Friday, December 12, 2008 11:21 AM
cmosby
Microsoft Security Bulletin Minor Revisions - Issued: December 10, 2008
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: December 10, 2008
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-075 - Critical
* MS08-071 - Critical
* MS08-069 - Critical
* MS08-068 - Important
Bulletin Information:
=====================
* MS08-075 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-075.mspx
- Reason for Revision: V1.1 (December 10, 2008): Corrected registry key in Workarounds for Windows Search Parsing Vulnerability - CVE-2008-4269 section.
- Originally posted: December 9, 2008
- Updated: December 10, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-071 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-071.mspx
- Reason for Revision: V1.1 (December 10, 2008): Updated the Severity Ratings and Vulnerability Identifiers table to list the security impact for GDI Heap Overflow Vulnerability - CVE-2008-3465 as Remote Code Execution for Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 and Windows XP
Service Pack 3, Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, and Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems.
- Originally posted: December 9, 2008
- Updated: December 10, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-069 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- Reason for Revision: V1.1 (December 10, 2008): Removed the kill bit workaround from Workarounds for MSXML DTD Cross-Domain Scripting Vulnerability - CVE-2008-4029. Also added a note to the Supported Security Update Installation Switches tables clarifying that the /overwriteoem installation switch is not
applicable for Microsoft XML Core Services 4.0 or Microsoft XML Core Services 6.0 when installed on Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003 Service Pack 1, or Windows Server 2003 Service Pack 2.
- Originally posted: November 11, 2008
- Updated: December 10, 2008
- Bulletin Severity Rating: Critical
- Version: 1.1
* MS08-068 - Important
- http://www.microsoft.com/technet/security/bulletin/ms08-068.mspx
- Reason for Revision: V1.2 (December 10, 2008): Added a link to Microsoft Knowledge Base Article 957097 under Known Issues in the Executive Summary and added a known issues entry to the Frequently Asked Questions (FAQ) Related to this Security
Update section.
- Originally posted: November 11, 2008
- Updated: December 10, 2008
- Bulletin Severity Rating: Important
- Version: 1.2
Filed under: Patch Management, Microsoft Windows, Internet Explorer, Microsoft Office, Security, Software Vulnerabilites