Fixlet Site - EnterpriseSecurity
Current Version: 1016	Published: Wed, 09 Jul 2008 07:49:48  GMT

New Fixlets:
============

***************************************************************
Title: MS08-037: Vulnerabilities in DNS Could Allow Spoofing - DNS Client - Windows XP (x64)
Severity: Important
Fixlet ID: 803705
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-037: CORRUPT PATCH - Windows XP (x64)
Severity: Important
Fixlet ID: 803706
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

***************************************************************
Title: MS08-037: Vulnerabilities in DNS Could Allow Spoofing - DNS Server - Windows Server 2003 (x64)
Severity: Important
Fixlet ID: 803709
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-037: CORRUPT PATCH - Windows Server 2003 (x64)
Severity: Important
Fixlet ID: 803710
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

***************************************************************
Title: MS08-037: Vulnerabilities in DNS Could Allow Spoofing - DNS Server - Windows Server 2008 (x64)
Severity: Important
Fixlet ID: 803713
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-037: Vulnerabilities in DNS Could Allow Spoofing - DNS Client - Windows Server 2003 (x64)
Severity: Important
Fixlet ID: 803719
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-037: CORRUPT PATCH - Windows Server 2003 (x64)
Severity: Important
Fixlet ID: 803720
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

***************************************************************
Title: MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows Vista (x64)
Severity: Important
Fixlet ID: 803803
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-038.mspx

Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Windows Explorer that could allow remote code execution when a specially crafted saved-search file is opened and saved. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows Server 2008 (x64)
Severity: Important
Fixlet ID: 803807
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-038.mspx

Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Windows Explorer that could allow remote code execution when a specially crafted saved-search file is opened and saved. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege - Exchange Server 2003 SP2
Severity: Important
Fixlet ID: 803901
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-039: CORRUPT PATCH - Exchange Server 2003 SP2
Severity: Important
Fixlet ID: 803902
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

***************************************************************
Title: MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege - Exchange Server 2007 Gold (x86)
Severity: Important
Fixlet ID: 803911
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-039: CORRUPT PATCH - Exchange Server 2007 Gold (x86)
Severity: Important
Fixlet ID: 803912
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

***************************************************************
Title: MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege - Exchange Server 2007 Gold (x64)
Severity: Important
Fixlet ID: 803913
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege - Exchange Server 2007 SP1 (x64)
Severity: Important
Fixlet ID: 803915
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege - Exchange Server 2007 SP1 (x86)
Severity: Important
Fixlet ID: 803917
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-039: CORRUPT PATCH - Exchange Server 2007 SP1 (x86)
Severity: Important
Fixlet ID: 803918
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx