NICK ADSL UK
Premium,MVM
join:2004-02-22
4 edits | Microsoft Security Bulletin(s) for October 14 2008
Microsoft Security Bulletin(s) for October 14 2008
Note: There may be latency issues due to replication, if the page does not display keep refreshing
Today Microsoft released the following Security Bulletin(s).
Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
»www.microsoft.com/technet/securi···oct.mspx
Critical (4 )
Microsoft Security Bulletin MS08-060
Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
»go.microsoft.com/fwlink/?LinkId=128125
Microsoft Security Bulletin MS08-058
Cumulative Security Update for Internet Explorer (956390)
»www.microsoft.com/technet/securi···058.mspx
Microsoft Security Bulletin MS08-059
Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
»go.microsoft.com/fwlink/?LinkId=125712
Microsoft Security Bulletin MS08-057
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
»go.microsoft.com/fwlink/?LinkID=124653
Important (6)
Microsoft Security Bulletin MS08-066
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
»go.microsoft.com/fwlink/?LinkId=125709
Microsoft Security Bulletin MS08-061
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
»www.microsoft.com/technet/securi···061.mspx
Microsoft Security Bulletin MS08-062
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
»www.microsoft.com/technet/securi···062.mspx
Microsoft Security Bulletin MS08-063
Vulnerability in SMB Could Allow Remote Code Execution (957095)
»go.microsoft.com/fwlink/?LinkID=127994
Microsoft Security Bulletin MS08-064
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
»www.microsoft.com/technet/securi···064.mspx
Microsoft Security Bulletin MS08-065
Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)
»www.microsoft.com/technet/securi···065.mspx
Moderate (1)
Microsoft Security Bulletin MS08-056
Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
»go.microsoft.com/fwlink/?LinkId=128145
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security
|
|
lilhurricane
Late Oktoberfest
Premium,Mod
join:2003-01-11
Purple Zone
clubs:  | Much obliged, Nick.  |
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
| Your very welcome 
TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)
Event ID: 1032374639
Language(s): English.
Product(s): Security.
Audience(s): IT Professional.
Duration: 60 Minutes
Start Date: Wednesday, October 15, 2008 11:00 AM Pacific Time (US & Canada)
Event Overview
On October 14, 2008, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the October security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.
Presenters: Christopher Budd, Security Response Communications Lead, Microsoft Corporation and Adrian Stone, Lead Security Program Manager, Microsoft Corporation
Register now for the October security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security
|
|
NICK ADSL UK
Premium,MVM
join:2004-02-22
| reply to NICK ADSL UK
Malicious Software Removal Tool
Published: January 11, 2005 | Updated: October 14, 2008
New Additions
We have added detection and cleaning capabilities for the following malicious software:
• Rustock
»go.microsoft.com/fwlink/?linkid=···/Rustock
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security
|
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA | reply to NICK ADSL UK
Thanks Nick! |
|
DrDemento
join:2005-07-25
Brick, NJ | reply to NICK ADSL UK
7 updates here for XP Pro and XP Home machines-all installed and no problems so far.Thanks Nick |
|
Babar
Premium
join:2001-05-09
Washington | reply to NICK ADSL UK
Thanks, Nick!
|
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH | reply to NICK ADSL UK
Thank you for sure. |
|
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
| reply to NICK ADSL UK
Installed 10 updates for 32 bit Vista SP1 on 2 machines no problems.
|
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
 ·Bell Sympatico
·Cogeco Cable
1 edit | reply to NICK ADSL UK
Thanks Nick 6 updates for my Windows XP Pro SP3, 1 update for my Microsoft Office 2002 and the MSRT for Oct 2008. |
|
Thane_Bitter
join:2005-01-20
London, ON | reply to NICK ADSL UK
Thank you Nick, forgot all about 'fix Tuesday'.
--
...A bitter ray of sunshine |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ | reply to NICK ADSL UK
Will go back and try later. Everybody and their mother's uncle are trying at this point so patience is now going to be my virtue. Thanks, Nick. I'll ride it out for a bit and try again later. |
|
Pole883
Premium
join:2004-01-27
Schenectady, NY |  reply to NICK ADSL UK
Thanks NICK!! |
|
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
| reply to NICK ADSL UK
said by dadkins  :Thanks Nick! Yeah, what he said.
--
I had a life once.....now I have a Computer and a Modem. |
|
redwolfe_98
join:2001-06-11
·RoadRunner Cable
2 edits | reply to NICK ADSL UK
edit: i should have said.. "with the latest cumulative update for IE 6, according to "secuniai", the formerly outstanding vulnerabilities in IE 6, that i was concerned about, have been patched".. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to NICK ADSL UK
This has turned into a nightmare. IE6 is borked. So is Firefox. I installed all six one by one after downloading to disk. I had to reboot after EVERY ONE of them...six reboots. Never had to do that before. These were all MAJOR otherwise no reboots every after one of them. After three, I surfed for a while and things seemed alright. I had not yet installed the Cumulative IE one. I left it for last.
So, I did the last three and IE could not surf. It got to dslreports and then could not navigate here. Task Manager showed it rapidly rising in the large amount of RAM it was using. So, I did a System Restore to the point just before I installed the IE Cumulative update. Good, I can surf again on IE. So, I minimize it and open Fx. Geez...why is my computer so sluggish? Fx loads nine tabs. I open Task Manager and IE, which is minimized, is using almost 200,000k RAM and that is rising rapidly. Fx is using 465,000k, RAM.
So, it wasn't the IE cumulative update that is the problem. What a MESS. IE and Fx were both fine before I installed these patches. I should have known with each one requiring a reboot that there could be serious issues.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
daveinpoway
Premium
join:2006-07-03
Poway, CA
| When I installed the 7 updates to XP Pro, SP3, I told the Microsoft updater to do the job. It downloaded and installed them all, and then told me I needed to reboot only once (after everything was installed). I am using IE7, and it seems OK after the updates. |
|
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
| reply to Mele20
said by daveinpoway :When I installed the 7 updates to XP Pro, SP3, I told the Microsoft updater to do the job. It downloaded and installed them all, and then told me I needed to reboot only once (after everything was installed). I am using IE7, and it seems OK after the updates. Same here.
I had 9 updates (7 for XP Pro SP3, and 2 for Office).
I have auto updates turned off, but I use the Microsoft update site manually.
I wasn't required to reboot until all 9 updates were downloaded and installed.
One reboot, and everything is fine here.
Sorry Mele....just don't know what to tell you, or why you are having problems with these patches.
--
I had a life once.....now I have a Computer and a Modem. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
1 edit | reply to daveinpoway
IE seems ok now. I closed Fx and restarted IE and it is not using excessive RAM now. But I found two web sites where I cannot type anything. I don't use IE much so I don't know if that problem was there before these updates or not. I am using IE6 here and typing this on IE so it may be coincidence that I found two sites just now where I can't type on IE.
I'm going to watch it...it is gradually using more RAM...started out low and now at 85000k for IE6? For a non-tabbed browser that seems a bit much but I don't generally watch IE RAM usage when I use it, which is not often, so maybe this is normal.
I was wondering if Microsoft is trying to discourage people from getting the patches from MS Download site instead of via WU/MU or automatic updates. A good way to discourage would be to say that every patch needs a reboot. I could have delayed the reboots until I installed all the patches but I don't think that is a good idea when the installer says a reboot is needed I don't think it should be delayed.
Fx needs to be retired. But it was not using anything like this huge amount of RAM with just a few tabs open until now after these patches. I opened it with one tab only and it is using 490000k so I have to say goodbye to 1.5 I guess and install Fx3. It's probably my profile, which is very old, causing the problem, but I need to give up Fx 1.5 anyway so no point in creating a new profile which might fix the RAM issue. I started Fx in Safe Mode and it is ok there so its either an extension or a very tired Profile causing the excessive memory usage and I think one of the patches affected it too since it was not using near that much memory earlier today.
I have to call Microsoft back about my IE8 problems on Vista so I guess I will also call about IE6 and KB956390.
Yep, after System Restore, IE is fine as when I minimize it memory usage drops way down and only very gradually grows when I start using it again.
EDIT: I solved the Fx excessive RAM usage problem. It had every extension I have ever tried turned on! TWO Phorm extensions were turned on!!! Plus, Firekeeper was on! Just one of those could have caused the problems and there were THREE running. Poor thing. No wonder it was having so many problems. I can't believe it. It didn't occur to me to check the extensions. I've never had them turn on by themselves like that before. 
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31 | reply to NICK ADSL UK
Thanks Nick.
All is well after 1 reboot. |
|
