Fri, Dec 12 2008 6:10 Don

Microsoft Security Bulletin Minor Revisions - December 10, 2008

Issued: December 10, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-075 - Critical
  * MS08-071 - Critical
  * MS08-069 - Critical
  * MS08-068 - Important

Bulletin Information:

* MS08-075 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-075.mspx
  - Reason for Revision: V1.1 (December 10, 2008): Corrected registry
    key in Workarounds for Windows Search Parsing Vulnerability -
    CVE-2008-4269 section. 
  - Originally posted: December 9, 2008
  - Updated: December 10, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS08-071 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-071.mspx
  - Reason for Revision: V1.1 (December 10, 2008): Updated the
    Severity Ratings and Vulnerability Identifiers table to list
    the security impact for GDI Heap Overflow Vulnerability -
    CVE-2008-3465 as Remote Code Execution for Microsoft Windows
    2000 Service Pack 4, Windows XP Service Pack 2 and Windows XP
    Service Pack 3, Windows XP Professional x64 Edition and
    Windows XP Professional x64 Edition Service Pack 2, Windows
    Server 2003 Service Pack 1 and Windows Server 2003 Service
    Pack 2, Windows Server 2003 x64 Edition and Windows Server
    2003 x64 Edition Service Pack 2, and Windows Server 2003 with
    SP1 for Itanium-based Systems and Windows Server 2003 with
    SP2 for Itanium-based Systems. 
  - Originally posted: December 9, 2008
  - Updated: December 10, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS08-069 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
  - Reason for Revision: V1.1 (December 10, 2008): Removed the kill
    bit workaround from Workarounds for MSXML DTD Cross-Domain
    Scripting Vulnerability - CVE-2008-4029. Also added a note to
    the Supported Security Update Installation Switches tables
    clarifying that the /overwriteoem installation switch is not
    applicable for Microsoft XML Core Services 4.0 or Microsoft
    XML Core Services 6.0 when installed on Microsoft Windows
    2000 Service Pack 4, Windows XP Service Pack 2, Windows XP
    Professional x64 Edition, Windows XP Professional x64 Edition
    Service Pack 2, Windows Server 2003 Service Pack 1, or
    Windows Server 2003 Service Pack 2. 
  - Originally posted: November 11, 2008
  - Updated: December 10, 2008
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS08-068 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-068.mspx
  - Reason for Revision: V1.2 (December 10, 2008): Added a link to
    Microsoft Knowledge Base Article 957097 under Known Issues in
    the Executive Summary and added a known issues entry to the
    Frequently Asked Questions (FAQ) Related to this Security
    Update section. 
  - Originally posted: November 11, 2008
  - Updated: December 10, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.2

Filed under: