US-CERT Technical Cyber Security Alert TA08-288A -- Microsoft Updates for Multiple Vulnerabilities

0 views
Skip to first unread message

US-CERT

unread,
Oct 14, 2008, 3:52:22 PM10/14/08
to

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA08-288A


Microsoft Updates for Multiple Vulnerabilities

Original release date: October 14, 2008
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Office


Overview

Microsoft has released updates that address vulnerabilities in Microsoft
Windows, Internet Explorer, and Microsoft Office.


I. Description

Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows, Internet Explorer, and Microsoft Office as part of the
Microsoft Security Bulletin Summary for October 2008. The most severe
vulnerabilities could allow a remote, unauthenticated attacker to execute
arbitrary code. For more information, see the US-CERT Vulnerability Notes
Database.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code or cause a
vulnerable application to crash.


III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these
vulnerabilities in the October 2008 Security Bulletin Summary. The security
bulletin describes any known issues related to the updates. Administrators
are encouraged to note these issues and test for any potentially adverse
effects. Administrators should consider using an automated update
distribution system such as Windows Server Update Services (WSUS).


IV. References

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA08-288A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <ce...@cert.org> with "TA08-288A Feedback " in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2008 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

October 14, 2008: Initial release.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSPTb6nIHljM+H4irAQL1Ygf+MU9e3vKkolrjKtVNvhtkWW0lPcUnX+d5
RGRSRRzYSnbddmteyYfbWX5EMinsMbzTLtVZPDVgehhFQr8fBl1g6w8t0mnZhA5K
lKFOO/z/czEEb0nEgDu2OHJeo4Dn0CstDsX4r58tkWGNQWGh+5zgoSU8n3FHiT5p
rhRn29ta2kuzKrXzJgqx6GdqFRPO/NnGUKDf8sKGJOecgHbTYOlOuuRb2z4lHUmI
yGs+gwOTFA74h4Mhr4DLnn10OEP/oJt9ROBQ/kC8HiMkPsp+wiY7o0ogQeS7pIeI
StMLvQdyLsmeUdyYbW/8qCm5hTwBAs3PeQjBXMecS3Qlm2+IJNsw6g==
=9QbC
-----END PGP SIGNATURE-----

Reply all
Reply to author
Forward
0 new messages