|
|
Microsoft fixes 28 flaws; 6 are critical - TechAmok
Microsoft fixes 28 flaws; 6 are critical - [security]
05:57 PM EST - Dec,09 2008 - post a comment Microsoft on Tuesday released its
December 2008 security bulletin. The
"critical" bulletins affect Windows GDI, Word, Excel, Internet Explorer and
Windows Search. The "important" updates affect SharePoint and Windows Media
Components.
MS08-070: Critical
- Titled "Vulnerabilities in Visual Basic 6.0 Runtime Extended Files
(ActiveX Controls) Could Allow Remote Code Execution (932349)", this bulletin
affects the Microsoft Visual Basic 6.0 Runtime Extended Files; all supported
editions of Microsoft Visual Studio .Net 2002, Microsoft Visual Studio .Net
2003, Microsoft Visual FoxPro 8.0, Microsoft Visual FoxPro 9.0, Microsoft Office
Project 2003, and Microsoft Office Project 2007.
MS08-071: Critical
- Titled "Vulnerabilities in GDI
Could Allow Remote Code Execution (956802)",
this bulletin is rated critical for all
supported editions of Microsoft Windows 2000,
Windows XP, Windows Server 2003, Windows Vista,
and Windows Server 2008. Microsoft says "exploitation
of either of these vulnerabilities could allow
remote code execution if a user opens a
specially crafted WMF image file. An attacker
who successfully exploited these vulnerabilities
could take complete control of an affected
system. An attacker could then install programs;
view, change, or delete data; or create new
accounts with full user rights.
MS08-072: Critical
- Titled "Vulnerabilities in
Microsoft Office Word Could Allow Remote Code
Execution (957173)," this bulletin is rated
critical for supported editions of Microsoft
Office Word 2000 and Microsoft Office Outlook
2007. For supported editions of Microsoft Office
Word 2002, Microsoft Office Word 2003, Microsoft
Office Word 2007, Microsoft Office Compatibility
Pack, Microsoft Office Word Viewer 2003,
Microsoft Works 8, Microsoft Office 2004 for
Mac, Microsoft Office 2008 for Mac, and Open XML
File Format Converter for Mac, this security
update is rated important. Microsoft says this bulletin
resolves "eight privately reported
vulnerabilities in Microsoft Office Word and
Microsoft Office Outlook that could allow remote
code execution if a user opens a specially
crafted Word or Rich Text Format (RTF) file. An
attacker who successfully exploited these
vulnerabilities could take complete control of
an affected system. An attacker could then
install programs; view, change, or delete data;
or create new accounts with full user rights."
MS08-073: Critical
- Titled "Cumulative Security Update
for Internet Explorer (958215)", this bulletin
is rated critical for Internet Explorer 5.01 and
Internet Explorer 6 Service Pack 1, running on
Microsoft Windows 2000; Internet Explorer 6
running on Windows XP; and Internet Explorer 7.
For Internet Explorer 6 running on Windows
Server 2003, this security update is rated
"moderate."
Microsoft says the vulnerabilities could allow
remote code execution if a user views a
specially crafted Web page using Internet
Explorer.
MS08-074: Critical
- Titled "Vulnerabilities in
Microsoft Office Excel Could Allow Remote Code
Execution (959070)." This bulletin is rated
critical for all supported editions of Microsoft
Office Excel 2000. For all supported editions of
Microsoft Office Excel 2002, Microsoft Office
Excel 2003, Microsoft Office Excel Viewer 2003,
Microsoft Office Excel 2007, Microsoft Office
Compatibility Pack, Microsoft Office Excel
Viewer, Microsoft Office 2004 for Mac, Microsoft
Office 2008 for Mac, and Open XML File Format
Converter for Mac, this security update is rated
important. For Internet Explorer 6 running on
Windows Server 2003, this security update is
rated moderate. Microsoft says
if a user opens a specially crafted Excel file
an attacker could exploit these vulnerabilities
and take complete control of an affected system.
MS08-075: Critical
- Titled "Vulnerabilities in Windows
Search Could Allow Remote Code Execution
(959349)" This bulletin is rated critical for
all supported editions of Windows Vista and
Windows Server 2008. Microsoft says that "these
vulnerabilities could allow remote code
execution if a user opens and saves a specially
crafted saved-search file within Windows
Explorer or if a user clicks a specially crafted
search URL. An attacker who successfully
exploited these vulnerabilities could take
complete control of an affected system."
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Jul,04 2025 RTX 5070 Ti vs RTX 5080 - Is 5080 Gaming Laptop Worth More $$$? Jul,04 2025 FIRST DRIVE: Praga Bohema - Crazy Hypercar Driven! Jul,03 2025 Ballerina - Exclusive John Wick Deleted Scene (2025) Keanu Reeves, Jul,03 2025 Call of Duty: WWII - Remote Code Execution Warning (PC Game Pass) Jul,02 2025 1014HP Lamborghini REVUELTO 369KMH TOP SPEED POV on AUTOBAHN Jul,01 2025 Nvidia Drivers (V 576.80 vs V 576.88) - Test In 12 Games - RTX 4060 Jun,30 2025 AMD Adrenalin 25.6.3 Driver Is Available Jun,30 2025 NVIDIA GeForce RTX 5080 SUPER Could Feature 24 GB Memory, Increased Jun,29 2025 Guess What Nvidia Did THIS Time Jun,28 2025 The 10 Best Dinosaur Movies of All Time Jun,28 2025 Microsoft officially confirms that Windows 11 version 25H2 is coming Jun,26 2025 Eddington - Official Trailer 2 (2025) Joaquin Phoenix, Pedro Pascal Jun,25 2025 Microsoft Say System Restore Points Now Expire After 60 Days Jun,25 2025 Facebook, Netflix, and Microsoft Websites Hijacked to Insert Fake Jun,24 2025 I put a $3000 GPU in my Average PC... It Was a Mistake Jun,24 2025 Best External SSD for Mac 2025: After Weeks of Testing, Here's What Jun,23 2025 Mostly boob jokes this week (RTX 5090 DD) - Tech News June 22 Jun,21 2025 Superman - Official 30 Second Spot (2025) Jun,21 2025 'The fastest road car I've ever been in!' - Ferrari F80 track day Jun,20 2025 CPU SCAM: AMD Ryzen 9800X3D Counterfeits & Fraud Jun,19 2025 28 Years Later Review Jun,18 2025 HW News - NVIDIA "N1x" CPU Leak, ASUS Xbox ROG Ally, More Intel Jun,17 2025 NVIDIA GeForce 576.80 WHQL Driver Jun,16 2025 The Fantastic Four: First Steps - Official 'H.E.R.B.I.E.' Teaser Jun,15 2025 Huawei Maextro S800 First Look - A True BMW & Mercedes Killer? Jun,14 2025 Upgrade Windows 10 to Windows 10 LTSC Without Losing Data Jun,14 2025 Squid Game: Season 3 - Final Games Trailer Jun,11 2025 WWDC 2025: Everything Revealed in 9 Minutes Jun,10 2025 Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws Jun,10 2025 This Malware BREAKS WINDOWS! Jun,10 2025 Reset Forgotten Password without Any Software, without USB drive in Jun,08 2025 Microsoft Will Block Unsupported Hardware For Windows 11 Jun,08 2025 Memory Wars! Apple vs Ryzen - Is Unified Memory Faster than Shared Jun,06 2025 Predator: Killer of Killers - Exclusive Clip (2025) Jun,06 2025 Enable Deep Effect on Samsung One Ui 7 Jun,05 2025 Google Kills Off PayPal in Google Wallet Jun,05 2025 Samsung's Next Flagship Foldable Will be Ultra Jun,05 2025 Over 40 Malicious Chrome Extensions Mimic Popular Brands to Steal Jun,03 2025 The Witcher IV - Unreal Engine 5 tech demo Jun,02 2025 Nintendo Switch 2 Welcome Tour trailer
>> News Archive <<
| |
|
