Added support for October 2008 Microsoft security updates

The information in this article applies to:

• GFI LANguard Network Security Scanner 7
• GFI LANguard Network Security Scanner 8

Article ID: KBID003425

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

• MS08-066 - Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
• MS08-065 - Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)
• MS08-064 - Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
• MS08-063 - Vulnerability in SMB Could Allow Remote Code Execution (957095)
• MS08-062 - Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
• MS08-061 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
• MS08-060 - Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
• MS08-059 - Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
• MS08-058 - Cumulative Security Update for Internet Explorer (956390)
• MS08-057 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
• MS08-056 - Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)

More Information:

MS08-066
Severity Rating: Important
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)

Description:

This security update resolves a privately reported vulnerability in the Microsoft Ancillary Function Driver. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This is an important security update for all supported editions of Windows XP and Windows Server 2003.

Included Updates:

• Security Update for Windows XP x64 Edition (KB956803)
• Security Update for Windows XP (KB956803)
• Security Update for Windows Server 2003 x64 Edition (KB956803)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB956803)
• Security Update for Windows Server 2003 (KB956803)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-066.mspx

MS08-065
Severity Rating: Important
Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)

Description:

This security update resolves a privately reported vulnerability in the Message Queuing Service (MSMQ) on Microsoft Windows 2000 systems. The vulnerability could allow remote code execution on Microsoft Windows 2000 systems with the MSMQ service enabled. This security update is rated Important for all supported editions of Microsoft Windows 2000.

Included Updates:

• Security Update for Windows 2000 (KB951071)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-065.mspx

MS08-064
Severity Rating: Important
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)

Description:

This security update resolves a privately reported vulnerability in Virtual Address Descriptor. The vulnerability could allow elevation of privilege if a user runs a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could gain elevation of privilege on an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB956841)
• Security Update for Windows XP (KB956841)
• Security Update for Windows Server 2003 x64 Edition (KB956841)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB956841)
• Security Update for Windows Server 2003 (KB956841)
• Security Update for Windows Server 2008 (KB956841)
• Security Update for Windows Server 2008 x64 Edition (KB956841)
• Security Update for Windows Vista for x64-based Systems (KB956841)
• Security Update for Windows Vista (KB956841)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB956841)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-064.mspx

MS08-063
Severity Rating: Important
Vulnerability in SMB Could Allow Remote Code Execution (957095)

Description:

This security update resolves a privately reported vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on a server that is sharing files or folders. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows Server 2008 for Itanium-based Systems (KB957095)
• Security Update for Windows XP x64 Edition (KB957095)
• Security Update for Windows XP (KB957095)
• Security Update for Windows Server 2003 x64 Edition (KB957095)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB957095)
• Security Update for Windows Server 2003 (KB957095)
• Security Update for Windows 2000 (KB957095)
• Security Update for Windows Vista for x64-based Systems (KB957095)
• Security Update for Windows Server 2008 (KB957095)
• Security Update for Windows Server 2008 x64 Edition (KB957095)
• Security Update for Windows Vista (KB957095)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-063.mspx

MS08-062
Severity Rating: Important
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)

Description:

This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB953155)
• Security Update for Windows XP (KB953155)
• Security Update for Windows Server 2003 x64 Edition (KB953155)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB953155)
• Security Update for Windows Server 2003 (KB953155)
• Security Update for Windows 2000 (KB953155)
• Security Update for Windows Server 2008 x64 Edition (KB953155)
• Security Update for Windows Server 2008 (KB953155)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-062.mspx

MS08-061
Severity Rating: Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)

Description:

This security update resolves one publicly disclosed and two privately reported vulnerabilities in the Windows kernel. A local attacker who successfully exploited these vulnerabilities could take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB954211)
• Security Update for Windows XP (KB954211)
• Security Update for Windows Server 2003 x64 Edition (KB954211)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB954211)
• Security Update for Windows Server 2003 (KB954211)
• Security Update for Windows 2000 (KB954211)
• Security Update for Windows Server 2008 x64 Edition (KB954211)
• Security Update for Windows Server 2008 (KB954211)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB954211)
• Security Update for Windows Vista (KB954211)
• Security Update for Windows Vista for x64-based Systems (KB954211)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-061.mspx

MS08-060
Severity Rating: Critical
Vulnerability in Active Directory Could Allow Remote Code Execution (957280)

Description:

This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker gains access to an affected network. This vulnerability only affects Microsoft Windows 2000 servers configured to be domain controllers. If a Microsoft Windows 2000 server has not been promoted to a domain controller, it will not be listening to Lightweight Directory Access Protocol (LDAP) or LDAP over SSL (LDAPS) queries, and will not be exposed to this vulnerability. This security update is rated Critical for implementations of Active Directory on Microsoft Windows 2000 Server.

Included Updates:

• Security Update for Windows 2000 (KB957280)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-060.mspx

MS08-059
Severity Rating: Critical
Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)

Description:

This security update resolves a privately reported vulnerability in Microsoft Host Integration Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted Remote Procedure Call (RPC) request to an affected system. Customers who follow best practices and configure the SNA RPC service account to have fewer user rights on the system could be less impacted than customers who configure the SNA RPC service account to have administrative user rights. This security update is rated Critical for all supported editions of Microsoft Host Integration Server 2000, Microsoft Host Integration Server 2004, and Microsoft Host Integration Server 2006.

Included Updates:

• Security Update for Host Integration Server 2006 (KB956695)
• Security Update for Host Integration Server 2004 (KB956695)
• Security Update for Host Integration Server 2000 (KB956695)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx

MS08-058
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (956390)

Description:

This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerabilities could allow information disclosure or remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1, running on all supported editions of Microsoft Windows 2000, and for Internet Explorer 6 running on all supported editions of Windows XP. For Internet Explorer 7 running on all supported editions of Windows XP and Windows Vista, this security update is rated Important. Otherwise, this security update is rated Moderate or Low.

Included Updates:

• Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 7 for Windows XP (KB956390)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB956390)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB956390)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB956390)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB956390)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB956390)
• Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB956390)
• Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 6 for Windows XP (KB956390)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB956390)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB956390)
• Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB956390)
• Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB956390)
• Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems (KB956390)
• Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB956390)
• Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB956390)
• Cumulative Security Update for Internet Explorer 7 in Windows Vista for x64-based Systems (KB956390)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx

MS08-057
Severity Rating: Critical
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)

Description:

This security update resolves three privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Office Excel 2000 and rated Important for all supported editions of Microsoft Office Excel 2002, Microsoft Office Excel 2003, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2007, Microsoft Office Compatibility Pack , Microsoft Office Excel Viewer, and Microsoft Office SharePoint Server 2007.

Included Updates:

• Security Update for Microsoft Office Excel Viewer (KB955935)
• Security Update for Microsoft Office Excel Viewer 2003 (KB955468)
• Security Update for Excel Services in Microsoft Office SharePoint Server 2007 (KB955937), 64-bit Edition
• Security Update for Excel Services in Microsoft Office SharePoint Server 2007 (KB955937), 32-bit Edition
• Security Update for 2007 Microsoft Office System (KB955936)
• Security Update for Microsoft Office Excel 2007 (KB955470)
• Security Update for Microsoft Office Excel 2003 (KB955466)
• Security Update for Microsoft Excel 2002 (KB955464)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-057.mspx

MS08-056
Severity Rating: Moderate
Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)

Description:

This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow information disclosure if a user clicks a specially crafted CDO URL. An attacker who successfully exploited this vulnerability could inject a client side script in the user's browser that could spoof content, disclose information, or take any action that the user could take on the affected Web site. This security update is rated Moderate for supported editions of Microsoft Office XP. The security update addresses the vulnerability by unregistering the CDO protocol.

Included Updates:

• Security Update for Microsoft Office 2002 (KB956464)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-056.mspx

Note

• The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
  
  
• A full list of bulletins supported by GFI LANguard Network Security Scanner can be found in the following page:
  http://www.gfi.com/lannetscan/msfullreport.htm