7 Microsoft Security Bulletins for June 2008

Microsoft released seven security updates for June, rating three of them as critical. Here's a brief description of each update; for more information, go to
http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx

MS08-030: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution

The attack vector for this vulnerability is the Bluetooth stack of Windows Vista and Windows XP computers. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer.

Applies to: Windows Vista and Windows XP

Recommendation: Microsoft rates this update as critical. Although the vulnerability has been privately reported to Microsoft and a public exploit is not presently believed to exist, this vulnerability allows computers, particularly laptops, to be compromised in public places such as airport lounges and coffee shops where many people use laptop computers in proximity to each other. You should test and deploy this update as a part of your organization's accelerated patch management strategy.

MS08-031: Cumulative Security Update for Internet Explorer

The attack vector for this vulnerability is a specially crafted Web page. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS08-024.

Applies to: Internet Explorer 5, 6, and 7

Recommendation: Microsoft rates this update as critical. This update addresses two vulnerabilities, one of which has been publicly disclosed. Given the public nature of the disclosure you should test and deploy this update as a part of your organization's accelerated patch management strategy.

MS08-032: Cumulative Security Update of ActiveX Kill Bits

The attack vector for this vulnerability is a specially crafted Web page viewed in Internet Explorer when the Speech Recognition feature of Windows is enabled. The most severe consequence from an attack leveraging this vulnerability is an attacker being able to execute remote code with the privileges of the logged on user. This bulletin replaces previous bulletin MS08-023.

Applies to: All versions of Windows

Recommendation: Microsoft rates this update as moderate. Although the vulnerability has been publically reported, you should only use an accelerated deployment schedule in the event that your organization deploys Microsoft speech recognition technologies. Otherwise you should test and deploy as a part of your regular patch management cycle.

MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution

The attack vector for this vulnerability is a specially crafted media file. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS07-064.

Applies to: DirectX on all versions of Windows

Recommendation: Microsoft rates this update as critical. Although the vulnerability has been privately reported to Microsoft, the large number of systems potentially vulnerable makes the short-term development and deployment of a working exploit by nefarious third parties highly likely. You should test and deploy this update as a part of your organization's accelerated patch management cycle.

MS08-034: Vulnerability in WINS Could Allow Elevation of Privilege

The attack vector for this vulnerability is the Windows Internet Naming Service (WINS). The most severe consequence from an attack leveraging this vulnerability is an elevation of privilege. This bulletin replaces previous bulletin MS04-045.

Applies to: Windows Server 2003 and Windows 2000 Server

Recommendation: Microsoft rates this update as important. You should test and deploy this update as a part of your organization's regular patch management cycle.

MS08-035: Vulnerability in Active Directory Could Allow Denial of Service

The attacker successfully leveraging this vulnerability would cause a Denial of Service (DoS) condition against the targeted system. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS08-003.

Applies to: Windows Server 2008, Windows Server 2003, Windows 2000 Server, and Windows XP with Active Directory Application Mode.

Recommendation: Microsoft rates this update as important. The vulnerability was privately reported and requires the attacker to be on the same network segment as the target computer. You should test and deploy this update as a part of your organization's regular patch management cycle.

MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service

The attack vector for this vulnerability is a flood of PGM traffic on the network. The most severe consequence from an attack leveraging this vulnerability is a target computer becoming non-responsive, requiring a reboot to restore normal functionality. This bulletin replaces previous bulletin MS06-052.

Applies to: All versions of Windows (except Windows 2000 which does not support PGM)

Recommendation: Microsoft rates this update as important. The vulnerabilities that this update addresses have been privately rather than publically reported, and PGM is disabled by default on all versions of Windows. PGM is a multicast transport protocol that administrators are likely to be aware of only if they have specifically enabled it for their environment. Unless your organization uses PGM, you should test and deploy this update as a part of your organization's regular patch management cycle.

End of Article

You must log on before posting a comment.

If you don't have a username & password, please register now.