all supported versions of System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474. Microsoft encourages customers affected by this issue to review and install this update.
