Home > Microsoft Security > Microsoft Security Bulletin Ms08-063

Microsoft Security Bulletin Ms08-063

Contents

In the list of files, right-click a file name from the appropriate file information table, and then click Properties.Note Depending on the edition of the operating system, or the programs that For an attack to be successful, a user must open an attachment that is sent in an e-mail message. In all cases, however, an attacker would have no way to force users to visit these Web sites. The following table contains the list of feature names (case sensitive) that must be reinstalled for the update. Source

Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-4032. The content you requested has been removed. https://technet.microsoft.com/en-us/library/security/ms08-063.aspx

Ms08 063 Exploit

Instead, an attacker would have to convince them to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes Microsoft is hosting a webcast to address customer questions on these bulletins on October 15, 2008, at 11:00 AM Pacific Time (US & Canada). What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could take complete control of an affected system.

  1. Detection and Deployment Guidance Microsoft has provided detection and deployment guidance for this month’s security updates.
  2. SoftwareSMS 2.0SMS 2003 with SUSFPSMS 2003 with ITMUConfiguration Manager 2007 Microsoft Windows 2000 Service Pack 4YesYesYesYes Windows XP Service Pack 2 and Windows XP Service Pack 3YesYesYesYes Windows XP Professional x64
  3. Server Service Vulnerability - CVE-2008-4250 A remote code execution vulnerability exists in the Server service on Windows systems.
  4. Updates for consumer platforms are available from Microsoft Update.
  5. For more information, see the subsection, Affected and Non-Affected Software, in this section.
  6. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
  7. Note You can combine these switches into one command.
  8. Special Options /forceappsclose Forces other programs to close when the computer shuts down. /log:path Allows the redirection of installation log files.
  9. Detection and Deployment Guidance Microsoft has provided detection and deployment guidance for this month’s security updates.

This log details the files that are copied. For more information, see the subsection, Affected and Non-Affected Software, in this section. This is the same as unattended mode, but no status or error messages are displayed. Other versions or editions are either past their support life cycle or are not affected.

To disable the Message Queuing service, follow these steps:1. Ms08-067 Exploit Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section. Security Advisories and Bulletins Security Bulletins 2008 2008 MS08-077 MS08-077 MS08-077 MS08-078 MS08-077 MS08-076 MS08-075 MS08-074 MS08-073 MS08-072 MS08-071 MS08-070 MS08-069 MS08-068 MS08-067 MS08-066 MS08-065 MS08-064 MS08-063 MS08-062 MS08-061 MS08-060 MS08-059 Restart Options /norestart Does not restart when installation has completed. /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents

You can find additional information in the subsection, Deployment Information, in this section. Click Start, and then click Search. At that site, scroll down and look under the Update Resources section for the software version you are updating. The update requires a restart.

Ms08-067 Exploit

What is Windows Search? Windows Search is a standard component of Windows Vista and Windows Server 2008 that is enabled by default. https://technet.microsoft.com/en-us/library/security/ms08-oct.aspx Impact of workaround. Ms08 063 Exploit Update Information Detection and Deployment Tools and Guidance Manage the software and security updates you need to deploy to the servers, desktop, and mobile systems in your organization. Ms09-001 By using SMS, administrators can identify Windows-based systems that require security updates and to perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users.

You can find them most easily by doing a keyword search for "security update." Finally, security updates can be downloaded from the Microsoft Update Catalog. this contact form See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. Specifies the path and name of the Setup.inf or .exe file. /r:n Never restarts the system after installation. /r:I Prompts the user to restart the system if a restart is required, The dates and times for these files are listed in coordinated universal time (UTC). Exploit Db

Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section. The Microsoft Update Catalog provides a searchable catalog of content made available through Windows Update and Microsoft Update, including security updates, drivers and service packs. This security update supports the following setup switches. have a peek here Security Advisories and Bulletins Security Bulletins 2008 2008 MS08-013 MS08-013 MS08-013 MS08-078 MS08-077 MS08-076 MS08-075 MS08-074 MS08-073 MS08-072 MS08-071 MS08-070 MS08-069 MS08-068 MS08-067 MS08-066 MS08-065 MS08-064 MS08-063 MS08-062 MS08-061 MS08-060 MS08-059

If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. This operation causes Windows Explorer to exit and restart in an exploitable manner. Supported Spuninst.exe Switches SwitchDescription /help Displays the command-line options.

Frequently Asked Questions (FAQ) Related to This Security Update Why was this Bulletin revised on October 29, 2008? Microsoft revised this bulletin to notify customers that the update packages for Windows Server

Non-Security, High-Priority Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services Under Windows Update, click View installed updates and select from the list of updates. To disable IPP Service in IIS 6.0 Start IIS Manager or the IIS snap-in. If they are, see your product documentation to complete these steps.

Restart Requirement Restart required?This update does not require a restart. For more information about MBSA, visit Microsoft Baseline Security Analyzer. You can streamline testing and validating Windows updates against installed applications with the Update Compatibility Evaluator components included with Application Compatibility Toolkit 5.0. Check This Out For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Impact of workaround. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. If an undo is required, perform it immediately. File Version Verification Because there are several editions of Microsoft Windows, the following steps may be different on your system.

None Affected and Non-Affected Software The following software have been tested to determine which versions or editions are affected. For more information about SCCM 2007 Software Update Management, visit System Center Configuration Manager 2007. For more information about the removal, see Microsoft Knowledge Base Article 903771. Built at 2014-04-18T13:49:36Z-07:00 Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful?

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? Yes. In the list of files, right-click a file name from the appropriate file information table, and then click Properties.Note Depending on the edition of the operating system, or the programs that This vulnerability could be exploited when a user opens a specially crafted file. In the Search Results pane, click All files and folders under Search Companion.

For more information about the ports that RPC uses, visit TCP and UDP Port Assignments. This vulnerability is not liable to be triggered if the attacker is not authenticated. Restart Requirement Restart required?In some cases, this update does not require a restart. This is the same as unattended mode, but no status or error messages are displayed.

Setup Modes /passive Unattended Setup mode. Note You can combine these switches into one command. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. For all supported editions of Office 2000: File NameVersionDateTimeSize Vbe6.dll6.5.10.2410-May-200700:192,585,936 Note For a complete list of supported versions, see the Support Lifecycle Index.

If they are, see your product documentation to complete these steps. Supported Spuninst.exe Switches SwitchDescription /help Displays the command-line options. File Information See Microsoft Knowledge Base Article 957175 Registry Key Verification Not applicable Deployment Information Installing the Update You can install the update from the appropriate download link in the Affected