Fixlet Site - EnterpriseSecurity Current Version: 1013 Published: Fri, 20 Jun 2008 19:22:24 GMT New Fixlets: ============ *************************************************************** Title: MS03-011: Flaw in Microsoft VM Could Enable System Compromise - Windows Server 2003 Severity: Critical Fixlet ID: 301109 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS03-011.asp Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in the Microsoft Virtual Machine (VM). This vulnerability affects the ByteCode Verifier component of the Microsoft VM and could be exploited through a malicious Java applet. Such an applet could either be hosted on a web site or sent through an e-mail. Microsoft recommends that all users running the Microsoft Virtual Machine apply this update. This build of the Microsoft VM contains all previously released patches for Microsoft VM. *************************************************************** Title: MS08-030: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution - Windows XP SP2/SP3 (v2, re-released 6/19/2008) Severity: Critical Fixlet ID: 803011 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-030.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: This patch was re-released on June 19, 2008 because the Windows XP Service Pack 2 and Windows XP Service Pack 3 update offered in MS08-030 did not fully address the vulnerability discussed in the security bulletin. The action below deploys the revised version of the patch. Microsoft recommends that all affected computers install the new patch. See the FAQ section of the security bulletin for more information. *************************************************************** Title: MS08-030: CORRUPT PATCH - Windows XP SP2/SP3 (v2, re-released 6/19/2008) Severity: Critical Fixlet ID: 803012 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-030.mspx *************************************************************** Title: MS08-030: REVISED PATCH - Windows XP SP2/SP3 (v2, re-released 6/19/2008) Severity: Critical Fixlet ID: 803013 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-030.mspx Fixlet Description: Important Note: This patch was re-released on June 19, 2008 because the Windows XP Service Pack 2 and Windows XP Service Pack 3 update offered in MS08-030 did not fully address the vulnerability discussed in the security bulletin. The action below deploys the revised version of the patch. The listed computers have the previous version of the patch installed. Microsoft recommends that all affected computers install the new patch. See the FAQ section of the security bulletin for more information. Microsoft has released a security update that resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.