Added support for November 2008 Microsoft security updates

The information in this article applies to:

  • GFI LANguard Network Security Scanner 7
  • GFI LANguard Network Security Scanner 8

Article ID: KBID003443

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.


New Security Updates Supported:

  • MS08-069 - Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
  • MS08-068 - Vulnerability in SMB Could Allow Remote Code Execution (957097)


More Information:

MS08-069
Severity Rating: Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Description:

This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Microsoft XML Core Services 3.0 and Important for Microsoft XML Core Services 4.0, Microsoft XML Core Services 5.0, and Microsoft XML Core Services 6.0.

Included Updates:

  • Security Update for Windows Vista (KB954459)
  • Security Update for Windows Server 2008 x64 Edition (KB954459)
  • Security Update for Windows Server 2008 (KB954459)
  • Security Update for Windows Vista for x64-based Systems (KB954459)
  • Security Update for Windows Server 2008 for Itanium-based Systems (KB954459)
  • Security Update for Microsoft XML Core Services 6.0 Service Pack 2 for Itanium-based Systems (KB954459)
  • Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for Itanium-based Systems (KB954430)
  • Security Update for Microsoft XML Core Services 6.0 Service Pack 2 (KB954459)
  • Security Update for Windows XP (KB954459)
  • Security Update for Microsoft XML Core Services 6.0 Service Pack 2 for x64-based Systems (KB954459)
  • Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
  • Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430)
  • Security Update for Windows XP x64 Edition (KB955069)
  • Security Update for Windows XP (KB955069)
  • Security Update for Windows Server 2003 x64 Edition (KB955069)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB955069)
  • Security Update for Windows Server 2003 (KB955069)
  • Security Update for Windows 2000 (KB955069)
  • Security Update for Windows Server 2008 for Itanium-based Systems (KB955069)
  • Security Update for Windows Server 2008 x64 Edition (KB955069)
  • Security Update for Windows Vista (KB955069)
  • Security Update for Windows Server 2008 (KB955069)
  • Security Update for Windows Vista for x64-based Systems (KB955069)
  • Security Update for Microsoft Office 2007 (KB951550)
  • Security Update for Microsoft Office 2003 (KB951535)
  • Security Update for 2007 Microsoft Office System Servers (KB951597), 64-bit Edition
  • Security Update for 2007 Microsoft Office System Servers (KB951597), 32-bit Edition

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-069.mspx


MS08-068
Severity Rating: Important
Vulnerability in SMB Could Allow Remote Code Execution (957097)

Description:

This security update resolves a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008.

Included Updates:

  • Security Update for Windows Server 2008 (KB957097)
  • Security Update for Windows Server 2008 for Itanium-based Systems (KB957097)
  • Security Update for Windows Vista (KB957097)
  • Security Update for Windows Server 2008 x64 Edition (KB957097)
  • Security Update for Windows Vista for x64-based Systems (KB957097)
  • Security Update for Windows XP x64 Edition (KB957097)
  • Security Update for Windows XP (KB957097)
  • Security Update for Windows Server 2003 x64 Edition (KB957097)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB957097)
  • Security Update for Windows Server 2003 (KB957097)
  • Security Update for Windows 2000 (KB957097)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx

Note