Skip to main content
MSRC

Month Archives: November 2008

MS08-068: SMB credential reflection defense

Tuesday, November 11, 2008

Today Microsoft released a security update, MS08-068, which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of Moderate. This blog post is intended to explain why the issue is less severe on Vista and Windows Server 2008, and provide some additional details to help people determine the risk they face in their environment.

Read More

November 2008 Bulletin Release

Tuesday, November 11, 2008

Hi! This is Tami Gallupe, MSRC Release Manager and I just wanted to give you an update on the two bulletins we released today: • MS08-068: Vulnerability in SMB Could Allow Remote Code Execution (957097). This has a severity rating of Important. • MS08-069: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218).

Read More

November 2008 Advanced Notification

Thursday, November 06, 2008

Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Nov. 11, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.

Read More

Latest on MS08-067

Wednesday, November 05, 2008

Hi, this is Christopher Budd. We’ve been getting some questions from customers this week asking if we’ve seen any changes in the threat environment around MS08-067. We do have some information that we can share so I wanted to pass that along. Most importantly, we continue to see strong deployments of MS08-067.

Read More