Microsoft Security Bulletin(s) for October 14 2008 in Security

Microsoft Security Bulletin(s) for October 14 2008 in Security http://www.dslreports.com/forum/r21264675 en Thu, 10 Dec 2009 22:09:24 EDT Thu, 10 Dec 2009 22:09:24 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21310133 Libra : Hi Mele,
I hope you're doing well. :)

I just came across an Application Compatibility Blog which indicates there are serious compatibility problems with MS08-085 and Java. It's here:

»aokcompat.blogspot.com/2008/10/m···008.html

I updated the computer first and afterwards installed the new Java 6_Update 10 without any problems so far.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,21310133 Wed, 22 Oct 2008 18:54:40 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21304403 NICK ADSL UK : Your all very welcome :)]]> http://www.dslreports.com/forum/remark,21304403 Tue, 21 Oct 2008 18:15:25 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21304205 Curley : Thank you Nick, installed ok with no problems. :)]]> http://www.dslreports.com/forum/remark,21304205 Tue, 21 Oct 2008 17:42:03 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21300165 La Luna : Thank you Nick!! :)]]> http://www.dslreports.com/forum/remark,21300165 Mon, 20 Oct 2008 23:30:59 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21299323 Libra : Thank you, Nick.

On XPHomesp2 I installed seven updates (including the Malicious software removal tool) and all seems well.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,21299323 Mon, 20 Oct 2008 20:40:57 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21273148 NICK ADSL UK : October 2008 Security Release ISO Image
Brief Description
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on October 14th, 2008.

Overview
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on October 14th, 2008. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

Important: Be sure to check the individual security bulletins at »www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

»www.microsoft.com/downloads/deta···yLang=en
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21273148 Wed, 15 Oct 2008 19:00:16 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269568 Mele20 : This was IE Cumulative Update that is causing the problem. That one is needed. It is not the first time that an IE cumlative update has caused me a problem. Yes, some of the others were rather obscure and I don't install all updates but I did these. I read each Technet bulletin and KB article and I felt I needed them.

As for waiting to reboot, I do not believe that is sound thinking. Microsoft either is trying to discourage folks from updating via MS Download site or each of those really did need a reboot after each install. It is one or the other. I've been doing patches this way for many years. I have not visited WU since ver 4 around 2004 I guess. This is the first time I have done the monthly patches and had every one of the require a reboot. There is something distinctly odd about these patches this month.

Silverlight I had problems with on a virtual machine running XP Pro. A mess there. But on Vista Ultimate on a virtual machine it installed just fine and I really like it. It uses a LOT of RAM though and on videos with audio there is no synchronization of sound and video. I was looking at the Hard Rock Cafe memorabilia and zooming in on a tiny detail on some rock singer's gorgeous shirt...it was neat but wow, it was using 100% CPU on that virtual machine. I have not installed it on my host machine.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason]]> http://www.dslreports.com/forum/remark,21269568 Wed, 15 Oct 2008 07:58:34 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269528 anon :

said by Mele20

:

I was wondering if Microsoft is trying to discourage people from getting the patches from MS Download site instead of via WU/MU or automatic updates. A good way to discourage would be to say that every patch needs a reboot.

Stop wondering.
There are many more effective ways to accomplish that goal if Microsoft Corp. were interested.

One patch, one reboot.
The way things should be, and the way they've been since the annals of time began.

If you don't want to reboot after each one, select 'Don't restart now' in the options box, then reboot once after all patches are installed.
How tough can that be?

Several of these patches require special circumstances-- local log-on privileges, Internet file & printer sharing enabled, and what-not.
I don't need those, given my situation and machine configuration.
When I don't need particular patches, they don't get installed. Cuts down on correlated issues.

Installed Silverlight lately, btw? Microsoft Corp. seems to believe that you, I, and we should.]]> http://www.dslreports.com/forum/remark,21269528 Wed, 15 Oct 2008 07:44:14 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269433 Grail Knight : Thanks Nick.

All is well after 1 reboot.]]> http://www.dslreports.com/forum/remark,21269433 Wed, 15 Oct 2008 06:48:20 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269383 Mele20 : IE seems ok now. I closed Fx and restarted IE and it is not using excessive RAM now. But I found two web sites where I cannot type anything. I don't use IE much so I don't know if that problem was there before these updates or not. I am using IE6 here and typing this on IE so it may be coincidence that I found two sites just now where I can't type on IE.

I'm going to watch it...it is gradually using more RAM...started out low and now at 85000k for IE6? For a non-tabbed browser that seems a bit much but I don't generally watch IE RAM usage when I use it, which is not often, so maybe this is normal.

I was wondering if Microsoft is trying to discourage people from getting the patches from MS Download site instead of via WU/MU or automatic updates. A good way to discourage would be to say that every patch needs a reboot. I could have delayed the reboots until I installed all the patches but I don't think that is a good idea when the installer says a reboot is needed I don't think it should be delayed.

Fx needs to be retired. But it was not using anything like this huge amount of RAM with just a few tabs open until now after these patches. I opened it with one tab only and it is using 490000k so I have to say goodbye to 1.5 I guess and install Fx3. It's probably my profile, which is very old, causing the problem, but I need to give up Fx 1.5 anyway so no point in creating a new profile which might fix the RAM issue. I started Fx in Safe Mode and it is ok there so its either an extension or a very tired Profile causing the excessive memory usage and I think one of the patches affected it too since it was not using near that much memory earlier today.

I have to call Microsoft back about my IE8 problems on Vista so I guess I will also call about IE6 and KB956390.

Yep, after System Restore, IE is fine as when I minimize it memory usage drops way down and only very gradually grows when I start using it again.

EDIT: I solved the Fx excessive RAM usage problem. It had every extension I have ever tried turned on! TWO Phorm extensions were turned on!!! Plus, Firekeeper was on! Just one of those could have caused the problems and there were THREE running. Poor thing. No wonder it was having so many problems. I can't believe it. It didn't occur to me to check the extensions. I've never had them turn on by themselves like that before. :D
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason]]> http://www.dslreports.com/forum/remark,21269383 Wed, 15 Oct 2008 06:05:34 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269372 jabarnut :

said by daveinpoway

:

When I installed the 7 updates to XP Pro, SP3, I told the Microsoft updater to do the job. It downloaded and installed them all, and then told me I needed to reboot only once (after everything was installed). I am using IE7, and it seems OK after the updates.

Same here.
I had 9 updates (7 for XP Pro SP3, and 2 for Office).
I have auto updates turned off, but I use the Microsoft update site manually.

I wasn't required to reboot until all 9 updates were downloaded and installed.
One reboot, and everything is fine here.
Sorry Mele....just don't know what to tell you, or why you are having problems with these patches.
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,21269372 Wed, 15 Oct 2008 05:57:44 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269336 daveinpoway : When I installed the 7 updates to XP Pro, SP3, I told the Microsoft updater to do the job. It downloaded and installed them all, and then told me I needed to reboot only once (after everything was installed). I am using IE7, and it seems OK after the updates.]]> http://www.dslreports.com/forum/remark,21269336 Wed, 15 Oct 2008 05:31:19 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21269307 Mele20 : This has turned into a nightmare. IE6 is borked. So is Firefox. I installed all six one by one after downloading to disk. I had to reboot after EVERY ONE of them...six reboots. Never had to do that before. These were all MAJOR otherwise no reboots every after one of them. After three, I surfed for a while and things seemed alright. I had not yet installed the Cumulative IE one. I left it for last.

So, I did the last three and IE could not surf. It got to dslreports and then could not navigate here. Task Manager showed it rapidly rising in the large amount of RAM it was using. So, I did a System Restore to the point just before I installed the IE Cumulative update. Good, I can surf again on IE. So, I minimize it and open Fx. Geez...why is my computer so sluggish? Fx loads nine tabs. I open Task Manager and IE, which is minimized, is using almost 200,000k RAM and that is rising rapidly. Fx is using 465,000k, RAM.

So, it wasn't the IE cumulative update that is the problem. What a MESS. IE and Fx were both fine before I installed these patches. I should have known with each one requiring a reboot that there could be serious issues.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason

]]> http://www.dslreports.com/forum/remark,21269307 Wed, 15 Oct 2008 04:49:34 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21267092 redwolfe_98 : edit: i should have said.. "with the latest cumulative update for IE 6, according to "secuniai", the formerly outstanding vulnerabilities in IE 6, that i was concerned about, have been patched".. :) ]]> http://www.dslreports.com/forum/remark,21267092 Tue, 14 Oct 2008 19:41:21 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21266171 jabarnut :

said by dadkins

:

Thanks Nick! :)

Yeah, what he said. ;)
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,21266171 Tue, 14 Oct 2008 17:08:12 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21266047 Pole883 : ;)

Thanks NICK!!]]> http://www.dslreports.com/forum/remark,21266047 Tue, 14 Oct 2008 16:46:58 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265515 jaykaykay : Will go back and try later. Everybody and their mother's uncle are trying at this point so patience is now going to be my virtue. Thanks, Nick. I'll ride it out for a bit and try again later.]]> http://www.dslreports.com/forum/remark,21265515 Tue, 14 Oct 2008 15:24:46 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265450 Thane_Bitter : Thank you Nick, forgot all about 'fix Tuesday'. :)
--
...A bitter ray of sunshine]]> http://www.dslreports.com/forum/remark,21265450 Tue, 14 Oct 2008 15:15:43 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265262 MarkAW : Thanks Nick 6 updates for my Windows XP Pro SP3, 1 update for my Microsoft Office 2002 and the MSRT for Oct 2008.

]]> http://www.dslreports.com/forum/remark,21265262 Tue, 14 Oct 2008 14:46:08 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265261 TKJunkMail : Installed 10 updates for 32 bit Vista SP1 on 2 machines no problems.
[att=1]

]]> http://www.dslreports.com/forum/remark,21265261 Tue, 14 Oct 2008 14:45:41 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265122 MagMan : Thank you for sure.]]> http://www.dslreports.com/forum/remark,21265122 Tue, 14 Oct 2008 14:19:45 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265095 Babar : Thanks, Nick!

:)]]> http://www.dslreports.com/forum/remark,21265095 Tue, 14 Oct 2008 14:14:02 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21265081 DrDemento : 7 updates here for XP Pro and XP Home machines-all installed and no problems so far.Thanks Nick]]> http://www.dslreports.com/forum/remark,21265081 Tue, 14 Oct 2008 14:11:04 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21264752 dadkins : Thanks Nick! :)]]> http://www.dslreports.com/forum/remark,21264752 Tue, 14 Oct 2008 13:23:32 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21264735 NICK ADSL UK : Malicious Software Removal Tool
Published: January 11, 2005 | Updated: October 14, 2008

New Additions
We have added detection and cleaning capabilities for the following malicious software:

• Rustock

»go.microsoft.com/fwlink/?linkid=···/Rustock
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21264735 Tue, 14 Oct 2008 13:20:26 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21264707 NICK ADSL UK : Your very welcome ;)

TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)
Event ID: 1032374639

Language(s): English.
Product(s): Security.
Audience(s): IT Professional.

Duration: 60 Minutes
Start Date: Wednesday, October 15, 2008 11:00 AM Pacific Time (US & Canada)

Event Overview

On October 14, 2008, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the October security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

Presenters: Christopher Budd, Security Response Communications Lead, Microsoft Corporation and Adrian Stone, Lead Security Program Manager, Microsoft Corporation

Register now for the October security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21264707 Tue, 14 Oct 2008 13:17:25 EDT Re: Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21264681 lilhurricane : Much obliged, Nick. :)]]> http://www.dslreports.com/forum/remark,21264681 Tue, 14 Oct 2008 13:12:21 EDT Microsoft Security Bulletin(s) for October 14 2008 http://www.dslreports.com/forum/remark,21264675 NICK ADSL UK : Microsoft Security Bulletin(s) for October 14 2008

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»www.microsoft.com/technet/securi···oct.mspx

Critical (4 )

Microsoft Security Bulletin MS08-060
Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
»go.microsoft.com/fwlink/?LinkId=128125

Microsoft Security Bulletin MS08-058
Cumulative Security Update for Internet Explorer (956390)
»www.microsoft.com/technet/securi···058.mspx

Microsoft Security Bulletin MS08-059
Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
»go.microsoft.com/fwlink/?LinkId=125712

Microsoft Security Bulletin MS08-057
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
»go.microsoft.com/fwlink/?LinkID=124653

Important (6)

Microsoft Security Bulletin MS08-066
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
»go.microsoft.com/fwlink/?LinkId=125709

Microsoft Security Bulletin MS08-061
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
»www.microsoft.com/technet/securi···061.mspx

Microsoft Security Bulletin MS08-062
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
»www.microsoft.com/technet/securi···062.mspx

Microsoft Security Bulletin MS08-063
Vulnerability in SMB Could Allow Remote Code Execution (957095)
»go.microsoft.com/fwlink/?LinkID=127994

Microsoft Security Bulletin MS08-064
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
»www.microsoft.com/technet/securi···064.mspx

Microsoft Security Bulletin MS08-065
Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)
»www.microsoft.com/technet/securi···065.mspx

Moderate (1)

Microsoft Security Bulletin MS08-056
Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
»go.microsoft.com/fwlink/?LinkId=128145

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21264675 Tue, 14 Oct 2008 13:11:28 EDT