Added support for June 2008 Microsoft security updates

The information in this article applies to:

• GFI LANguard 9.0
• GFI LANguard Network Security Scanner 7
• GFI LANguard Network Security Scanner 8

Article ID: KBID003344

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

• MS08-036 - Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
• MS08-035 - Vulnerability in Active Directory Could Allow Denial of Service (953235)
• MS08-034 - Vulnerability in WINS Could Allow Elevation of Privilege (948745)
• MS08-033 - Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
• MS08-032 - Cumulative Security Update of ActiveX Kill Bits (950760)
• MS08-031 - Cumulative Security Update for Internet Explorer (950759)
• MS08-030 - Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)

More Information:

MS08-036
Severity Rating: Important
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

Description:

This security update resolves two privately reported vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system. An attacker who successfully exploited this vulnerability could cause a user’s system to become non-responsive and to require a restart to restore functionality. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003 and rated Moderate for all supported editions of Windows Vista and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB950762)
• Security Update for Windows XP (KB950762)
• Security Update for Windows Server 2003 x64 Edition (KB950762)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB950762)
• Security Update for Windows Server 2003 (KB950762)
• Security Update for Windows Vista for x64-based Systems (KB950762)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB950762)
• Security Update for Windows Vista (KB950762)
• Security Update for Windows Server 2008 (KB950762)
• Security Update for Windows Server 2008 x64 Edition (KB950762)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-036.mspx

MS08-035
Severity Rating: Important
Vulnerability in Active Directory Could Allow Denial of Service (953235)

Description:

This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008; Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003; and Active Directory Lightweight Directory Service (AD LDS) when installed on Windows Server 2008. The vulnerability could be exploited to allow an attacker to cause a denial of service condition. On Windows XP Professional, Windows Server 2003, and Windows Server 2008, an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could cause the system to stop responding or automatically restart. This security update is rated Important for all supported editions of Microsoft Windows 2000 Server, and rated Moderate for select editions of Windows XP Professional, Windows Server 2003, and Windows Server 2008.

Included Updates:

• Security Update for Windows Server 2003 x64 Edition (KB949014)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB949014)
• Security Update for Windows Server 2003 (KB949014)
• Security Update for Windows 2000 (KB949014)
• Security Update for Windows Server 2008 (KB949014)
• Security Update for Windows Server 2008 x64 Edition (KB949014)
• Security Update for Windows XP x64 Edition (KB949269)
• Security Update for Windows XP (KB949269)
• Security Update for Windows Server 2003 x64 Edition (KB949269)
• Security Update for Windows Server 2003 (KB949269)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-035.mspx

MS08-034
Severity Rating: Important
Vulnerability in WINS Could Allow Elevation of Privilege (948745)

Description:

This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS) that could allow elevation of privilege. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. This security update is rated Important for all supported editions of Microsoft Windows 2000 Server and Windows Server 2003.

Included Updates:

• Security Update for Windows Server 2003 x64 Edition (KB948745)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB948745)
• Security Update for Windows Server 2003 (KB948745)
• Security Update for Windows 2000 (KB948745)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-034.mspx

MS08-033
Severity Rating: Critical
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

Description:

This security update resolves two privately reported vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows Server 2008 (KB951698)
• Security Update for Windows XP x64 Edition (KB951698)
• Security Update for Windows XP (KB951698)
• Security Update for Windows Vista for x64-based Systems (KB951698)
• Security Update for Windows Vista (KB951698)
• Security Update for Windows Server 2008 x64 Edition (KB951698)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB951698)
• Security Update for Windows Server 2003 x64 Edition (KB951698)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB951698)
• Security Update for Windows Server 2003 (KB951698)
• Security Update for Windows 2000 (KB951698)
• Security Update for DirectX 9 for Windows 2000 (KB951698)
• Security Update for DirectX 8 for Windows 2000 (KB951698)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-033.mspx

MS08-032
Severity Rating: Moderate
Cumulative Security Update of ActiveX Kill Bits (950760)

Description:

This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes a kill bit for software produced by BackWeb. The security update is rated Moderate for Microsoft Windows 2000 Service Pack 4; all supported editions of Windows XP; and all editions of the original release version of Windows Vista. However, the kill bit deployment also includes Windows Vista Service Pack 1. For all other supported versions of Windows, this security update is rated Low.

Included Updates:

• Cumulative Security Update for ActiveX Killbits for Windows XP x64 Edition (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows XP (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2003 x64 Edition (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2003 for Itanium-based Systems (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2003 (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows 2000 (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Vista (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB950760)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 for Itanium-based Systems (KB950760)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-032.mspx

MS08-031
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (950759)

Description:

This security update resolves one privately reported and one publicly disclosed vulnerability. The privately reported vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The publicly disclosed vulnerability could allow information disclosure if a user viewed a specially crafted Web page using Internet Explorer. This security update is rated Critical for Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; Internet Explorer 6 on supported versions of Windows XP; and Internet Explorer 7 on supported versions of Windows XP and Windows Vista. The security update is also rated Important for Internet Explorer 5.01 on Microsoft Windows 2000 Service Pack 4, and Moderate for all other supported releases of Internet Explorer.

Included Updates:

• Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB950759)
• Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems (KB950759)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB950759)
• Cumulative Security Update for Internet Explorer 7 for Windows XP (KB950759)
• Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB950759)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB950759)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB950759)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB950759)
• Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB950759)
• Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 6 for Windows XP (KB950759)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB950759)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB950759)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB950759)
• Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB950759)
• Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB950759)
• Cumulative Security Update for Internet Explorer 7 in Windows Vista for x64-based Systems (KB950759)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-031.mspx

MS08-030
Severity Rating: Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)

Description:

This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Critical for all supported editions of Windows XP and Windows Vista.

Included Updates:

• Security Update for Windows XP x64 Edition (KB951376)
• Security Update for Windows XP (KB951376)
• Security Update for Windows Vista for x64-based Systems (KB951376)
• Security Update for Windows Vista (KB951376)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-030.mspx

Note

• The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard 7 is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
  
  
• A list of bulletins supported by GFI LANguard can be found in the following page:
  http://gfi.com/lannetscan/msfullreport.htm