Microsoft Security Bulletin Advance Notification for October 2008

Thursday, October 09, 2008 2:17 PM Don

Microsoft Security Bulletin Advance Notification for October 2008

Issued: October 9, 2008

This is an advance notification of security bulletins that
Microsoft is intending to release on October 9, 2008.

The full version of the Microsoft Security Bulletin Advance
Notification for October 2008 can be found at
http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx.

This bulletin advance notification will be replaced with the
October bulletin summary on October 14, 2008. For more information
about the bulletin advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.

To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, October 15, 2008,
at 11:00 AM Pacific Time (US & Canada). Register for the October
Security Bulletin Webcast at
http://www.microsoft.com/technet/security/bulletin/summary.mspx.

Microsoft also provides information to help customers prioritize
monthly security updates with any non-security, high-priority
updates that are being released on the same day as the monthly
security updates. Please see the section, Other Information.

This advance notification provides the software subject as the
bulletin identifier, because the official Microsoft Security
Bulletin numbers are not issued until release. The bulletin summary
that replaces this advance notification will have the proper
Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the
bulletin identifier. The security bulletins for this month are as
follows, in order of severity:

Critical Security Bulletins

AD Bulletin

- Affected Software:
    - Active Directory on Microsoft Windows 2000 Server
      Service Pack 4

    - Impact: Remote Code Execution
    - Version Number: 1.0

IE Bulletin

- Affected Software:
    - Internet Explorer 5.01 Service Pack 4 on
      Microsoft Windows 2000 Service Pack 4
    - Internet Explorer 6 Service Pack 1 when installed on
      Microsoft Windows 2000 Service Pack 4
    - Internet Explorer 6 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 6 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 7 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 in
      Windows Vista and
      Windows Vista Service Pack 1
    - Internet Explorer 7 in
      Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Internet Explorer 7 in
      Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 7 in
      Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 7 in
      Windows Server 2008 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

HIS Bulletin

- Affected Software:
    - Microsoft Host Integration Server 2000 Service Pack 2 (Server)
    - Microsoft Host Integration Server 2000 Administrator Client
    - Microsoft Host Integration Server 2004 (Server)
    - Microsoft Host Integration Server 2004 Service Pack 1 (Server)
    - Microsoft Host Integration Server 2004 (Client)
    - Microsoft Host Integration Server 2004 Service Pack 1 (Client)
    - Microsoft Host Integration Server 2006 for 32-bit Systems
    - Microsoft Host Integration Server 2006 for 64-bit Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

Excel Bulletin

- Affected Software:
    - Microsoft Office Excel 2000 Service Pack 3
    - Microsoft Office Excel 2002 Service Pack 3
    - Microsoft Office Excel 2003 Service Pack 2
    - Microsoft Office Excel 2003 Service Pack 3
    - Microsoft Office Excel 2007
    - Microsoft Office Excel 2007 Service Pack 1
    - Microsoft Office 2004 for Mac
    - Microsoft Office 2008 for Mac
    - Open XML File Format Converter for Mac
    - Microsoft Office Excel Viewer 2003
    - Microsoft Office Excel Viewer 2003 Service Pack 3
    - Microsoft Office Excel Viewer
    - Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats
    - Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats Service Pack 1
    - Microsoft Office SharePoint Server 2007
    - Microsoft Office SharePoint Server 2007 Service Pack 1
    - Microsoft Office SharePoint Server 2007 x64 Edition
    - Microsoft Office SharePoint Server 2007 x64 Edition
      Service Pack 1

    - Impact: Remote Code Execution
    - Version Number: 1.0

Important Security Bulletins

Windows 1 Bulletin

- Affected Software:
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems

    - Impact: Elevation of Privilege
    - Version Number: 1.0

Windows 2 Bulletin

- Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Elevation of Privilege
    - Version Number: 1.0

Windows 3 Bulletin

- Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

Windows 4 Bulletin

- Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

Windows 5 Bulletin

- Affected Software:
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Elevation of Privilege
    - Version Number: 1.0

Windows 6 Bulletin

- Affected Software:
    - Microsoft Windows 2000 Service Pack 4

    - Impact: Remote Code Execution
    - Version Number: 1.0

Moderate Security Bulletins

Office Bulletin

- Affected Software:
    - Microsoft Office XP Service Pack 3

    - Impact: Remote Code Execution
    - Version Number: 1.0

Other Information

Microsoft Windows Malicious Software Removal Tool:

Microsoft will release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services, and the Download Center.

Non-Security, High-Priority Updates on MU, WU, and WSUS:

For information about non-security releases on Windows Update and Microsoft
update, please see:
* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
Article 894199, Description of Software Update Services and
Windows Server Update Services changes in content for 2008.
Includes all Windows content.
* http://technet.microsoft.com/en-us/wsus/bb466214.aspx: New,
Revised, and Released Updates for Microsoft Products Other Than
Microsoft Windows

Filed under: Advisories / Bulletins

DP's Security Bits

Search

Tags

News

Community

Syndication

Archives

Links of Interest

Microsoft

Microsoft Security Bulletin Advance Notification for October 2008