Microsoft's security update for April includes five
critical updates, as well as three more marked as
important.
Three out of the total five critical updates patch
vulnerabilities that could allow remote code execution in
Microsoft Office Project, Windows' graphics device interface (GDI) and the the VBScript and
JScript scripting engines in Windows.
Another critical update resolves one privately reported
vulnerability for a Microsoft product. This update also
includes a kill bit for the Yahoo! Music Jukebox product.
The vulnerability could allow remote code execution if a
user viewed a specially crafted Web page using Internet
Explorer.
The last update resolves a vulnerability that could allow
remote code execution if a user viewed a specially crafted
Web page using Internet Explorer.
The "important updates" cover issues related to
vulnerabilities in DNS clients, Windows kernel and
Microsoft Office Visio.
For additional information and downloads, visit
http://www.microsoft.com/technet/security/bull
etin/ms08-apr.mspx.