-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA08-225A
Microsoft Updates for Multiple Vulnerabilities
Original release date: August 12, 2008
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Office including Access, Excel, and Word
Overview
Microsoft has released updates that address vulnerabilities in Microsoft
Windows, Office, and Internet Explorer.
I. Description
Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows, Office, Internet Explorer, and other related components
as part of the Microsoft Security Bulletin Summary for August 2008. The most
severe vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code. For more information, see the US-CERT Vulnerability
Notes Database.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code or cause a
vulnerable application to crash.
III. Solution
Apply updates from Microsoft
Microsoft has provided updates for these vulnerabilities in the August 2008
Security Bulletin Summary. The security bulletin describes any known issues
related to the updates. Administrators are encouraged to note these issues
and test for any potentially adverse effects. Administrators should consider
using an automated update distribution system such as Windows Server Update
Services (WSUS).
IV. References
* US-CERT Vulnerability Notes for Microsoft August 2008 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms08-aug>
* Microsoft Security Bulletin Summary for August 2008 -
<http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx>
* Microsoft Update - <https://www.update.microsoft.com/microsoftupdate/>
* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-225A.html>
_________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@xxxxxxxx> with "TA08-225A Feedback VU#309739" in the
subject.
_________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________
Produced 2008 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
_________________________________________________________________
Revision History
August 12, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSKHpWXIHljM+H4irAQIAjggAnuRH0SYnfJ6bOr1h5PSZfu9jdVbKMCNV
b3l4BjoMREjVemf2FjlinYfDzmEwAEDY0YmAEgI4keLqLUXjlR+z2fFwK3457Z1S
YSlLT/C2mjeD4N+k+h7rnJuMt+gkhDE9S5QpDW/dOiftpCyXTXNZ3MJKf2wX4DER
WW5iAsBhK0KJ/IVZyybpS/Xl1MXoVmrG9lGkLbnd82kJxm8hYaYmBn5LnsysVdlt
Wt1OgQZ1qFjeWQYb/MdHvy6yjnTgdoGYSYoPBGffQ5Nd3Vwq3P+huOvYD+k6z1Fl
QCmRALIxhLPyANiTL5KZYfZPcgpIQ6SiEvl+zZjAW9fs2jZ4hhbp5A==
=RUYx
-----END PGP SIGNATURE-----
