Fixlet Site - EnterpriseSecurity
Current Version: 1110	Published: Fri, 12 Dec 2008 02:18:16  GMT

New Fixlets:
============

***************************************************************
Title: MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution - Windows Server 2003 (v2, re-released 12/9/2008)
Severity: Critical
Fixlet ID: 701713
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-017.mspx

Fixlet Description: Important Note: This patch was re-released on December 9, 2008 to address minor issues unrelated to the stability of the update or the security of the intended target systems. The action below deploys the revised version of the patch. Customers who have already successfully applied this update need not take any action.

Microsoft has released a patch resolving several newly discovered, publicly disclosed and privately reported vulnerabilities as well as additional issues discovered through internal investigations. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of the affected workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information.

***************************************************************
Title: MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution - Windows Server 2003 (v2, re-released 12/9/2008) - CORRUPT PATCH
Severity: Critical
Fixlet ID: 701714
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-017.mspx

***************************************************************
Title: MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold/SP1
Severity: Important
Fixlet ID: 805293
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx

Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Expression Web 1, 2
Severity: Important
Fixlet ID: 805295
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx

Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Groove 2007 Gold/SP1
Severity: Important
Fixlet ID: 805297
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx

Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.