October 2008 Microsoft Updates

Microsoft has released another monthly batch of security updates for its products. There are eleven group patches which affect a number of Microsoft products. Following is a listing of the vulnerabilities with a link to Microsoft for more information.

Critical

Vulnerability in Active Directory could allow remote code execution: This fixes a reported problem in implementations of Active Directory on Windows 2000 Server. See http://go.microsoft.com/fwlink/?LinkId=128125 for more details.

Cumulative Security Update for Internet Explorer: This update fixes six reported vulnerabilities related to remote code execution and information disclosure. See http://go.microsoft.com/fwlink/?LinkID=128060 for more details.

Vulnerability in Host Integration Server PRC Service could allow remote code execution: This fixes a problem In the Host Integration Server product of remote code execution if a specially crafted RPC request is sent to an affected system. See http://go.microsoft.com/fwlink/?LinkId=125712 for more information.

Vulnerabilities in Microsoft Excel could allow remote code execution: This fixes three problems in Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. See http://go.microsoft.com/fwlink/?LinkID=124653 for more information.

Important

Vulnerability in the Microsoft Ancillary Function Driver could allow elevation of privilege: Affecting Microsoft Windows, this fixes a problem in this particular driver. See http://go.microsoft.com/fwlink/?LinkId=125709 for more information.

Vulnerabilities in Windows Kernel could allow elevation of privilege: Another issue affecting Windows, this fix resolves three vulnerabilities in the Windows kernel. See http://go.microsoft.com/fwlink/?LinkId=121738 for more Information.

Vulnerability in Windows Internet Printing Service could allow remote code execution: Affecting Windows, this fixes a problem which could allow remote code executive in the context of the current user. See http://go.microsoft.com/fwlink/?LinkId=120829 for more information.

Vulnerability in SMB could allow remote code execution: This update, affecting Windows, fixes a problem with the Microsoft SMB protocol which could allow remote code execution on a server that is sharing files or folders. See http://go.microsoft.com/fwlink/?LinkID=127994 for more information.

Vulnerability in Virtual Address Descriptor Manipulation could allow elevation of privilege:  Another vulnerability in Windows, this affect the Virtual Address Descriptor. That could allow the elevation of privilege if a user runs a specifically crafted application. See http://go.microsoft.com/fwlink/?LinkId=128103 for more information.

Vulnerability in Message Queuing could all remote code execution: Affecting Windows, this fixes a problem in the MSMQ on Windows 2000 systems and MSMQ is enabled.

Moderate

Vulnerability in Microsoft Office could allow information disclosure: This fixes a problem in Office that could allow disclosure of information is a user clicks on a specifically crafted CDO URL. See http://go.microsoft.com/fwlink/?LinkId=128145 fopr more information.

Microsoft has also released the Windows Malicious Software Removal Tool for October 2008, an update for the windows Mail Junk Email Filter, a cumulative update for Media Center for Windows Vista, a cumulative update for Media Center TVPack for Windows Vista and an Update for Windows Server 2008 and Vista which addresses the quality of software information sent to Microsoft through the CEIP.

As usual, please take the time to test and then deploy the updates as soon as possible. Remember exploits on the Internet can be found as soon as hours after the updates are made available by Microsoft.

October 15, 2008