Security Hero Rotating Header Image

November, 2008:

Microsoft Security Bulletin Re-Releases

Microsoft Security Bulletin Re-Releases

Posted by Microsoft on Nov 25

********************************************************************
Title: Microsoft Security Bulletin Re-Releases
Issued: November 25, 2008
********************************************************************

Summary
=======
The following bulletins have undergone a major revision…

URL: http://seclists.org/microsoft/2008/q4/0003.html

Cisco Response to TKIP Encryption Weakness

Cisco Response to TKIP Encryption Weakness

URL: http://www.cisco.com/en/US/products/products_security_response09186a0080a30036.html

Cisco VLAN Trunking Protocol Vulnerability

Cisco VLAN Trunking Protocol Vulnerability

This is the Cisco response to research done by ‘showrun.lee’ pertaining to a crafted VTP packet denial of service vulnerability.

URL: http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html

Update Rollup for ActiveX Kill Bits – 11/12/2008

Microsoft Security Advisory (956391): Update Rollup for ActiveX Kill Bits – 11/12/2008

Revision Note: November 12, 2008: Removed an incorrect reference that Windows Server 2008 Server Core installation is affected. Added an entry to Frequently Asked Questions to communicate that users with Windows Server 2008 Server Core installation will still be offered but do not need to install this update. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory.

URL: http://www.microsoft.com/technet/security/advisory/956391.mspx

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

MS08-069 V Critical: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Bulletin Severity Rating:Critical – This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

URL: http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx?pubDate=2008-11-11

Vulnerability in SMB Could Allow Remote Code Execution (957097)

MS08-068 V Important: Vulnerability in SMB Could Allow Remote Code Execution (957097)

Bulletin Severity Rating:Important – This security update resolves a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

URL: http://www.microsoft.com/technet/security/bulletin/ms08-068.mspx?pubDate=2008-11-11

Microsoft Security Bulletin for November 2008

Microsoft Security Bulletin for November 2008

The table below lists the Microsoft vulnerabilities for November 2008.

MS Bulletin Number

Microsoft Bulletin Title

Severity

Impact of Vulnerability

Affected Software

CVE ID

MS08-069

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Critical

Remote Code Execution

Microsoft Windows

CVE-2007-0099,CVE-2008-4029,CVE-2008-4033

MS08-068

Vulnerability in SMB Could Allow Remote Code Execution (957097)

Important

Remote Code Execution

Microsoft Windows

CVE-2008-4037

Threat Remediation

Fortinet provides coverage on Microsoft vulnerabilities in November 2008.

CVE Number

Signature Name

CVE-2007-0099

XML.Nested.Tags.Handling.Race.Condition.Memory.Corruption

CVE-2008-4029

MS.MSXML.DTD.Cross.Domain.Scripting

CVE-2008-4033

MS.XML.Core.Services.Information.Disclosure

For more information on new and enhanced signatures, visit theIPS Service Update History.If you require more information, contact the FortiGuard Team using ourContact Us web page.

Document History

Revision Date Version Number  
Tuesday, November 11, 2008 1 Initial Documentation.
Wednesday, November 11, 2008 2 Signature for “XML.Nested.Tags.Handling.Race.Condition.Memory.Corruption” has been on IPS Definition 2.565 previously named “Mozilla.Firefox.Javascript.Handler.Memory.Corruption”

Wednesday, November 14, 2008 3 Signature for “MS.MSXML.DTD.Cross.Domain.Scripting” and “MS.XML.Core.Services.Information.Disclosure” have been released on IPS Definition 2.567 previously in beta state.

Reference:

URL: http://www.fortiguardcenter.com/advisory/FGA-2008-27.html

Worldwide Survey of DNS Servers Reveals Many Systems Vulnerable to Attacks

Worldwide Survey of DNS Servers Reveals Many Systems Vulnerable to Attacks

Infoblox Inc., a developer of appliances that deliver DNS and DHCP services, among others, and The Measurement Factory, experts in performance testing and protocol compliance, today announced results from the fourth-annual survey of domain name servers on the public Internet.

URL: http://feedproxy.google.com/~r/InfobloxNewsFeed/~3/HkCct22EI9k/release.cfm