Microsoft Updates for Multiple Vulnerabilities
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA08-134A.html
JVNRSS based Status Tracking Notes: Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security.JVNRSS Feasibility Study Teamjvn@jvn.jpTRTA08-134A2008-05-19T22:52+00:002008-05-19T22:52+00:002008-05-19T22:52+00:00May 2008 Microsoft Security Bulletin (including three critical patches)
http://www.jpcert.or.jp/at/2008/at080007.txt
JPCERT/CCJPCERT-AT-2008-0007http://www.us-cert.gov/cas/techalerts/TA08-134A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms08-026.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-027.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-028.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-029.mspx2008-05-14T02:03+00:002008-05-14T02:03+00:002008-05-14T02:03+00:00May 2008 black tuesday overview
http://isc.sans.org/diary.html?storyid=4411
Overview of the May 2008 Microsoft patches and their status.
SANS Internet Storm Centerhttp://www.microsoft.com/technet/security/bulletin/ms08-026.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-027.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-028.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-029.mspx2008-05-13T22:01+00:002008-05-13T22:01+00:002008-05-13T22:01+00:00Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA08-134A.html
Via US-CERT Mailing List
US-CERTTA08-134Ahttp://www.us-cert.gov/cas/techalerts/TA08-134A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms08-026.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-027.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-028.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-029.mspx2008-05-13T15:44-04:002008-05-13T15:44-04:002008-05-13T15:44-04:00Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/950627.mspx?jvntrev=1
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability (MS08-028, CVE-2007-6026)
Microsoft has completed the investigation into public reports of this vulnerability. We have issued Microsoft Security Bulletin MS08-028 to address this issue.
MicrosoftMicrosoft Security Advisory (950627)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6026http://www.microsoft.com/technet/security/advisory/950627.mspx2008-05-13T12:42-07:002008-05-13T12:42-07:002008-05-13T12:42-07:00ThreatCON (1) => (2)
https://tms.symantec.com/
Microsoft has addressed several vulnerabilities with the May 2008 patch release. We advise customers to install the updates as soon as possible.
Symantechttp://www.us-cert.gov/cas/techalerts/TA08-134A.html2008-05-13T18:39+00:002008-05-13T18:39+00:002008-05-13T18:39+00:00Microsoft Security Bulletin Summary for May 2008
http://www.microsoft.com/technet/security/bulletin/ms08-may.mspx
Included in this advisory are updates for newly discovered vulnerabilities.
MicrosoftMS08-MAYhttp://www.microsoft.com/technet/security/bulletin/ms08-026.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-027.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-028.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-029.mspx2008-05-13T11:37-07:002008-05-13T11:37-07:002008-05-13T11:37-07:00Microsoft Releases April Security Bulletin
http://www.us-cert.gov/current/archive/2008/05/13/archive.html#microsoft_releases_may_security_bulletin1
US-CERT Current Activity
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Live OneCare, Antigen, Windows Defender, and Forefront Security as part of the Microsoft Security Bulletin Summary for May 2008. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERThttp://www.us-cert.gov/cas/techalerts/TA08-134A.html2008-05-13T13:51-04:002008-05-13T13:51-04:002008-05-13T13:51-04:00Microsoft Jet Database Engine (msjet40.dll) Remote Code Execution
http://www.iss.net/threats/292.html
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability (MS08-028, CVE-2007-6026)
Microsoft Jet Database Engine (msjet40.dll) is vulnerable to a stack-based buffer overflow that could allow remote code execution. An attacker could exploit this vulnerability by sending a malicious file as an email attachment or by hosting it on a Web site and persuading the victim to click a link.
IBM Internet Security Systemshttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6026http://xforce.iss.net/xforce/xfdb/41380http://www.microsoft.com/technet/security/bulletin/ms08-028.mspx2008-05-132008-05-132008-05-13Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/950627.mspx
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability (MS08-028, CVE-2007-6026)
MicrosoftMicrosoft Security Advisory (950627)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6026http://www.microsoft.com/technet/security/advisory/950627.mspx2008-03-21T18:26-07:002008-03-21T18:26-07:002008-03-21T18:26-07:00Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-023
Object Parsing Vulnerability (MS08-026, CVE-2008-1091)
Vulnerability Reported
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious email, or open a malicious file.
Zero Day Initiative (ZDI)ZDI-08-023http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1091http://www.microsoft.com/technet/security/bulletin/ms08-026.mspx2008-01-212008-01-212008-01-21Microsoft Word CSS Processing Memory Corruption Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700
Word Cascading Style Sheet (CSS) Vulnerability (MS08-026, CVE-2008-1434)
Vulnerability Reported
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code with the privileges of the logged in user.
iDefensehttp://www.us-cert.gov/cas/techalerts/TA08-134A.htmlhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1434http://www.microsoft.com/technet/security/bulletin/ms08-026.mspx2007-11-082007-11-082007-11-08swyh5wQneAv2CnxsMVgWDxzkj/8=cUnrMfn5QxDMnVtgwJmIdf+yhq8=VpiDo0I3CUnx/ZPSuxjBPBs8xQ4DnQzpBZtvJ4LshT6xDF6DF8Bor88pOw4sjG2jzKsvjCX61wzXM7t2FYnJtUG/RSC3ZIerQrJ+pw9UqEjWHKimi6xRrXNjAyzBtgDLbl+l7YKhRaoJ+c52kQP/chCjlf+cHZg54miNCYBLzC4=MIIE1DCCA7ygAwIBAgIQfBHY/s5/LRzGChqXgtjCKTANBgkqhkiG9w0BAQUFADCB3TELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNTEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5WZXJpU2lnbiBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEcyMB4XDTA3MDcwNTAwMDAwMFoXDTA4MDcwNDIzNTk1OVowggEhMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTQwMgYDVQQLEytEaWdpdGFsIElEIENsYXNzIDEgLSBNaWNyb3NvZnQgRnVsbCBTZXJ2aWNlMSYwJAYDVQQDFB1KVk5SU1MgRmVhc2liaWxpdHkgU3R1ZHkgVGVhbTEfMB0GCSqGSIb3DQEJARYQanZucnNzQGlwYS5nby5qcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsCjiweXb23sjKQajfCS8WiHjax1ppkfkjhN/SwBp/LOOXlpZpzW/lHtKSnWJLPOZzLxIJUWARTZ+T2y2wCzDnKU9TOkNx56u7iBhhATVRyPby22uRY0Pf+1uu8vnSZPvAR50FI9o2COo9xCqfXZWU/RNWSrsrxJd2XL4Y6sYzL0CAwEAAaOBzDCByTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHFwMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly9JbmRDMURpZ2l0YWxJRC1jcmwudmVyaXNpZ24uY29tL0luZEMxRGlnaXRhbElELmNybDANBgkqhkiG9w0BAQUFAAOCAQEAHbEsHsaKt3O4OUlcec2BOe+MAP4eGW5X494WdegnLEW4tlAxZvctmLeGr0VRXMtF1JumpTLQcdQvUFp15N2+RDa1PrMFrkrCz9BdextE/7mykda0DzsAvbroqHbsu3tZOhnE7T61ZxtBuXOC0jChphl96yDn8NxvebCwcApB46oeKSbAFT21HRIWGiCo1QaMvB390MzFfOFfft1oHivREyIjgXNyAUSTunj/rQhodTnQRVdRuVwa5KSUErWOnNFM2uuXaF/vJqVRX2QR6zr+S+JGbw3ykc/7zkixEBbkSv3wOTh7BmsXRzRvLcaD92ifxOqFxWHQxIqMSxsbJ6WyPQ==