Fixlet Site - EnterpriseSecurity Current Version: 1034 Published: Wed, 13 Aug 2008 08:10:51 GMT New Fixlets: ============ *************************************************************** Title: MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) Severity: Important Fixlet ID: 804201 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Microsoft Word. This vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office XP SP3 (Administrative Install) Severity: Important Fixlet ID: 804203 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Microsoft Word. This vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2003 SP2/SP3 (Local/Network Install) Severity: Important Fixlet ID: 804206 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Microsoft Word. This vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2003 SP2/SP3 (Administrative Install) Severity: Important Fixlet ID: 804208 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Microsoft Word. This vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 (Local Install) Severity: Critical Fixlet ID: 804301 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 (Network Install) Severity: Critical Fixlet ID: 804302 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 (Administrative Install) Severity: Critical Fixlet ID: 804303 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) Severity: Important Fixlet ID: 804306 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office XP SP3 (Administrative Install) Severity: Important Fixlet ID: 804308 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2003 SP2/SP3 (Local/Network Install) Severity: Important Fixlet ID: 804311 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2003 SP2/SP3 (Administrative Install) Severity: Important Fixlet ID: 804313 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2007 Gold/SP1 Severity: Important Fixlet ID: 804316 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel Viewer 2003 Severity: Important Fixlet ID: 804326 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel Viewer 2007 Severity: Important Fixlet ID: 804336 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office Compatibility Pack for Excel 2007 File Formats Severity: Important Fixlet ID: 804341 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - SharePoint Server 2007 Gold/SP1 Severity: Important Fixlet ID: 804346 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 5.01 - Windows 2000 SP4 Severity: Critical Fixlet ID: 804501 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows 2000 SP4 Severity: Critical Fixlet ID: 804502 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 6 - Windows 2000 SP4 Severity: Critical Fixlet ID: 804503 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows 2000 SP4 Severity: Critical Fixlet ID: 804504 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP SP2/SP3 Severity: Critical Fixlet ID: 804505 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows XP SP2/SP3 Severity: Critical Fixlet ID: 804506 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP Gold/SP2 (x64) Severity: Critical Fixlet ID: 804507 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows XP Gold/SP2 (x64) Severity: Critical Fixlet ID: 804508 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 804509 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 804510 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 Gold/SP2 (x64) Severity: Critical Fixlet ID: 804511 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows Server 2003 Gold/SP2 (x64) Severity: Critical Fixlet ID: 804512 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP SP2/SP3 Severity: Critical Fixlet ID: 804513 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows XP SP2/SP3 Severity: Critical Fixlet ID: 804514 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP Gold/SP2 (x64) Severity: Critical Fixlet ID: 804515 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows XP Gold/SP2 (x64) Severity: Critical Fixlet ID: 804516 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 804517 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 804518 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 Gold/SP2 (x64) Severity: Critical Fixlet ID: 804519 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: CORRUPT PATCH - Windows Server 2003 Gold/SP2 (x64) Severity: Critical Fixlet ID: 804520 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista Gold/SP1 Severity: Critical Fixlet ID: 804521 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista Gold/SP1 (x64) Severity: Critical Fixlet ID: 804523 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2008 Severity: Critical Fixlet ID: 804525 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-045: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2008 (x64) Severity: Critical Fixlet ID: 804527 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution - Windows XP Gold/SP2 (x64) Severity: Critical Fixlet ID: 804601 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-046: CORRUPT PATCH - Windows XP Gold/SP2 (x64) Severity: Critical Fixlet ID: 804602 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx *************************************************************** Title: MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution - Windows XP SP2/SP3 Severity: Critical Fixlet ID: 804603 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-046: CORRUPT PATCH - Windows XP SP2/SP3 Severity: Critical Fixlet ID: 804604 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx *************************************************************** Title: MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 804605 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-046: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 804606 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx *************************************************************** Title: MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution - Windows Server 2003 Gold/SP2 (x64) Severity: Critical Fixlet ID: 804607 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-046: CORRUPT PATCH - Windows Server 2003 Gold/SP2 (x64) Severity: Critical Fixlet ID: 804608 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx *************************************************************** Title: MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution - Windows 2000 SP4 Severity: Critical Fixlet ID: 804609 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-046: CORRUPT PATCH - Windows 2000 SP4 Severity: Critical Fixlet ID: 804610 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - OE 5.5 SP2 - Windows 2000 SP4 Severity: Important Fixlet ID: 804803 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: CORRUPT PATCH - Windows 2000 SP4 Severity: Important Fixlet ID: 804804 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - OE 6 SP1 - Windows 2000 SP4 Severity: Important Fixlet ID: 804805 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: CORRUPT PATCH - Windows 2000 SP4 Severity: Important Fixlet ID: 804806 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - OE 6 - Windows XP SP2/SP3 Severity: Important Fixlet ID: 804807 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: CORRUPT PATCH - Windows XP SP2/SP3 Severity: Important Fixlet ID: 804808 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - OE 6 - Windows XP Gold/SP2 (x64) Severity: Important Fixlet ID: 804809 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: CORRUPT PATCH - Windows XP Gold/SP2 (x64) Severity: Important Fixlet ID: 804810 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - OE 6 - Windows Server 2003 SP1/SP2 Severity: Low Fixlet ID: 804811 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Low Fixlet ID: 804812 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - OE 6 - Windows Server 2003 Gold/SP2 (x64) Severity: Low Fixlet ID: 804813 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: CORRUPT PATCH - Windows Server 2003 Gold/SP2 (x64) Severity: Low Fixlet ID: 804814 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - WM - Windows Vista Gold/SP1 Severity: Important Fixlet ID: 804815 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - WM - Windows Vista Gold/SP1 (x64) Severity: Important Fixlet ID: 804817 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - WM - Windows Server 2008 Severity: Low Fixlet ID: 804819 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-048: Security Update for Outlook Express and Windows Mail - WM - Windows Server 2008 (x64) Severity: Low Fixlet ID: 804821 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows 2000 SP4 Severity: Important Fixlet ID: 804901 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: CORRUPT PATCH - Windows 2000 SP4 Severity: Important Fixlet ID: 804902 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows XP SP2/SP3 Severity: Important Fixlet ID: 804903 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: CORRUPT PATCH - Windows XP SP2/SP3 Severity: Important Fixlet ID: 804904 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows XP Gold/SP2 (x64) Severity: Important Fixlet ID: 804905 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: CORRUPT PATCH - Windows XP Gold/SP2 (x64) Severity: Important Fixlet ID: 804906 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows Server 2003 SP1/SP2 Severity: Important Fixlet ID: 804907 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Important Fixlet ID: 804908 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows Server 2003 Gold/SP2 (x64) Severity: Important Fixlet ID: 804909 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: CORRUPT PATCH - Windows Server 2003 Gold/SP2 (x64) Severity: Important Fixlet ID: 804910 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows Vista Gold/SP1 Severity: Important Fixlet ID: 804911 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows Vista Gold/SP1 (x64) Severity: Important Fixlet ID: 804913 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows Server 2008 Severity: Important Fixlet ID: 804915 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution - Windows Server 2008 (x64) Severity: Important Fixlet ID: 804917 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx Fixlet Description: Microsoft has released an update that resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure - Windows Messenger 4.7 - Windows XP SP2/SP3 Severity: Important Fixlet ID: 805001 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-050: CORRUPT PATCH - Windows XP SP2/SP3 Severity: Important Fixlet ID: 805002 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx *************************************************************** Title: MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure - Windows Messenger 4.7 - Windows XP Gold/SP2 (x64) Severity: Important Fixlet ID: 805003 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-050: CORRUPT PATCH - Windows XP Gold/SP2 (x64) Severity: Important Fixlet ID: 805004 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx *************************************************************** Title: MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure - Windows Messenger 4.7 - Windows Server 2003 SP1/SP2 Severity: Moderate Fixlet ID: 805005 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-050: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Moderate Fixlet ID: 805006 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx *************************************************************** Title: MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure - Windows Messenger 4.7 - Windows Server 2003 Gold/SP2 (x64) Severity: Moderate Fixlet ID: 805007 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-050: CORRUPT PATCH - Windows Server 2003 Gold/SP2 (x64) Severity: Moderate Fixlet ID: 805008 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx *************************************************************** Title: MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure - Windows Messenger 5.1 Severity: Important Fixlet ID: 805011 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: This action will fail if Windows Messenger 5.0 is running. To prevent this behavior, you may want to deploy this action with the user constraint "Run only when no user is present" or display a message box before action execution instructing the user to shutdown Windows Messenger before applying the update. *************************************************************** Title: MS08-050: CORRUPT PATCH - Windows Messenger 5.1 Severity: Important Fixlet ID: 805012 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office 2000 SP3 (Local Install) Severity: Critical Fixlet ID: 805101 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office 2000 SP3 (Network Install) Severity: Critical Fixlet ID: 805102 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office 2000 SP3 (Administrative Install) Severity: Critical Fixlet ID: 805103 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) Severity: Important Fixlet ID: 805106 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office XP SP3 (Administrative Install) Severity: Important Fixlet ID: 805108 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office 2003 SP2/SP3 (Local/Network Install) Severity: Important Fixlet ID: 805111 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office 2003 SP2/SP3 (Administrative Install) Severity: Important Fixlet ID: 805113 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office 2007 Severity: Important Fixlet ID: 805121 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - PowerPoint Viewer 2003 Severity: Important Fixlet ID: 805126 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Office Compatibility Pack for PowerPoint 2007 File Formats Severity: Important Fixlet ID: 805131 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.