MVP Jubo Security Blog

Microsoft Security Bulletin Summary for November 2008

On November 11th Microsoft released another few security updates. This time, according to the security bulletin, 1 “critical” and 1 “important” update. But, depending on your configuration, there can be more. See also the “New, Revised, and Released Updates for Microsoft Products Other Than Microsoft Windows”, and, of course, there’s always the Microsoft Windows Malicious Software Removal Tool.

Critical:

• MS08-069 - Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Important:

• MS08-068 - Vulnerability in SMB Could Allow Remote Code Execution (957097)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.

Support:

• Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also MSRC blog: November 2008 Bulletin Release and for a more details regarding the MS08-068 SMB Credential issue, see the Security Vulnerability Research & Defense blog.

Updated all the machines I maintained and so far no issues here… Have a wonderful day!