Microsoft Security Bulletin(s) for December 9, 2008 in Security

Microsoft Security Bulletin(s) for December 9, 2008 in Security http://www.dslreports.com/forum/r21553078 en Wed, 02 Dec 2009 22:08:59 EDT Wed, 02 Dec 2009 22:08:59 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21575611 anon : After installing the windows update activex control, I now see a new file "WUWebControl Class" listed in the "Downloaded Program Files" folder. Did anyone else have to install this update during this months patches? :hmm:]]> http://www.dslreports.com/forum/remark,21575611 Sat, 13 Dec 2008 10:47:35 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21574020 Fat City : Installed KB952069 on XP Pro SP3. After a reboot, Automatic Updates prompts me to install it again, even though it shows up as successfully installed in my Update History.

Anyone else have this problem, or better yet, a solution?]]> http://www.dslreports.com/forum/remark,21574020 Fri, 12 Dec 2008 22:01:27 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21571893 redxii : It's an update for Windows Update.]]> http://www.dslreports.com/forum/remark,21571893 Fri, 12 Dec 2008 15:34:35 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21571806 anon : Just went to windows update on my xp sp2 machine, and I got a pop-up window to install a program with the name "windows update", and publisher "Microsoft Windows Component Publisher". Anyone know what this thing is all about, and whether I should install it or not?]]> http://www.dslreports.com/forum/remark,21571806 Fri, 12 Dec 2008 15:18:23 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21566738 NICK ADSL UK : December 2008 Security Release ISO Image
Brief Description
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on December 9th, 2008.

»www.microsoft.com/downloads/deta···yLang=en
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21566738 Thu, 11 Dec 2008 17:57:20 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21564937 MarkAW : OK thanks dp

. :)]]> http://www.dslreports.com/forum/remark,21564937 Thu, 11 Dec 2008 12:43:25 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21564291 altermatt : Two questions that came up with this month's foray:
1. Once again, I get a notice that it has to "update windows" first (which I recall in the past was the WGA) which I have to allow in order to continue. Why does this keep happening?
2. Someone (I believe it was OZO) posted a great WU.bat script that turns on auto updates and BITS temporarily so you can run MU, and then turns them back off. It works great on XP, but now friends and family are moving to Vista (yeah, yeah). Anything like it for Vista? Many, like me, don't want to run AU.
--
The truth of a thing is the feel of it, not the think of it. -- Stanley Kubrick]]> http://www.dslreports.com/forum/remark,21564291 Thu, 11 Dec 2008 10:43:10 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21563726 mikefxu :

said by rhdcheme

:

I have frequent problems with stage 3 configuration in my VISTA machines...the configuration stalls and I have to safeboot and/or shut off/restart manually.

Did anyone experience this and how do you fix it?

I am having that problem right now. Won't reboot in normal mode only safe mode. Working on it now. Will let you know how it goes.

Update: Just did a restore prior to update and will mess with it later. To busy to figure it out today. Remote user hard drive took a crap, had him go out and get another and going to walk him through reinstalling windows over the phone, fun fun!
--
6 Wireless Workstations: WildBlue Satellite:WildBlue-1 Gateway:Laredo Beam:123 on 1.5Mbps/256Kbps plan at Knob Noster, Missouri.

5 Wireless Workstations: WildBlue Beam: 32 on 1.0Mbps/200Kbps plan at Pueblo Pintado, New Mexico.]]> http://www.dslreports.com/forum/remark,21563726 Thu, 11 Dec 2008 08:57:51 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21563239 dp :

said by MarkAW

:

Does anyone know why MS pulled the MSRT update from yesterdays MS updates.

It may have been pulled to correct a False Positive (TrojanDropper:Win32/Renos.N detecting particular uninstall files).
--
Microsoft MVP, 2004 - 2008]]> http://www.dslreports.com/forum/remark,21563239 Thu, 11 Dec 2008 04:34:01 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21561560 rhdcheme : I have frequent problems with stage 3 configuration in my VISTA machines...the configuration stalls and I have to safeboot and/or shut off/restart manually.

Did anyone experience this and how do you fix it?]]> http://www.dslreports.com/forum/remark,21561560 Wed, 10 Dec 2008 20:31:30 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21561371 jabarnut : Yep, after reading your post I just ran MS Update again on two machines, and got the December MSRT...not sure why the delay, but it seems to be there now. :)
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,21561371 Wed, 10 Dec 2008 19:57:55 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21560967 beck : Yesterday, I got 5 updates for XP Pro SP3. But no MSRT. Downloaded, but didn't install the updates.

Today I got notice of the MSRT, downloaded it, and it install everything.
--
Some people are like slinkies - not really good for much.
But they bring a smile to your face when pushed down the stairs.]]> http://www.dslreports.com/forum/remark,21560967 Wed, 10 Dec 2008 18:36:39 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21560887 Jrb2 : Thank you DP and Nick.]]> http://www.dslreports.com/forum/remark,21560887 Wed, 10 Dec 2008 18:15:13 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21559333 MarkAW : Does anyone know why MS pulled the MSRT update from yesterdays MS updates.]]> http://www.dslreports.com/forum/remark,21559333 Wed, 10 Dec 2008 14:07:10 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21559260 anon :

said by La Luna

:

Same here, no MSRT. Got the rest though.

Yep. Same here
--
1/20/09 The Beginning of an era of hope
]]> http://www.dslreports.com/forum/remark,21559260 Wed, 10 Dec 2008 13:55:43 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21559212 jarrycanada : Strange, I got every update as normal this month as everyone did but the Malicious Software Removal Tool for this month... hmm anyone else not get it too?]]> http://www.dslreports.com/forum/remark,21559212 Wed, 10 Dec 2008 13:46:01 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21556376 Owlbet : Good lord! Sixteen updates between Vista and Office!

[att=1]

Thanks for the heads up, dp

and NICK ADSL UK

. Muchly appreciated.

:)
--
Team Discovery
The 2008-2009 Alaska Aces record as of this post: 14-7-1

]]> http://www.dslreports.com/forum/remark,21556376 Tue, 09 Dec 2008 23:26:30 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21555675 jaykaykay : Thanks for the heads up to all noting that all was going well for you guys. Also to DP for noting the updates in the first place. My motto is never install until coming here to see if there is any problem once finding out that there is an update.]]> http://www.dslreports.com/forum/remark,21555675 Tue, 09 Dec 2008 21:13:11 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21555503 La Luna :

said by redxii

:

They pulled the MSRT? After I installed it from WU I got offered November's MSRT, and one computer I haven't update yet isn't offered December's.

Still available from here: »www.microsoft.com/downloads/deta···ylang=en
Version string 9BF57AAA-6CE6-4FC4-AEC7-1B288F067467

Same here, no MSRT. Got the rest though.

Thanks dp

!
--
1/20/09 The Beginning of the End

12,386 DEADLY TERROR ATTACKS SINCE 9/11~~SARAH BRIGHTMAN SYMPHONY WORLD TOUR]]> http://www.dslreports.com/forum/remark,21555503 Tue, 09 Dec 2008 20:39:14 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21555071 Buddel : 8 for me on Vista Premium. Downloading ... ... Thanks, Mr. P. :)

EDIT: I'm back. No problems so far. :)]]> http://www.dslreports.com/forum/remark,21555071 Tue, 09 Dec 2008 19:14:30 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21554978 redxii : They pulled the MSRT? After I installed it from WU I got offered November's MSRT, and one computer I haven't update yet isn't offered December's.

Still available from here: »www.microsoft.com/downloads/deta···ylang=en
Version string 9BF57AAA-6CE6-4FC4-AEC7-1B288F067467]]> http://www.dslreports.com/forum/remark,21554978 Tue, 09 Dec 2008 18:58:20 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21554559 Pole883 : TYKIFYWIM!!]]> http://www.dslreports.com/forum/remark,21554559 Tue, 09 Dec 2008 17:39:35 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21554417 Abiosis : smooth ride~~~

]]> http://www.dslreports.com/forum/remark,21554417 Tue, 09 Dec 2008 17:12:46 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21554157 jabarnut : Already that time of the month again? :o
(Time sure flies when you're having fun!)

Thanks for the heads up dp

! :)

Eight updates here for my XP Pro SP3 machines-(6 for XP, 2 for Office).

All seems well so far...no immediate problems to report.
(Haven't done my 2 Vista Machines yet).
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,21554157 Tue, 09 Dec 2008 16:24:39 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553988 LadyL : Only 3 for my Vista :
KB957321, 949108, 959130
All downloaded and installed with no problems. :)
Thank you.
--
Lonnie]]> http://www.dslreports.com/forum/remark,21553988 Tue, 09 Dec 2008 15:59:19 EDT 28 security holes patched today http://www.dslreports.com/forum/remark,21553704 TKJunkMail : News item on today's patches:
»www.securityfocus.com/brief/868

Microsoft's last regularly scheduled update for the year closed 28 documented security holes, the most flaws fixed since the software giant moved over to monthly patches, according to one security firm.

The eight software updates released by the company on Tuesday closed six security issues in the ActiveX controls for Microsoft Visual Basic 6.0's Runtime Extended Files, all of which could allow remote code execution if a user visited a malicious Web site, Microsoft stated. A second update solved four memory-corruption issues in the company's browser, Internet Explorer. Two other fixes corrected a total of 11 vulnerabilities in Microsoft Word and Excel.

The eight updates also included fixes for security issues in Microsoft's graphics library, Windows' search functionality, Windows Media Components and a single vulnerability in Microsoft Office SharePoint Server.

Symantec stated that the collection of patches fixes the most vulnerabilities in a monthly update since Microsoft started its regularly scheduled patch program.

--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk?]]> http://www.dslreports.com/forum/remark,21553704 Tue, 09 Dec 2008 15:07:46 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553681 MagMan : Thanks, 7 for me on XP home, no problems.]]> http://www.dslreports.com/forum/remark,21553681 Tue, 09 Dec 2008 15:03:33 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553550 Babar : Thanks, dp! :D

6 applied to the XP boxes with no issues...
--
"Geez, I'm goin' crazy out there at the lake." ]]> http://www.dslreports.com/forum/remark,21553550 Tue, 09 Dec 2008 14:38:03 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553436 dadkins : Thanks DP! :)

Vista Home Premium - 8 plus the MSRT.

XP MCE 2005 - 6 plus the MSRT

]]> http://www.dslreports.com/forum/remark,21553436 Tue, 09 Dec 2008 14:17:42 EDT 14 fixes applied to 2 Vista SP1 32 bit systems http://www.dslreports.com/forum/remark,21553173 TKJunkMail : All fixes applied without issues so far.

[att=1]

]]> http://www.dslreports.com/forum/remark,21553173 Tue, 09 Dec 2008 13:37:01 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553159 MarkAW : Thanks dp

and NICK ADSL UK

got 5 XP PRO 1 for MS Office 2002/XP plus MSRT. :)

Edit Got 5 for XP Home no MSRT though.


My wife's and MSRT is missing

]]> http://www.dslreports.com/forum/remark,21553159 Tue, 09 Dec 2008 13:34:30 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553139 NICK ADSL UK : Malicious Software Removal Tool
Published: January 11, 2005 | Updated: December 9, 2008

New Additions
We have added detection and cleaning capabilities for the following malicious software:

• FakeXPA
»www.microsoft.com/security/porta···fFakeXPA

• Yektel
»www.microsoft.com/security/porta···Yektel.A
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21553139 Tue, 09 Dec 2008 13:32:07 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553115 NICK ADSL UK : Thank you dp :)

TechNet Webcast: Information About Microsoft December Security Bulletins (Level 200)
Event ID: 1032374647

Language(s): English.
Product(s): Security.
Audience(s): IT Professional.

Duration: 60 Minutes
Start Date: Wednesday, December 10, 2008 11:00 AM Pacific Time (US & Canada)

Event Overview

On December 9, 2008, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the December security bulletins. The intent of this webcast is to address your concerns. Therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from our security experts.

Presenters: Christopher Budd, Security Response Communications Lead, Microsoft Corporation and and Adrian Stone, Lead Security Program Manager, Microsoft Corporation

Register now for the December security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,21553115 Tue, 09 Dec 2008 13:28:00 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553096 DrDemento : Got the following for 3 XP machines
890830
955839
952069
954600
956802
958215
All downloaded and installed. Thanks much.]]> http://www.dslreports.com/forum/remark,21553096 Tue, 09 Dec 2008 13:24:22 EDT Re: Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553088 lilhurricane : Thank you kindly, dp

:)]]> http://www.dslreports.com/forum/remark,21553088 Tue, 09 Dec 2008 13:21:53 EDT Microsoft Security Bulletin(s) for December 9, 2008 http://www.dslreports.com/forum/remark,21553078 dp : Microsoft Security Bulletin(s) for December 9, 2008

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···dec.mspx

Critical (6)

Microsoft Security Bulletin MS08-071
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
»www.microsoft.com/technet/securi···071.mspx

Microsoft Security Bulletin MS08-075
Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)
»www.microsoft.com/technet/securi···075.mspx

Microsoft Security Bulletin MS08-073
Cumulative Security Update for Internet Explorer (958215)
»www.microsoft.com/technet/securi···073.mspx

Microsoft Security Bulletin MS08-070
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)
»www.microsoft.com/technet/securi···070.mspx

Microsoft Security Bulletin MS08-072
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
»www.microsoft.com/technet/securi···072.mspx

Microsoft Security Bulletin MS08-074
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
»www.microsoft.com/technet/securi···074.mspx

Important (2)

Microsoft Security Bulletin MS08-077
Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
»www.microsoft.com/technet/securi···077.mspx

Microsoft Security Bulletin MS08-076
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
»www.microsoft.com/technet/securi···076.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Microsoft MVP, 2004 - 2008]]> http://www.dslreports.com/forum/remark,21553078 Tue, 09 Dec 2008 13:20:34 EDT