Saturday, October 25, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Panasonic to Offload Sanyo's North America TV Business
Google's Pichai to Become Head of Product at Google: report
Internet Explorer 11 Toolkit Allows Enterprise Admins "Spy" On Their Employees
FCC Says Airwave Auction To Delay Until 2016
HP Broadens Moonshot Portfolio With Intel-powered Models
Microsoft To Keep Nokia Brand For Low-end Smartphones
LG Introduces Its First Octa-Core Application Processor
Cloud and Surface 3 Drive Microsoft's Revenue
Active Discussions
Copied dvd's say blank in computer only
How to generate lots of different CDs quickly
Yamaha CRW-F1UX
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, June 11, 2008
Microsoft patches 10 bugs with 7 bulletins in Windows


Microsoft released its June 2008 security bulletin, which includes three critical, three important, and one moderate patch.

The security bulletins for this month are as follows, in order of severity:

MS08-030 (Critical)

Summary
This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Impact of Vulnerability
Remote Code Execution

Affected Software
Microsoft Windows XP SP2 and SP3,Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Vista and Windows Vista Service Pack 1, Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1.


MS08-031 (Critical)

Executive Summary
This security update resolves one privately reported and one publicly disclosed vulnerability. The privately reported vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The publicly disclosed vulnerability could allow information disclosure if a user viewed a specially crafted Web page using Internet Explorer.

Impact of Vulnerability
Remote Code Execution

Affected Software
Microsoft Windows, Internet Explorer.


MS08-033 (Critical)

Executive Summary
This security update resolves two privately reported vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability
Remote Code Execution

Affected Software
Microsoft Windows.


MS08-034 (Important)

Executive Summary
This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS) that could allow elevation of privilege. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Impact of Vulnerability
Elevation of Privilege

Affected Software
Microsoft Windows 2000 Server Service Pack 4,Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack, Windows Server 2003 x64 Edition, Windows Server 2003 x64 Edition Service Pack 2,Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems


MS08-035 (Important)

Executive Summary
This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008; Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003; and Active Directory Lightweight Directory Service (AD LDS) when installed on Windows Server 2008. The vulnerability could be exploited to allow an attacker to cause a denial of service condition. On Windows XP Professional, Windows Server 2003, and Windows Server 2008, an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could cause the system to stop responding or automatically restart.

Impact of Vulnerability
Denial of Service

Affected Software
Microsoft Windows 2000 Server Service Pack 4,Windows XP Professional SP 2 and SP 3, Windows XP Professional x64 Edition and Windows XP Professional x64 Edition SP 2, Windows Server 2003 SP 1 and SP 2, Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2,Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems, Windows Server 2008 for 32-bit Systems, Windows Server 2008 for x64-based Systems.


MS08-036 (Important)

Executive Summary
This security update resolves two privately reported vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system. An attacker who successfully exploited this vulnerability could cause a user?s system to become non-responsive and to require a restart to restore functionality. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.

Impact of Vulnerability
Denial of Service

Affected Software
All Microsoft Windows versions (except Windows 2000 Service Pack 4).


MS08-032 (Moderate)

Executive Summary
This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes a kill bit for software produced by BackWeb.

Impact of Vulnerability
Remote Code Execution

Affected Software
Microsoft Windows.


Previous
Next
Disney Adds Online Chat to BD-Live Releases        All News        Imation Adds Ultra-Slim External Hard Disk Drive Line
Firefox 3 Coming Tuesday, June 17th     General Computing News      Internet Providers to Block Child Porn Sites

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .