DP's Security Bits

Issued: August 26, 2008

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

  * MS07-050 - Critical

Bulletin Information:

* MS07-050 - Critical

 - http://www.microsoft.com/technet/security/bulletin/ms07-050.mspx
 - Reason for Revision: V2.0 (August 26, 2008): Bulletin revised to
    include Internet Explorer 7 for Windows XP Service Pack 3. 
 - Originally posted: August 14, 2007
 - Updated: August 26, 2008
 - Bulletin Severity Rating: Critical
 - Version: 2.0

Issued: August 20, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-045 - Critical
  * MS08-043 - Critical
  * MS07-068 - Critical

Bulletin Information:

* MS08-045 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-045.mspx
  - Reason for Revision: V1.1 (August 20, 2008): Corrected a registry
    key verification entry for Windows XP and added a mitigating
    factor for CVE-2008-2256. 
  - Originally posted: August 12, 2008
  - Updated: August 20, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS08-043 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx
  - Reason for Revision: V1.2 (August 20, 2008): Added note to the
    Affected Software table and a FAQ entry to clarify that this
    update applies to servers that have Excel Services installed,
    such as the default configuration of Microsoft Office
    SharePoint Server 2007 Enterprise and Microsoft Office
    SharePoint Server 2007 For Internet Sites. Microsoft Office
    SharePoint Server 2007 Standard does not include Excel
    Services.  
  - Originally posted: August 12, 2008
  - Updated: August 20, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.2
   
* MS07-068 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms07-068.mspx
  - Reason for Revision: V2.2 (August 20, 2008): Bulletin updated to
    change Windows Media Format Runtime 9 to a non-affected
    component for Windows XP Service Pack 3. 
  - Originally posted: December 11, 2007
  - Updated: August 20, 2008
  - Bulletin Severity Rating: Critical
  - Version: 2.2

Issued: August 20, 2008

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

  * MS08-051 - Critical

Bulletin Information:

* MS08-051 - Critical

 - http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
 - Reason for Revision: V2.0 (August 20, 2008): Added note to the
    Affected Software table and entries to the Frequently Asked
    Questions (FAQ) Related to This Security Update section
    explaining that Microsoft has posted new update packages,
    labeled Version 2, for Microsoft Office PowerPoint 2003
    Service Pack 2 and Microsoft Office PowerPoint 2003 Service
    Pack 3 to the Microsoft Download Center. Customers who
    manually installed Version 1 of this update from Microsoft
    Download Center need to reinstall Version 2 of this update.
    Customers who have installed this update using Microsoft
    Update or Office Update do not need to reinstall. Also
    removed erroneous mitigations from the vulnerability
    information sections for Memory Allocation Vulnerability -
    CVE-2008-0120 and Memory Calculation Vulnerability -
CVE-2008-0121. 
 - Originally posted: August 12, 2008
 - Updated: August 20, 2008
 - Bulletin Severity Rating: Critical
 - Version: 2.0

Opera Software ASA today patched seven vulnerabilities in its flagship Opera browser, but it declined to provide information about one of the bugs.

The Oslo-based browser developer hinted that other programs, not yet unpatched, were also affected by the flaw.

Today's update to Opera 9.52 fixes multiple bugs -- seven in the Windows version, five in the Mac edition and six in the Linux browser -- that range from "extremely severe" to "not severe" in the company's five-step threat-ranking system.

What was unusual, however, was that Opera omitted an explanation for one of the fixed flaws. Instead, the company simply stated in the change log: "Fixed an issue that could allow cross-site scripting, as reported by Chris Weber of Casaba Security; details will be disclosed at a later date."

Story continues at computerworld.com

Symantec Corp. (Nasdaq: SYMC), today announced it has signed a definitive agreement to acquire PC Tools, a global provider of innovative software products designed to protect the privacy and security of Windows® computer users. The financial terms of the acquisition are not being disclosed. The transaction is expected to close by the end of the calendar year and is subject to customary closing conditions and regulatory approvals.

With the addition of PC Tools, Symantec will expand its consumer product portfolio to include award-winning PC utilities software and point security technologies. PC Tools will help Symantec expand its reach with consumers in new emerging regional markets and will bring an array of go-to-market capabilities, that have been effective with consumers in many markets around the world.

Press Release

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new campaign of malicious spam posing as FedEx notifications.

The notifications claim to be from FedEx and explain that a package sent by the recipient in the past month was not delivered. The message has an attachment claimed to be a copy of the invoice. The attachment is in a zip file but is actually a Trojan Downloader.

This spam wave is a continuation of an ongoing theme used in recent months of using a parcel service invoice as the social engineering attack vector.

Details ...

Issued: August 13, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-051 - Critical
  * MS08-048 - Important
  * MS08-047 - Important
  * MS08-044 - Critical
  * MS08-043 - Critical

Bulletin Information:

* MS08-051 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
  - Reason for Revision: V1.1 (August 13, 2008): Added an entry to
    the Frequently Asked Questions (FAQ) Related to This Security
    Update section to communicate that the file information in
    the associated Microsoft Knowledge Base Article 949785 has
    been updated. Also removed erroneous reference to Microsoft
    Office 2008 for Mac as affected software in the Executive
Summary. 
  - Originally posted: August 12, 2008
  - Updated: August 13, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS08-048 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-048.mspx
  - Reason for Revision: V1.1 (August 13, 2008): Corrected log file
    location, removal information, and registry key verification
    in the reference tables of this bulletin. Also added an entry
    to explain why this update is rated Important for supported
    editions of Windows XP and Windows Vista and rated Low for
    supported editions of Windows Server 2003 and Windows Server
2008. 
  - Originally posted: August 12, 2008
  - Updated: August 13, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.1
   
* MS08-047 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-047.mspx
  - Reason for Revision: V1.1 (August 13, 2008): Added Windows XP
    Professional x64 Edition and Windows XP Professional x64
    Edition Service Pack 2 to the Non-Affected Software table. 
  - Originally posted: August 12, 2008
  - Updated: August 13, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.1
   
* MS08-044 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-044.mspx
  - Reason for Revision: V1.1 (August 13, 2008): Clarified that the
    update for Microsoft Office Project 2002 Service Pack 1 is
    the same as the update for Microsoft Office XP Service Pack
    3. Customers who have already successfully installed this
    update do not have to reinstall. 
  - Originally posted: August 12, 2008
  - Updated: August 13, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS08-043 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx
  - Reason for Revision: V1.1 (August 13, 2008): Added an entry to
    the Frequently Asked Questions (FAQ) Related to This Security
    Update section to communicate that the file information in
    the associated Microsoft Knowledge Base Article 954066 has
    been updated. Also changed the bulletin replacement
    information for Microsoft Office Compatibility Pack for Word,
    Excel, and PowerPoint 2007 File Formats and Microsoft Office
    Compatibility Pack for Word, Excel, and PowerPoint 2007 File
    Formats Service Pack 1. 
  - Originally posted: August 12, 2008
  - Updated: August 13, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1

Issued: August 13, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (953839)
  - Title: Cumulative Security Update of ActiveX Kill Bits
  - http://www.microsoft.com/technet/security/advisory/953839.mspx
  - Revision Note: August 13, 2008: Updated to include links to
    HP's Advisories

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new replica wave of 'msnbc.com - BREAKING NEWS' alerts that are being sent out via spam emails. Similar to previous attacks related to 'Bogus CNN Custom Alerts', these emails contain links to a legitimate news page, but are designed to encourage users to download a malicious application posing as a video codec.

Over the last few days, the ThreatSeeker Network has seen huge volumes of spam wrapped up in CNN-themed templates - most recently email alerts listing the different popular events and news articles, which also encouraged users to download a video codec, which was actually a malicious file. Here is a screenshot of a sampled spam email:

Details ..

Issued: August 12, 2008

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

  * MS08-022 - Critical
  * MS07-047 - Important

Bulletin Information:

* MS08-022 - Critical

 - http://www.microsoft.com/technet/security/bulletin/ms08-022.mspx
 - Reason for Revision: V2.0 (August 12, 2008): Added known issues
    link. Also added an entry to the section, Frequently Asked
    Questions (FAQ) Related to this Security Update, about the
    known issues and solutions. The solutions include a
    deployment change for this security update for one issue and
    a workaround for another. Customers who have successfully
    updated their systems do not need to reinstall this update.  
 - Originally posted: April 8, 2008
 - Updated: August 12, 2008
 - Bulletin Severity Rating: Critical
 - Version: 2.0
   
* MS07-047 - Important

 - http://www.microsoft.com/technet/security/bulletin/ms07-047.mspx
 - Reason for Revision: V2.0 (August 12, 2008): Added Windows XP
    Service Pack 3 as affected software. This is a detection
    change only; there were no changes to the binaries. Customers
    who have successfully updated their systems do not need to
    reinstall this update. 
 - Originally posted: August 14, 2007
 - Updated: August 12, 2008
 - Bulletin Severity Rating: Important
 - Version: 2.0

Issued: August 12, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-040 - Important
  * MS08-033 - Critical

Bulletin Information:

* MS08-040 - Important

  - http://go.microsoft.com/?linkid=9357905
  - Reason for Revision: V1.6 (August 12, 2008): Added entry to the
    Frequently Asked Questions (FAQ) Related to This Security
    Update to communicate a change in the installation code for
    the security update for SQL Server 2005 Service Pack 2. This
    is an installation code change only. There were no changes to
    the security update binaries. 
  - Originally posted: July 8, 2008
  - Updated: August 12, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.6
   
* MS08-033 - Critical

  - http://go.microsoft.com/?linkid=9357906
  - Reason for Revision: V2.1 (August 12, 2008): Added known issues
    link. Also added an entry to the section, Frequently Asked
    Questions (FAQ) Related to this Security Update, about the
    known issues and solutions. The solutions include a change to
    Microsoft Baseline Security Analyzer (MBSA) 2.1 to correctly
    detect this update. 
  - Originally posted: June 10, 2008
  - Updated: August 12, 2008
  - Bulletin Severity Rating: Critical
  - Version: 2.1

Issued: August 12, 2008

Security Advisories Updated or Released Today

* Microsoft Security Advisory (954960)
  - Title: Microsoft Windows Server Update Services
    (WSUS) Blocked from Deploying Security Updates
  - http://www.microsoft.com/technet/security/advisory/954960.mspx
  - Revision Note: August 12, 2008: Added entry to the section,
    Frequently Asked Questions (FAQ) Related to This Security
    Update to communicate that the re-release of the update to
    fix a known installation issue with Windows Server 2008
    systems is now available via Microsoft Update.

 * Microsoft Security Advisory (953839)
  - Title: Cumulative Security Update of ActiveX Kill Bits
  - http://www.microsoft.com/technet/security/advisory/953839.mspx
  - Revision Note: Advisory Published

Note: There may be latency issues due to replication, if the page does not display keep refreshing
August 12, 2008

Today Microsoft released the following Security Bulletin(s). 

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

August Bulletin Summary

Critical (6)

MS08-046 - Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
MS08-045 - Cumulative Security Update for Internet Explorer (953838)
MS08-041 - Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) 
MS08-043 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
MS08-051 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)
MS08-044 - Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)

Important (5)

MS08-047 - Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)
MS08-049 - Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
MS08-048 - Security Update for Outlook Express and Windows Mail (951066)
MS08-050 - Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
MS08-042 - Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)
 
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.

Security researcher David Maynor hopes that his credit-card data has been stolen for the last time.

Tired of insecure sites losing his data, the chief technology officer at Errata Security, said the company plans to release a toolbar for major browsers that will check visited Web sites for obvious security issues. The add-on software will check for twenty signs -- such as the version numbers of the Web server and the content management system -- to make sure that the site has no obvious flaws.

http://www.securityfocus.com/brief/796

Websense® Security Labs™ ThreatSeeker™ network has discovered replica CNN Custom Email Alerts being sent out via spam emails. These emails contain links to a legitimate news page, but have been designed to encourage users to download a malicious application posing as a video codec.

Over the last few days, the ThreatSeeker Network has seen huge volumes of spam wrapped up in CNN-themed templates - most recently email alerts listing the Daily Top 10 Stories and Videos, which also encouraged users to download a video codec (again a malicious file).

Details ...

Issued: August 7, 2008

This is an advance notification of security bulletins that
Microsoft is intending to release on August 12, 2008.

The full version of the Microsoft Security Bulletin Advance
Notification for August 2008 can be found at
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx.

This bulletin advance notification will be replaced with the
August bulletin summary on August 12, 2008. For more information
about the bulletin advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.

Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, August 13, 2008,
at 11:00 AM Pacific Time (US & Canada). Register for the August
Security Bulletin Webcast at
http://www.microsoft.com/technet/security/bulletin/summary.mspx.


Critical Security Bulletins

Windows 1 Bulletin

  - Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

IE Bulletin

  - Affected Software:
    - Internet Explorer 5.01 Service Pack 4 on
      Microsoft Windows 2000 Service Pack 4
    - Internet Explorer 6 Service Pack 1 when installed on
      Microsoft Windows 2000 Service Pack 4
    - Internet Explorer 6 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 6 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 7 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 in
      Windows Vista and
      Windows Vista Service Pack 1
    - Internet Explorer 7 in
      Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Internet Explorer 7 in
      Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 7 in
      Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 7 in
      Windows Server 2008 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

Media Player Bulletin

  - Affected Software:
    - Windows Media Player 11 on
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows Media Player 11 on
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Media Player 11 on
      Windows Vista and
      Windows Vista Service Pack 1
    - Windows Media Player 11 on
      Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Media Player 11 on
      Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation not affected)
    - Windows Media Player 11 on
      Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation not affected)

    - Impact: Remote Code Execution
    - Version Number: 1.0

Access Bulletin

  - Affected Software:
    - Microsoft Office Access 2000 Service Pack 3
    - Microsoft Office Access 2002 Service Pack 3
    - Microsoft Office Access 2003 Service Pack 2 and
      Microsoft Office Access 2003 Service Pack 3
    - Snapshot Viewer for Microsoft Access

    - Impact: Remote Code Execution
    - Version Number: 1.0

Excel Bulletin

  - Affected Software:
    - Excel 2000 Service Pack 3
    - Excel 2002 Service Pack 3
    - Excel 2003 Service Pack 2
    - Excel 2003 Service Pack 3
    - Excel 2007
    - Excel 2007 Service Pack 1
    - Microsoft Office Excel Viewer 2003
    - Microsoft Office Excel Viewer 2003 Service Pack 3
    - Microsoft Office Excel Viewer
    - Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats
    - Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats Service Pack 1
    - Microsoft Office SharePoint Server 2007
    - Microsoft Office SharePoint Server 2007 Service Pack 1
    - Microsoft Office SharePoint Server 2007 x64 Edition
    - Microsoft Office SharePoint Server 2007 x64 Edition Service
      Pack 1
    - Microsoft Office 2004 for Mac
    - Microsoft Office 2008 for Mac

    - Impact: Remote Code Execution
    - Version Number: 1.0

PowerPoint Bulletin

  - Affected Software:
    - Microsoft Office PowerPoint 2000 Service Pack 3
    - Microsoft Office PowerPoint 2002 Service Pack 3
    - Microsoft Office PowerPoint 2003 Service Pack 2
    - Microsoft Office PowerPoint 2003 Service Pack 3
    - Microsoft Office PowerPoint 2007
    - Microsoft Office PowerPoint 2007 Service Pack 1
    - Microsoft Office PowerPoint Viewer 2003
    - Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats
    - Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats Service Pack 1
    - Microsoft Office 2004 for Mac

    - Impact: Remote Code Execution
    - Version Number: 1.0

Office Bulletin

  - Affected Software:
    - Microsoft Works 8
    - Microsoft Office 2000 Service Pack 3
    - Microsoft Office XP Service Pack 3
    - Microsoft Office 2003 Service Pack 2
    - Microsoft Office Project 2002 Service Pack 1
    - Microsoft Office Converter Pack

    - Impact: Remote Code Execution
    - Version Number: 1.0


Important Security Bulletins

Windows 2 Bulletin

  - Affected Software:
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Information Disclosure
    - Version Number: 1.0

Windows 3 Bulletin

  - Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

OE Bulletin

  - Affected Software:
    - Microsoft Outlook Express 5.5 Service Pack 2 on
      Microsoft Windows 2000 Service Pack 4
    - Microsoft Outlook Express 6 Service Pack 1 when installed on
      Microsoft Windows 2000 Service Pack 4
    - Microsoft Outlook Express 6 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Microsoft Outlook Express 6 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Microsoft Outlook Express 6 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Microsoft Outlook Express 6 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Microsoft Outlook Express 6 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Mail in
      Windows Vista and
      Windows Vista Service Pack 1
    - Windows Mail in
      Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Mail in
      Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation not affected)
    - Windows Mail in
      Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation not affected)
    - Windows Mail in
      Windows Server 2008 for Itanium-based Systems

    - Impact: Information Disclosure
    - Version Number: 1.0

Messenger Bulletin

  - Affected Software:
    - Windows Messenger 5.1 on
      Microsoft Windows 2000 Service Pack 4
    - Windows Messenger 4.7 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows Messenger 5.1 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows Messenger 4.7 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Messenger 5.1 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Messenger 4.7 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Messenger 5.1 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Messenger 4.7 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Windows Messenger 5.1 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Windows Messenger 4.7 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Messenger 5.1 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems

    - Impact: Information Disclosure
    - Version Number: 1.0

Word Bulletin

  - Affected Software:
    - Microsoft Word 2002 Service Pack 3
    - Microsoft Word 2003 Service Pack 2
    - Microsoft Word 2003 Service Pack 3

    - Impact: Remote Code Execution
    - Version Number: 1.0


Other Information


Microsoft Windows Malicious Software Removal Tool:

Microsoft will release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services, and the Download Center.

Non-Security, High-Priority Updates on MU, WU, and WSUS:

For information about non-security releases on Windows Update and
Microsoft
update, please see:
* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
  Article 894199, Description of Software Update Services and
  Windows Server Update Services changes in content for 2008.
  Includes all Windows content.
* http://technet.microsoft.com/en-us/wsus/bb466214.aspx: New,
  Revised, and Released Updates for Microsoft Products Other Than
  Microsoft Windows

Open-source software maker Mozilla announced this week that the company will require developers to undergo training in secure programming and allow the security community to review its assessments of threats to the Firefox browser.

The two initiatives, which follow the group's announcement in July that it has begun developing metrics for measuring its handling of security issues, are aimed at better securing the browser, said Window Snyder, chief security officer for Mozilla. The threat modeling, in particular, could allow the company to gain the input of security researchers and prevent missteps that could result in reduced security, but has to be handled carefully to prevent attackers from using the information for malicious purposes, she said.

http://www.securityfocus.com/brief/788

Adobe has issued a Security Bulletin warning of malware spreading via a fraudulent Flash Player installer. Adobe warns that a worm is making fraudulent posts on social networking sites. These posts include links that lead to fake sites that prompt users to update their versions of Flash Player. If users attempt to use the installer to make the update, malware may be downloaded and installed onto their systems.

US-CERT urges users and administrators to take the following preventative measures to help mitigate the security risks:

• Do not follow unsolicited web links.
• Configure your web browser as described in the Securing Your Web Browser document.
• Install anti-virus software, and keep its virus signature files up-to-date.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

http://www.us-cert.gov/current/index.html#malware_targeting_adobe_flash_player

Apple has released Security Update 2008-005 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to conduct DNS cache poisoning attacks, execute arbitrary code, cause a denial-of-service condition, or access the affected system with elevated privileges. Please note that this update addresses recent issues with weaknesses in common DNS implementations; see Vulnerability Note VU#800113 for additional information.

US-CERT encourages users to review Apple Article HT2647 and apply any necessary updates as soon as possible to help mitigate the risks.

http://www.us-cert.gov/current/index.html#apple_releases_security_update_20081

Issued: August 1, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (954960)
  - Title: Microsoft Windows Server Update Services
    (WSUS) Blocked from Deploying Security Updates
  - http://www.microsoft.com/technet/security/advisory/954960.mspx
  - Revision Note: August 1, 2008: Added Frequently Asked
    Questions entry to communicate re-release of the update to
    fix known installation issue with Windows Server 2008
    systems.