Microsoft Security Bulletin(s) for December 9 2008

Microsoft Security Bulletin(s) for December 9 2008

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx

Critical (6 )

Microsoft Security Bulletin MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
http://www.microsoft.com/technet/security/Bulletin/ms08-071.mspx

Microsoft Security Bulletin MS08-075 – Critical
Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)
http://www.microsoft.com/technet/security/Bulletin/ms08-075.mspx

Microsoft Security Bulletin MS08-073 - Critical
Cumulative Security Update for Internet Explorer (958215)
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx

Microsoft Security Bulletin MS08-070 - Critical
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)
http://www.microsoft.com/technet/security/Bulletin/ms08-070.mspx

Microsoft Security Bulletin MS08-072 - Critical
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx

Microsoft Security Bulletin MS08-074 - Critical
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx

Important (2)

Microsoft Security Bulletin MS08-077 - Important
Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
http://www.microsoft.com/technet/security/bulletin/ms08-077.mspx

Microsoft Security Bulletin MS08-076 – Important
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Microsoft Security Bulletin Advance Notification for December 2008
Published: December 16, 2008

Microsoft Security Bulletin Advance Notification issued: December 16, 2008
Microsoft Security Bulletins to be issued: December 17, 2008

This is an advance notification of an out-of-band security bulletin that Microsoft is intending to release on December 17, 2008.

This bulletin advance notification will be replaced with the revised December bulletin summary on December 17, 2008. The revised bulletin summary will include the out-of-band security bulletin as well as the security bulletins already released on December 9, 2008.

From me this is a critical update involving INTERNET explorer. The update when released will be posted here as usual.

 

TechNet Webcast: Information About Microsoft December Out-of-Band Security Bulletin
Event ID: 1032399448


Language(s): English.
Product(s): Security.
Audience(s): IT Professional.


Duration: 60 Minutes
Start Date: Wednesday, December 17, 2008 1:00 PM Pacific Time (US & Canada)



Event Overview

On December 17, 2008, Microsoft will release an out-of-band security bulletin. Join us for a brief overview of the technical details of the security bulletin. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletin and getting answers from our security experts.

Presenters: Christopher Budd, Security Response Communications Lead, Microsoft Corporation, and Adrian Stone, Lead Security Program Manager, Microsoft Corporation


Register Online
Owing to the importance of this update 2 special webcast's will be broadcast so do please register if you wish to get involved. For December the 17th web cast you can register here
http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US

And for Thursday the 18th webcast registration can be found here
Start Date: Thursday, December 18, 2008 11:00 AM Pacific Time (US & Canada)
http://msevents.microsoft.com/CUI/W...&EventCategory=4&culture=en-US&CountryCode=US

 

Download urgent security update for Internet Explorer

Today Microsoft released an urgent security update for Windows Internet Explorer. Because the flaw may expose computers to remote code execution, the severity rating for this security update is critical.

From the moment we learned of the issue, Microsoft has been working around the clock to respond to this situation and provide a security update that helps protect our customers.

If you have turned on Automatic Updates, your computer will install the security update automatically. If you don't use Automatic Updates, go to http://update.microsoft.com. This update might cause your computer to restart.