This information based on my previous blog "Microsoft security updates due next week"
Wow, everything and everyone is affected by this month’s Patch Tuesday:
Domain controllers: 2 very important bulletins address vulnerabilities present in domain controllers. I recommend you immediately apply MS08-060 (Windows 2000 DCs only) and MS08-063 to your domain controllers after minimal or no testing.
Servers: In my chart below note that there are 4 bulletins impact primarily servers and that there is also a patch specific to HIS (mainframe/AS400 connectivity). In particular, take note of MS08-062 which is already being exploited in attacks. If you use Internet Printing Protocol patch such systems immediately.
SharePoint: This month’s Excel bulletin (MS08-057) impacts MOSS 2007 servers so make sure you patch them too.
Workstations and Terminal Servers: As usual most (8 out of 11) bulletins workstation centric. In particular watch out for MS08-058 which addresses some nasty IE bugs and MS08-061 both of whose exploit details are already public.
I’d also like to bring your attention to the point frequently made in MS security bulletins: “Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights
Here's chart:
|
| Exploit Types | System Types Affected | Exploit | Comprehensive, | MS severity rating | Products Affected | Notes | Randy's recommendation |
| MS08-056 | Information Disclosure | Terminal Servers and Workstations | No/No | Not unless you can live with file downloads disabled in IE | Moderate | Office XP SP3 | | Disable CDO or patch (does same thing) |
| MS08-057 | Remote Code | Terminal Servers and Workstations SharePoint Servers | No/No | No | Critical | Office 2000 Office 2003 | Viewers and compatibility packs also affected | Patch after testing |
| MS08-058 | Remote code, Information Disclosure /Internet Explorer | Terminal Servers and Workstations | Yes/No | No | Critical | Windows 2000 Windows XP | Cumulative update addresses 6 vulnerabilities; Restart Req’d | Patch ASAP after testing |
| MS08-059 | Remote Code | Servers | No/No | Yes | Critical | Host Integration Server 2000, 2004, 2006 | Apply workaround(s) or patch after testing | |
| MS08-060 | Remote code, DOS | DOMAIN CONTROLLERS | No/No | No | Critical | Server 2000 | Only domain controllers affected; Restart Req’d | Patch immediately |
| MS08-061 | Privilege Elevation | Terminal Servers and Workstations | Yes/No | No | Important | Windows 2000 Windows XP | Restart Req’d | Patch after testing |
| MS08-062 | Remote Code | Servers | No/Yes | Yes | Important | Windows 2000 Windows XP | Vista not vulnerable at this time but patch will be offered | Immediately patch systems with IPP enabled |
| MS08-063 | Remote Code /Windows | Servers or workstations that allow file shares DOMAIN CONTROLLERS | No/No | No | Important IMO: Critical | Windows 2000 Windows XP | Restart Req’d | Patch ASAP after testing |
| MS08-064 | Privilege Elevation | Terminal Servers and Workstations | No/No | No | Important | Windows XP | Restart Req’d | Patch after testing |
| MS08-065 | Remote Code | Servers, Terminal Servers and Workstations | No/No | Yes | Important | Windows 2000 | Restart Req’d | Disable Message Queue via Group Policy or patch ASAP after testing |
| MS08-066 | Privilege Elevation | Terminal Servers and Workstations | No/No | No | Important | Windows XP | May have issue with ZoneAlarm; Restart Req’d | Patch after testing |
Happy patching!!!
Thanks as always for reading and best wishes on security.
Courtesy: Randy F. Smith
No comments:
Post a Comment