Status Tracking Note TRTA08-190A

Microsoft Updates for Multiple Vulnerabilities

Overview

Microsoft has released updates that address vulnerabilities in Microsoft Windows, Windows Server, Microsoft SQL Server, and Microsoft Outlook Web Access.
Event Information

Date (UTC)Description
2008-07-16 21:38 Symantec
ThreatCON (2) => (1)
2008-07-14 17:58 US-CERT
Zone Alarm Releases Security Advisory
US-CERT Current Activity
Zone Alarm has released a Security Advisory indicating that version 7.0.483.0 has been released to address an issue in the way Microsoft Security Bulletin MS08-037 affects Zone Alarm.
2008-07-11 21:36 Check Point Software Technologies Ltd.
Workaround to Sudden Loss of Internet Access Problem
Microsoft Update KB951748 is known to cause loss of internet access for ZoneAlarm users on Windows XP/2000. Windows Vista users are not affected.
2008-07-11 00:51 Microsoft
MS08-037: Microsoft Security Bulletin Major Revisions
Via Microsoft Mailing List
Vulnerabilities in DNS Could Allow Spoofing (MS08-037)
Bulletin revised to inform users of ZoneAlarm and Check Point Endpoint Security of an Internet connectivity issue.
2008-07-08 21:30 SANS Internet Storm Center
July 2008 black tuesday overview (Version: 2)
Overview of the July 2008 Microsoft patches and their status.
2008-07-08 21:30 Symantec
ThreatCON (1) => (2)
Tuesday, July 8, 2008, Symantec has discovered active exploitation of a what is possibly an undisclosed vulnerability affecting Microsoft Word. Ensure that AntiVirus software is up to date.
2008-07-08 20:08 US-CERT
TA08-190A: Microsoft Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2008-07-08 20:08 Microsoft
MS08-JUL: Microsoft Security Bulletin Summary for July 2008
Included in this advisory are updates for newly discovered vulnerabilities.
2008-07-08 17:27 US-CERT
Microsoft Releases July Security Bulletin
US-CERT Current Activity
Microsoft has released updates to address vulnerabilities in Microsoft Windows and SQL Server as part of the Microsoft Security Bulletin Summary for July 2008. These vulnerabilities may allow an attacker to execute arbitrary code, redirect network traffic to a malicious location, or access the system with elevated privileges.
2008-07-08 15:47 Check Point Software Technologies Ltd.
ZoneAlarm is investigating the issue with Microsoft update KB951748
We are investigating the issue with the MS update KB951748. For the time being we suggest you uninstall KB951748 until the issue has been resolved.
2008-01-10 Context IS
Context IS Advisory - MS08-39 OWA XSS
Outlook Web Access for Exchange Server Data Validation Cross-Site Scripting Vulnerability (MS08-039, CVE-2008-2247)
Outlook Web Access for Exchange Server Parsing Cross-Site Scripting Vulnerability (MS08-039, CVE-2008-2248)
Vulnerability Reported
Several Cross Site Scripting vulnerabilities were found in within Outlook Web Access (OWA) 2003/2007. An
2007-12-06 iDefense
Microsoft SQL Server Restore Integer Underflow Vulnerability
SQL Server Memory Corruption Vulnerability (MS08-040, CVE-2008-0107)
Vulnerability Reported
Remote exploitation of an integer underflow vulnerability within Microsoft Corp.'s SQL Server could allow a remote attacker to execute arbitrary code with the privileges of the SQL Server.


Date first published (UTC): 2008-07-16T12:07+00:00
Date last updated (UTC): 2008-07-16T12:07+00:00
Valid HTML 4.01!