Microsoft Security Bulletins for Feb. 2008

**Donna Buenaventura**

Today, Microsoft has released the following Security Bulletins. Please read
the security bulletin for more details. You should also read the bulletins
for any caveats prior installation of the update.

1. MS08-003 - Vulnerability in Active Directory Could Allow Denial of
Service (946538)
http://www.microsoft.com/technet/sec.../ms08-003.mspx
2. MS08-004 - Vulnerability in Windows TCP/IP Could Allow Denial of
Service (946456)
http://www.microsoft.com/technet/sec.../ms08-004.mspx
3. MS08-005 - Vulnerability in Internet Information Services Could Allow
Elevation of Privilege (942831)
http://www.microsoft.com/technet/sec.../ms08-005.mspx
4. MS08-006 - Vulnerability in Internet Information Services Could Allow
Remote Code Execution (942830)
http://www.microsoft.com/technet/sec.../ms08-006.mspx
5. MS08-007 - Vulnerability in WebDAV Mini-Redirector Could Allow Remote
Code Execution (946026)
http://www.microsoft.com/technet/sec.../ms08-007.mspx
6. MS08-008 - Vulnerability in OLE Automation Could Allow Remote Code
Execution (947890)
http://www.microsoft.com/technet/sec.../ms08-008.mspx
7. MS08-009 - Vulnerability in Microsoft Word Could Allow Remote Code
Execution (947077)
http://www.microsoft.com/technet/sec.../ms08-009.mspx
8. MS08-010 - Cumulative Security Update for Internet Explorer (944533)
http://www.microsoft.com/technet/sec.../ms08-010.mspx
9. MS08-011 - Vulnerabilities in Microsoft Works File Converter Could Allow
Remote Code Execution (947081)
http://www.microsoft.com/technet/sec.../ms08-011.mspx
10. MS08-012 - Vulnerabilities in Microsoft Office Publisher Could Allow
Remote Code Execution (947085)
http://www.microsoft.com/technet/sec.../ms08-012.mspx
11. MS08-013 - Vulnerability in Microsoft Office Could Allow Remote Code
Execution (947108)
http://www.microsoft.com/technet/sec.../ms08-013.mspx

Microsoft also released non-security, high priority updates:
- Seven (7) non-security, high-priority updates on MU & WSUS
- Two (2) non-security, high-priority updates on WU & WSUS

Note that the Microsoft Windows Malicious Software Removal Tool has been
updated to v1.38 and it is also offered on Windows Update.

If you'll have issue with security patches, call Microsoft at 1-866-PCSAFETY
if you are in the US and Canada. For other location, go to
http://support.microsoft.com/common/international.aspx

References:
Security Bulletins Summary:
http://www.microsoft.com/technet/sec.../ms08-feb.mspx
Security Bulletins for end-users:
http://www.microsoft.com/protect/com...ns/200802.mspx
Security Response Center Blog: http://blogs.technet.com/msrc/

Regards,

Donna Buenaventura
Microsoft MVP - Consumer Security
http://cou.dozleng.com

Note: I forgot to crosspost on these newsgroups when I posted the above at
Windows Update newsgroup.

**Leonard Grey**

Thank you, Donna.

Up next: Arguments about this month's updates, last month's updates,
updates in general, the quality of English in this post, and anything
else remotely related to Windows or Microsoft.

[And since this post is equally useless, I won't do it again. ;-)]

---
Leonard Grey
Errare humanum est

Donna Buenaventura wrote:
Today, Microsoft has released the following Security Bulletins. Please read
the security bulletin for more details. You should also read the bulletins
for any caveats prior installation of the update.

1. MS08-003 - Vulnerability in Active Directory Could Allow Denial of
Service (946538)
http://www.microsoft.com/technet/sec.../ms08-003.mspx
2. MS08-004 - Vulnerability in Windows TCP/IP Could Allow Denial of
Service (946456)
http://www.microsoft.com/technet/sec.../ms08-004.mspx
3. MS08-005 - Vulnerability in Internet Information Services Could Allow
Elevation of Privilege (942831)
http://www.microsoft.com/technet/sec.../ms08-005.mspx
4. MS08-006 - Vulnerability in Internet Information Services Could Allow
Remote Code Execution (942830)
http://www.microsoft.com/technet/sec.../ms08-006.mspx
5. MS08-007 - Vulnerability in WebDAV Mini-Redirector Could Allow Remote
Code Execution (946026)
http://www.microsoft.com/technet/sec.../ms08-007.mspx
6. MS08-008 - Vulnerability in OLE Automation Could Allow Remote Code
Execution (947890)
http://www.microsoft.com/technet/sec.../ms08-008.mspx
7. MS08-009 - Vulnerability in Microsoft Word Could Allow Remote Code
Execution (947077)
http://www.microsoft.com/technet/sec.../ms08-009.mspx
8. MS08-010 - Cumulative Security Update for Internet Explorer (944533)
http://www.microsoft.com/technet/sec.../ms08-010.mspx
9. MS08-011 - Vulnerabilities in Microsoft Works File Converter Could
Allow
Remote Code Execution (947081)
http://www.microsoft.com/technet/sec.../ms08-011.mspx
10. MS08-012 - Vulnerabilities in Microsoft Office Publisher Could Allow
Remote Code Execution (947085)
http://www.microsoft.com/technet/sec.../ms08-012.mspx
11. MS08-013 - Vulnerability in Microsoft Office Could Allow Remote Code
Execution (947108)
http://www.microsoft.com/technet/sec.../ms08-013.mspx

Microsoft also released non-security, high priority updates:
- Seven (7) non-security, high-priority updates on MU & WSUS
- Two (2) non-security, high-priority updates on WU & WSUS

Note that the Microsoft Windows Malicious Software Removal Tool has been
updated to v1.38 and it is also offered on Windows Update.

If you'll have issue with security patches, call Microsoft at
1-866-PCSAFETY
if you are in the US and Canada. For other location, go to
http://support.microsoft.com/common/international.aspx

References:
Security Bulletins Summary:
http://www.microsoft.com/technet/sec.../ms08-feb.mspx
Security Bulletins for end-users:
http://www.microsoft.com/protect/com...ns/200802.mspx
Security Response Center Blog: http://blogs.technet.com/msrc/

Regards,

Donna Buenaventura
Microsoft MVP - Consumer Security
http://cou.dozleng.com

Note: I forgot to crosspost on these newsgroups when I posted the above
at Windows Update newsgroup.

**Dan Hubbard**

It appears the security updates has caused JEdit not to load. JEdit is a PHP
editor I use. It stopped working this morning after your wonderful updates.

I uninstalled both Java and JEdit and reinstalled and they still don't work.
I am a web editor and can't be spending all day figuring out how to get this
to work. My only option at this time is to uninstall each update to see which
one is causing this.

HELP!

"Donna Buenaventura" wrote:

Today, Microsoft has released the following Security Bulletins. Please read
the security bulletin for more details. You should also read the bulletins
for any caveats prior installation of the update.

1. MS08-003 - Vulnerability in Active Directory Could Allow Denial of
Service (946538)
http://www.microsoft.com/technet/sec.../ms08-003.mspx
2. MS08-004 - Vulnerability in Windows TCP/IP Could Allow Denial of
Service (946456)
http://www.microsoft.com/technet/sec.../ms08-004.mspx
3. MS08-005 - Vulnerability in Internet Information Services Could Allow
Elevation of Privilege (942831)
http://www.microsoft.com/technet/sec.../ms08-005.mspx
4. MS08-006 - Vulnerability in Internet Information Services Could Allow
Remote Code Execution (942830)
http://www.microsoft.com/technet/sec.../ms08-006.mspx
5. MS08-007 - Vulnerability in WebDAV Mini-Redirector Could Allow Remote
Code Execution (946026)
http://www.microsoft.com/technet/sec.../ms08-007.mspx
6. MS08-008 - Vulnerability in OLE Automation Could Allow Remote Code
Execution (947890)
http://www.microsoft.com/technet/sec.../ms08-008.mspx
7. MS08-009 - Vulnerability in Microsoft Word Could Allow Remote Code
Execution (947077)
http://www.microsoft.com/technet/sec.../ms08-009.mspx
8. MS08-010 - Cumulative Security Update for Internet Explorer (944533)
http://www.microsoft.com/technet/sec.../ms08-010.mspx
9. MS08-011 - Vulnerabilities in Microsoft Works File Converter Could Allow
Remote Code Execution (947081)
http://www.microsoft.com/technet/sec.../ms08-011.mspx
10. MS08-012 - Vulnerabilities in Microsoft Office Publisher Could Allow
Remote Code Execution (947085)
http://www.microsoft.com/technet/sec.../ms08-012.mspx
11. MS08-013 - Vulnerability in Microsoft Office Could Allow Remote Code
Execution (947108)
http://www.microsoft.com/technet/sec.../ms08-013.mspx

Microsoft also released non-security, high priority updates:
- Seven (7) non-security, high-priority updates on MU & WSUS
- Two (2) non-security, high-priority updates on WU & WSUS

Note that the Microsoft Windows Malicious Software Removal Tool has been
updated to v1.38 and it is also offered on Windows Update.

If you'll have issue with security patches, call Microsoft at 1-866-PCSAFETY
if you are in the US and Canada. For other location, go to
http://support.microsoft.com/common/international.aspx

References:
Security Bulletins Summary:
http://www.microsoft.com/technet/sec.../ms08-feb.mspx
Security Bulletins for end-users:
http://www.microsoft.com/protect/com...ns/200802.mspx
Security Response Center Blog: http://blogs.technet.com/msrc/

Regards,

Donna Buenaventura
Microsoft MVP - Consumer Security
http://cou.dozleng.com

Note: I forgot to crosspost on these newsgroups when I posted the above at
Windows Update newsgroup.

**Shenan Stanley**

snipped
http://groups.google.com/group/micro...543dd63f4ab29a

Dan Hubbard wrote:
It appears the security updates has caused JEdit not to load. JEdit
is a PHP editor I use. It stopped working this morning after your
wonderful updates.

I uninstalled both Java and JEdit and reinstalled and they still
don't work. I am a web editor and can't be spending all day
figuring out how to get this to work. My only option at this time
is to uninstall each update to see which one is causing this.

By "your", I assuume you mean "Microsoft's". This is a peer-to-peer
newsgroup - even those you are responding to are not representatives of
Microsoft - they are people just like you - who use and might have certain
expertise with some Microsoft products.

Your problem may have been caused by a patch - but it is also with a very
specific third-party product. Have you also asked their support for any
help?

My suggestion to you is a bit more drastic approach. Uninstall all the
February updates you installed, reboot and restore to a System Restore point
BEFORE you installed the updates and see if that fixes your problem. If it
does - start installing/rebooting after one update at a time. Once you
discover which one breaks JEdit, then you should report back here with that
information - as well as report that to the makers of JEdit and in the JEdit
community at large. http://community.jedit.org/?q=forum

I only suggest this because your problem *is* so specific. It may be that
JEdit and the update are not the only two factors involved here - so the
more information you give about your system - the better.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode