December 2008 Monthly Bulletin Release


This is Christopher Budd. I wanted to let you know that we’ve just released our security bulletins for December. The new bulletins for this month are:

·        MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) which is rated “Critical”

·        MS08-071: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) which is rated “Critical”

·        MS08-072: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) which is rated “Critical”

·        MS08-073: Cumulative Security Update for Internet Explorer (958215) which is rated “Critical”

·        MS08-074: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) which is rated “Critical”

·        MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) which is rated “Critical”

·        MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) which is rated “Important”

·        MS08-077: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) which is rated “Important”

In addition, today we’ve published Microsoft Security Advisory 960906 regarding new reports of a vulnerability in the Wordpad Converter for Word 97 files affecting Windows 2000 SP4, Windows XP SP2 and Windows Server 2003 SP1 and SP2. We are aware of very limited and targeted attacks seeking to exploit this vulnerability. The advisory details workarounds that you can evaluate while we develop a security update for this issue.

As we do each month, our colleagues over at the Security Vulnerability Research and Defense blog have more information and details on today’s security updates including MS08-076 that addresses a vulnerability similar to what we addressed with MS08-068. In my posting last month about MS08-068 I noted how we’ve been doing a lot of work to address the difficult issues around the SMBRelay attack. This new bulletin is borne out of that same ongoing effort andthat work is still going on: there are other related issues we’re still working on. You can expect to see more updates in the future out of this ongoing project.

This month the Windows Malicious Software Removal Tool is adding detection for two new families: Win32/FakeXPA and Win32/Yektel. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have posted information on these new families on their blog.

Finally, please join us tomorrow for our monthly TechNet webcast where we review this month’s security bulletins and, most importantly, answer your questions about this month’s release. You can register for the webcast here.



*This posting is provided “AS IS” with no warranties, and confers no rights*