: skip to content : Home : Uni : Students : Research : Community : News : Events
150 years of Achievement: image of university student
Faculties : A-Z Directory : Library
  • IT Security Links
    • University IT Security Alerts
-----------

ITSS-Advisory : MEDIUM : Microsoft : Various Products : Remote Code Execution

THREAT LEVEL
============
Medium.

INFORMATION
===========
Microsoft has released 4 bulletins in the scheduled update publication
for September 2008. They are summarised as follows


MS08-055 - Vulnerability in Microsoft Office
--------------------------------------------
Rating: Critical
Impact: Remote Code Execution
Link: http://www.microsoft.com/technet/security/Bulletin/MS08-055.mspx
Known Issues: None
Affected:
- Microsoft Office versions: XP SP3, 2003 SP2, 2003 SP3
- Microsoft Office System versions: 2007, 2007 SP1
- Microsoft Office OneNote 2007 versions: 2007, 2007 SP1
Not Affected:
- Microsoft Office versions: 2000 SP3, 2004 for Mac, 2008 for Mac
- Microsoft Office OneNote versions: 2003 SP2, 2003 SP3
- Microsoft Visual Studio versions: 2008, 2008 SP1
- Microsoft Expression versions: Web, Web 2

MS08-054 - Vulnerability in Windows Media Player
------------------------------------------------
Rating: Critical
Impact: Remote Code Execution
Link: http://www.microsoft.com/technet/security/Bulletin/MS08-054.mspx
Known Issues: None
Affected: Windows Media Player 11
Not Affected: Windows Media Player versions: 6.4, 7.1, 9, 10

MS08-053 - Vulnerability in Windows Media Encoder 9
---------------------------------------------------
Rating: Critical
Impact: Remote Code Execution
Link: http://www.microsoft.com/technet/security/Bulletin/MS08-053.mspx
Known Issues: None
Not Affected: Windows Media Encoder 9 Series running on:
- Windows Server (Itanium-based) versions: 2003 SP1, 2003 SP2, 2008
Affected: Windows Media Encoder versions: 9 Series, x64 edition runnning
on other Windows Operating Systems.

MS08-052 - Vulnerabilities in GDI+
----------------------------------
Rating: Critical
Impact: Remote Code Execution
Link: http://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx
Known Issues: http://support.microsoft.com/kb/954593
Platforms Affected and Not Affected: Various combinations of Windows
Operating Systems and software components are listed. Please refer to
the web page on this bulletin for details.

ACTION
======
Administrators of affected computers are advised to review the bulletins,
test and apply relevant updates.

Computers in the testbed will have the patches applied immediately, and their
performance will be monitored. The effects of the patches on these computers
will be sent to its-announce@unimelb.edu.au by early afternoon on Fri 12 Sep 08.
top of page

Contact Us : Disclaimer & Copyright : Privacy