-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-288A Microsoft Updates for Multiple Vulnerabilities Original release date: October 14, 2008 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer * Microsoft Office Overview Microsoft has released updates that address vulnerabilities in Microsoft Windows, Internet Explorer, and Microsoft Office. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, and Microsoft Office as part of the Microsoft Security Bulletin Summary for October 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the October 2008 Security Bulletin Summary. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-288A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@xxxxxxxx> with "TA08-288A Feedback " in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> _________________________________________________________________ Revision History October 14, 2008: Initial release. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSPTb6nIHljM+H4irAQL1Ygf+MU9e3vKkolrjKtVNvhtkWW0lPcUnX+d5 RGRSRRzYSnbddmteyYfbWX5EMinsMbzTLtVZPDVgehhFQr8fBl1g6w8t0mnZhA5K lKFOO/z/czEEb0nEgDu2OHJeo4Dn0CstDsX4r58tkWGNQWGh+5zgoSU8n3FHiT5p rhRn29ta2kuzKrXzJgqx6GdqFRPO/NnGUKDf8sKGJOecgHbTYOlOuuRb2z4lHUmI yGs+gwOTFA74h4Mhr4DLnn10OEP/oJt9ROBQ/kC8HiMkPsp+wiY7o0ogQeS7pIeI StMLvQdyLsmeUdyYbW/8qCm5hTwBAs3PeQjBXMecS3Qlm2+IJNsw6g== =9QbC -----END PGP SIGNATURE-----