[Jochen]

gestern Abend wurden die Microsoft Security Bulletins für September 2008 veröffentlicht. Die Veröffentlichung der Bulletins ersetzt die Bulletin Advance Notification, die erstmalig am 04.09.08 veröffentlicht wurde.

Weitere Infos findet Ihr unten und auch online auf: http://www.microsoft.com/germany/tec.../ms08-sep.mspx (dt.)

Am Mittwoch, den 10. September 2008 um 20:00 Uhr (MEZ) führt Microsoft einen englischsprachigen Webcast durch, um Kundenfragen zu diesen Bulletins zu beantworten. Registriert Euch jetzt für das Security Bulletin-Webcast im September.<http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032374633&EventC ategory=4&culture=en-US&CountryCode=US> Ab diesem Datum steht dieser Webcast auf Anfrage zur Verfügung. Weitere Informationen dazu findet Ihr unter Microsoft Security Bulletin Zusammenfassungen und Webcasts.<http://www.microsoft.com/technet/security/bulletin/summary.mspx>

_____________________________

What is the purpose of this alert?
This alert is to provide you with an overview of the new security bulletins being released on September 9, 2008. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following four security bulletins for newly discovered vulnerabilities:


Bulletin Number Maximum Severity Affected Products Impact

MS08-052 Critical Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Visual Studio (not the complete list). For more information, see the Security Bulletin Technical Details section below. Remote Code Execution

MS08-053 Critical Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008. For more information, see the Security Bulletin Technical Details section below. Remote Code Execution

MS08-054 Critical Windows XP, Windows Vista, Windows Server 2008. For more information, see the Security Bulletin Technical Details section below. Remote Code Execution

MS08-055 Critical Office XP, Office 2003, 2007 Office System, Office OneNote 2007. For more information, see the Security Bulletin Technical Details section below. Remote Code Execution








Summaries for these new bulletins may be found at the following pages:
http://www.microsoft.com/technet/sec.../MS08-sep.mspx

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here: http://go.microsoft.com/fwlink/?LinkId=40573

High-Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU) or Windows Server Update Services (WSUS) will be detailed in the following KB Article: http://support.microsoft.com/?id=894199

Public Bulletin Webcast

Microsoft will host a Webcast to address customer questions on these bulletins:

Title: Information About Microsoft September Security Bulletins (Level 200)
Date: Wednesday, September 10, 2008 11:00 A.M. Pacific Time (US & Canada)
URL: http://msevents.microsoft.com/CUI/We...tID=1032374633

New Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit Microsoft Support Lifecycle<http://support.microsoft.com/lifecycle/>.

Critical (4)

Bulletin Identifier Microsoft Security Bulletin MS08-052
Bulletin Title Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
Executive Summary This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating Critical
Impact of Vulnerability Remote Code Execution
Detection Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.
Affected Software Windows 2000 with Internet Explorer 6 SP1, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, .NET Framework 1.0, .NET Framework 1.1, .NET Framework 2.0, Office XP, Office 2003, 2007 Office System, Visio 2002, PowerPoint 2003 Viewer, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005, Visual Studio .NET 2002 SP1, Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1, Visual Studio 2008, Microsoft Report Viewer 2005 SP1 Redistributable Package, Microsoft Report Viewer 2008 Redistributable Package, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP1&2, Microsoft Platform SDK Redistributable: GDI+, Microsoft Forefront Client Security 1.0. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement The update requires a restart.
Removal Information Varies depending on which component is updated. Please see the Security Update Deployment section of the bulletin at the link below.
Bulletins Replaced by This Update Windows 2000: MS07-050
Office XP: MS04-028
Visio 2002: MS08-019
PowerPoint Viewer 2003: MS08-051
Works 8: MS08-044
SQL Server 2005: MS08-040
Microsoft Platform SDK Redistributable: GDI+: MS04-028
Full Details http://www.microsoft.com/technet/sec.../MS08-052.mspx

Bulletin Identifier Microsoft Security Bulletin MS08-053
Bulletin Title Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
Executive Summary This security update resolves a privately reported vulnerability in Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating Critical
Impact of Vulnerability Remote Code Execution
Detection Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.
Affected Software Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement The update may require a restart.
Removal Information * For Windows Media Encoder 9 Series running on Microsoft Windows 2000, Windows XP or Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.
* For Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates
Bulletins Replaced by This Update None
Full Details http://www.microsoft.com/technet/sec.../MS08-053.mspx

Bulletin Identifier Microsoft Security Bulletin MS08-054
Bulletin Title Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
Executive Summary This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating Critical
Impact of Vulnerability Remote Code Execution
Detection Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.
Affected Software Windows XP, Windows Vista, Windows Server 2008. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement The update does not require a restart.
Removal Information * Windows XP: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.
* Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates
Bulletins Replaced by This Update None
Full Details http://www.microsoft.com/technet/sec.../MS08-054.mspx

Bulletin Identifier Microsoft Security Bulletin MS08-055
Bulletin Title Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating Critical
Impact of Vulnerability Remote Code Execution
Detection Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.
Affected Software Office XP, Office 2003, 2007 Office System, Office OneNote 2007. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement This update does not require a restart in most cases.
Removal Information Use Add or Remove Programs tool in Control Panel.
Bulletins Replaced by This Update Office XP and Office 2003: MS08-016
2007 Office System: MS07-025
Full Details http://www.microsoft.com/technet/sec.../MS08-055.mspx

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft's security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's Web-based security content, the information in Microsoft's Web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,

Microsoft CSS Security Team