3ecommunications.net

Home > Microsoft Security > Ms08-052

Ms08-052

Contents

The MaxUserPort registry Key has different meanings on Windows Vista and Windows Server 2008 than on Microsoft Windows Server 2000 and Windows Server 2003. For more information about SMS, visit the SMS Web site. Vulnerability Information Severity Ratings and Vulnerability Identifiers Vulnerability Severity Rating and Maximum Security Impact by Affected Software Affected SoftwareGDI Heap Overflow Vulnerability - CVE-2008-1083 GDI stack Overflow Vulnerability – CVE-2008-1087Aggregate Severity For more detailed information, see Microsoft Knowledge Base Article 910723: Summary list of monthly detection and deployment guidance articles. http://3ecommunications.net/microsoft-security/microsoft-security-bulletin-ms08-031.html

See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. For SMS 2003, the SMS 2003 Inventory Tool for Microsoft Updates (ITMU) can be used by SMS to detect security updates that are offered by Microsoft Update and that are supported Verifying that the Update Has Been Applied Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the Under the General tab, compare the file size with the file information tables provided in the bulletin KB article. https://technet.microsoft.com/en-us/library/security/ms08-071.aspx

Ms08-052

No user interaction is required, but installation status is displayed. Verifying That the Update Has Been Applied Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Workarounds for Word Record Parsing Vulnerability - CVE-2008-2244 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before

Microsoft is aware of limited, targeted attacks attempting to exploit the vulnerability. Impact of Workaround: Users who have configured the File Block policy and have not configured a special “exempt directory” as discussed in Microsoft Knowledge Base Article 922848 will be unable to DNS Cache Poisoning Vulnerability - CVE-2008-1454 A cache poisoning vulnerability exists in Windows DNS Server. The last Microsoft Security Bulletin for GDI+, MS04-028, lists affected and non-affected software that is not listed in this bulletin.

Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Ms08-067 Exploit An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Why does this bulletin contain two updates for each affected operating system? This bulletin contains two updates, identified by KB number, for each affected operating system because the modifications that are required pop over to these guys Supported Security Update Installation Switches SwitchDescription /?, /h, /help Displays help on supported switches. /quiet Suppresses the display of status or error messages. /norestart When combined with /quiet, the system will

This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. Depending on the behavior of the third-party application, this could lead to remote code execution in the context of the logged on user. You can find them most easily by doing a keyword search for "security update." Finally, security updates can be downloaded from the Microsoft Update Catalog. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Ms08-067 Exploit

You can find additional information in the subsection, Deployment Information, in this section. https://technet.microsoft.com/en-us/library/security/ms08-067.aspx Click Start, and then click Search. Ms08-052 If you installed your application from a server location, the server administrator must instead update the server location with the administrative update and deploy that update to your system. Ms09-062 For more information about the Office Inventory Tool and other scanning tools, see SMS 2003 Software Update Scanning Tools.

The content you requested has been removed. During installation, creates %Windir%\CabBuild.log. To determine the support life cycle for your software release, visit Microsoft Support Lifecycle. For more information about how to deploy this security update using Windows Server Update Services, visit the Windows Server Update Services Web site. Microsoft 365

What causes the vulnerability? The vulnerability is caused by a memory handling error when parsing record values in a specially crafted Word file. In all cases, however, an attacker would have no way to force users to visit these Web sites. Supported Security Update Installation Switches SwitchDescription /?, /h, /help Displays help on supported switches. /quiet Suppresses the display of status or error messages. /norestart When combined with /quiet, the system will Check This Out Setup Modes /passive Unattended Setup mode.

For more information about the SMS 2003 ITMU, see SMS 2003 Inventory Tool for Microsoft Updates. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section.

Vulnerability Information Severity Ratings and Vulnerability Identifiers Vulnerability Severity Rating and Maximum Security Impact by Affected Software Affected SoftwareDNS Insufficient Socket Entropy Vulnerability - CVE-2008-1447DNS Cache Poisoning Vulnerability - CVE-2008-1454Aggregate Severity

Click OK to close the dialog box. If the file or version information is not present, use one of the other available methods to verify update installation. Click Start, and then click Search. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information.

To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle. Instead of having to install several updates that are almost the same, customers need to install this update only. You are prompted to click Copy, Remove, or Cancel. Changed "Bulletins Replaced by this Update" for Microsoft Office XP Service Pack 3 and Microsoft Office Project 2002 Service Pack 1 to MS08-016.

Turning off processing of metafiles may cause the appearance of software or system components to decrease in quality. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table.Note Use Registry Editor at your own risk. You’ll be auto redirected in 1 second.

Customers are potentially at risk if third party applications do not follow the recommended best practices and instead redistribute an old version of gdiplus.dll with their application. Use Registry Editor at your own risk. Security Update Deployment Affected Software For information about the specific security update for your affected software, click the appropriate link: Windows 2000 (all editions) Reference Table The following table contains the Microsoft knowledge Base Article 929851 details the change in behavior for Windows Vista and Windows Server 2008.

Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. By default, the DNS updates offered by this security bulletin will take advantage of a large number of available sockets to offer greater entropy. What does the update do? The update removes the vulnerability by modifying the way that Word manages memory in processing CSS values when opening Word files. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information.

The Office component discussed in this article is part of the Office Suite that I have installed on my system; however, I did not choose to install this specific component. Are any additional security features included in this update?Yes, as part of the servicing model for Microsoft Office 2003, when users of Microsoft Office 2003 Service Pack 2 install this update, To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-1087. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Click Remove, and then click OK.You receive a message that states that no one will be able to access this registry key. Click Stop, and then click OK.