Thursday, July 10, 2008
Hello, This is Christopher Budd. I wanted to take a moment and let you know about a revision that we’ve made to MS08-037 today. After the release of MS08-037, we became aware of reports of ZoneAlarm customers experiencing issues after applying the security updates. We started investigating these reports as soon as we heard about them and have been working to research this issue.
Thursday, July 10, 2008
Hi. Bill here. I want to let you know that customers running Windows Server Update Services 3.0 Service Pack 1 on Windows Server 2008 may experience an issue installing the update provided in Microsoft Knowledge Base Article 954960. The update does not correctly elevate privileges, which are required for the installation to complete.
Wednesday, July 09, 2008
小野寺です。 7 月のワンポイントセキュリティを公開しました。 2008 年 7 月のワンポイントセキュリティ情報は、
Wednesday, July 09, 2008
Hi. Bill here. I want to let you know that we updated Microsoft Security Advisory 954960, which contains information regarding deployment issues with Microsoft Windows Server Update Services (WSUS) version 3.0 and 3.0 Service Pack 1. Under specific conditions, the issue does not let clients detect any updates from a WSUS server on systems with Microsoft Office 2003 installed.
Tuesday, July 08, 2008
小野寺です 今月は、事前通知でお伝えしていたとおり 計 4 件 (重要 4 件)を公開しました。 MS08-037 (DNS): DNS クライアント
Tuesday, July 08, 2008
We released security bulletin MS08-020 two months ago to improve the DNS transaction ID entropy. You can read more about the MS08-020 algorithm change in this blog entry. Increasing the entropy makes it more difficult for attackers to spoof DNS replies. Today, we released MS08-037 to further increase the difficulty of spoofing DNS transactions.
Tuesday, July 08, 2008
Today we released MS08-039 which addressed several XSS vulnerabilities in Microsoft Exchange’s Outlook Web Access component. While this is an update to be applied to the Exchange server, the clients who use OWA are the computers potentially at risk. We’d like to explain a little more about the vulnerability so that you can determine whether you or your organization are at risk.
Tuesday, July 08, 2008
Today we released MS08-040 to patch several vulnerabilities in the SQL Server Database Engine; one of them involves the SQL Server backup file format. The format is also known as MTF (Microsoft Tape Format). The vulnerability requires an attacker to be able to force the SQL Server to load a malicious MTF file from the local drive or from the network.
Tuesday, July 08, 2008
Hello, Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (953635). This advisory contains information regarding a new public report of a possible vulnerability within Microsoft Office Word which could allow for remote code execution. Our investigation thus far has shown that this vulnerability affects Microsoft Office Word 2002 Service Pack 3 only.
Tuesday, July 08, 2008
Hi, Simon here again – I just wanted to follow up on the SQL update detection issue I mentioned below. We’ve released updated WU/MU detection and an updated WSUS catalog to resolve this issue. Cheers, Simon Release Manager, MSRC July 2008 Monthly Bulletin Release I’m Simon, Release Manager in the MSRC.
