Added support for May 2008 Microsoft security updates

The information in this article applies to:

  • GFI LANguard 9.0
  • GFI LANguard Network Security Scanner 7
  • GFI LANguard Network Security Scanner 8

Article ID: KBID003337

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.


New Security Updates Supported:

  • MS08-028 - Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)
  • MS08-027 - Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
  • MS08-026 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)


More Information:

MS08-028
Severity Rating: Important
Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

Description:

This security update resolves a security vulnerability in the Microsoft Jet Database Engine (Jet) in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for the Microsoft Jet 4.0 Database Engine.

Included Updates:

  • Security Update for Windows XP x64 Edition (KB950749)
  • Security Update for Windows XP (KB950749)
  • Security Update for Windows Server 2003 x64 Edition (KB950749)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB950749)
  • Security Update for Windows Server 2003 (KB950749)
  • Security Update for Windows 2000 (KB950749)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-028.mspx


MS08-027
Severity Rating: Critical
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)

Description:

This security update resolves a privately reported vulnerability in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Microsoft Publisher 2000 Service Pack 3 and Important for supported versions of Microsoft Publisher 2002, Microsoft Publisher 2003, and Microsoft Publisher 2007.

Included Updates:

  • Security Update for Microsoft Office Publisher 2007 (KB950114)
  • Security Update for Microsoft Office Publisher 2003 (KB950213)
  • Security Update for Microsoft Publisher 2002 (KB950129)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-027.mspx


MS08-026
Severity Rating: Critical
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)

Description:

This security update resolves several privately reported vulnerabilities in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for supported editions of Microsoft Word 2000 and Microsoft Outlook 2007 and rated Important for supported editions of Microsoft Word 2002; Microsoft Word 2003; Microsoft Word Viewer 2003 and Microsoft Word Viewer 2003 Service Pack 3; Microsoft Word 2007; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats; and Microsoft Office 2004 for Mac and Microsoft Office 2008 for Mac.

Included Updates:

  • Security Update for Microsoft Office Word Viewer 2003 (KB950625)
  • Security Update for Microsoft Office system 2007 (KB951808)
  • Security Update for Microsoft Office Word 2007 (KB950113)
  • Security Update for Microsoft Office Word 2003 (KB950241)
  • Security Update for Microsoft Word 2002 (KB950243)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-026.mspx

Note