Microsoft released eight security updates for April, rating five of them as critical. Here's a brief description of each update; for more information, go to
http://www.microsoft.com/technet/security/bulletin/ms08-apr.mspx
MS08-018: Vulnerability in Microsoft Project Could Allow Remote Code Execution
The attack vector for this vulnerability is a specially created Microsoft Project document. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletins.
Applies to: Project 2000, Project 2002, and Project 2003. Does not affect Project 2007 or Project Server 2003.
Recommendation: Microsoft rates this update as critical. The priority you assign this update should depend on the frequency with which your organization uses and shares Project documents.
MS08-019: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution
The attack vector for this vulnerability is a specially created Visio file. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS07-030.
Applies to: Visio 2002, Visio 2003, and Visio 2007. Does not apply to Visio Viewer.
Recommendation: Microsoft rates this update as important. The urgency you attach to deploying this update should be proportional to the frequency with which your organization uses and shares Visio documents.
MS08-020: Vulnerability in DNS Client Could Allow Spoofing
The attack vector for this vulnerability is a specially crafted response to a DNS request. The most severe consequence from an attack leveraging this vulnerability is a client being redirected away from legitimate destinations.
Applies to: Windows 2000, Windows XP, Windows Server 2003, and Windows Vista without SP1. Does not apply to Vista SP1 or Windows Server 2008.
Recommendation: Microsoft rates this update as important. You should test and deploy this update as a part of your normal patch management routine.
MS08-021: Vulnerability in GDI could allow Remote Code Execution
The attack vector for this vulnerability is a specially created EMF or WMF image file which exploits the Windows Graphics Device Interface (GDI). The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS07-046.
Applies to: All Windows OSs.
Recommendation: Microsoft rates this update as critical. Given that this exploit can be leveraged against all Windows OSs, you should perform accelerated testing and deploy this update to computers in your environment as soon as possible.
MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution
The attack vector for this vulnerability is specially crafted VBScript and JScript scripts. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS06-023.
Applies to: Windows 2000, Windows XP, and Windows Server 2003. Does not apply to Windows Vista or Windows Server 2008.
Recommendation: Microsoft rates this update as critical. You should test and deploy this update to computers in your environment as soon as possible.
MS08-023: Security Update of ActiveX Kill Bits
The attack vector for this vulnerability is a specifically created Web page viewed by using Microsoft Internet Explorer (IE). Depending on the OS attacked, the consequences range from complete control over the affected computer to basic remote code execution.
Applies to: Windows 2000 and Windows XP (Critical), Windows Server 2003 (Moderate), Windows Vista (Important), and Windows Server 2008 (Low).
Recommendation: Microsoft rates this update as critical for some OSs to low for others. The priority that you apply to this update should reflect your organization's OS deployment. An organization that has only Windows Server 2008 and Windows Vista computers can deploy this patch according to their normal patch management cycle; an organization that has Windows 2000 or Windows XP clients should perform more rapid testing and deployment.
MS08-024: Cumulative Update for Internet Explorer
The attack vector for this vulnerability is a specially created Web page. The most severe consequence from an attack leveraging this vulnerability is an attacker gaining complete control over the affected computer. This bulletin replaces previous bulletin MS08-010.
Applies to: All versions of Microsoft Internet Explorer.
Recommendation: Microsoft rates this update as critical. You should give high priority to the testing and deployment of this update.
MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege
This attack requires the attacker to be logged on locally. The most severe consequence from an attack leveraging this vulnerability is attackers elevating their privileges so that they have administrative rights.
Applies to: All versions of Windows.
Recommendation: Microsoft rates this update as important. Because this attack can be leveraged only by a locally logged-on user, you can test and deploy this patch as a part of your normal patch management routine.
End of Article
Register
