January 2008 - Posts
Microsoft's Jeff Jones released the 1 year vulnerability report for Windows Vista.
This paper analyzes the vulnerability disclosures and security updates for the first year of Windows Vista and looks at it in the context of its predecessor, Windows XP, along with other modern workstation operating systems Red Hat, Ubuntu and Apple products.
Full report at: TechNet
See also Jeff Jones' blog
And: Windows Vista Security blog
McAfee not doing so well, Microsoft doing okay. Check out Alex Eckelberry, from Sunbelt, blog with the latest results from Andreas Marx of Av-Test.org. Links to PDF files with the results in the article.
Vulnerability in Microsoft Excel Could Allow Remote Code Execution
Published: January 15, 2008 | Updated: January 16, 2008
Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac. At this time, Microsoft's initial investigation indicates that customers who are using Microsoft Office Excel 2007 or Microsoft Excel 2008 for Mac, or who have installed Microsoft Office Excel 2003 Service Pack 3 are not affected by this vulnerability.
See advisory at: TechNet
Check for the latest Office software at: Microsoft Office Update
Or: Microsoft Update
From: Lone Server
Once he was famous... Windows Server 2003. Now slowly replaced by Windows Server 2008. But there's one left... the Lone Server...
a short version (1:58):
a long version (3:14):
HeroesHappenHere, the official launch site for Windows Server 2008, Visual Studio 2008 and SQL Server 2008, is also available now.
Today, Microsoft released two security updates:
- MS08-001 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)
- MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)
A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.
See also: MRSC: January 2008 Monthly Release.