Home > Microsoft Security > Ms09-001

Ms09-001

Contents

If a software program or component is listed, then the available software update is hyperlinked and the severity rating of the software update is also listed. For more information about MBSA, visit Microsoft Baseline Security Analyzer. This is a detection change only; there were no changes to the binaries. Workarounds for Access Control Vulnerability - CVE-2008-4032 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you this content

For more information about MBSA visit Microsoft Baseline Security Analyzer Web site. This documentation is archived and is not being maintained. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. SoftwareMBSA 2.0.1 Microsoft Outlook 2000 Service Pack 3No Microsoft Outlook XP Service Pack 3Yes Microsoft Outlook 2003 Service Pack 2 and Service Pack 3Yes Microsoft Outlook 2007Yes For more information about

Ms09-001

The vulnerability is due to the service not properly handling specially crafted RPC requests. Additionally, you may not have the option to uninstall the update from the Add or Remove Programs tool in Control Panel. For more information, see the subsection, Affected and Non-Affected Software, in this section. The exploit occurs regardless of where the search is saved.

Setup Modes /passive Unattended Setup mode. What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could take complete control of the affected system. Under Windows Update, click View installed updates and select from the list of updates. Verifying That the Update Has Been Applied Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the

Security updates are also available at the Microsoft Download Center. Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry. Microsoft Security Bulletin MS08-067 - Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644) Published: October 23, 2008 Version: 1.0 General Information Executive Summary This security update resolves a https://technet.microsoft.com/en-us/library/security/ms08-015.aspx For more information about SMS, visit the SMS Web site.

What does the update do? The update removes the vulnerability by modifying the way that Internet Explorer handles the error resulting in the exploitable condition. Expand HKEY_CLASSES_ROOT. We appreciate your feedback. When you call, ask to speak with the local Premier Support sales manager.

Ms08-067

To do this, follow these steps: In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. https://technet.microsoft.com/en-us/library/security/ms08-067.aspx An attacker could then install programs or view, change, or delete data; or create new accounts with full user rights. Ms09-001 By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

What should I do? The affected software listed in this bulletin have been tested to determine which releases are affected. Known Issues. None Affected and Non-Affected Software The following software have been tested to determine which versions or editions are affected. The next release of SMS, System Center Configuration Manager 2007, is now available; see also System Center Configuration Manager 2007. This will allow the site to work correctly even with the security setting set to High.

Register now for the December Security Bulletin Webcast. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to If this behavior occurs, a message appears that advises you to restart.To help reduce the chance that a restart will be required, stop all affected services and close all applications that Removal Information Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB958644$\Spuninst folder File Information See Microsoft Knowledge Base Article 958644 Registry Key Verification

When this security bulletin was issued, had this vulnerability been publicly disclosed? No. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. For more information on this installation option, see Server Core.

For more information about SCCM 2007 Software Update Management, visit System Center Configuration Manager 2007.

For more information, see Microsoft Knowledge Base Article 913086. SoftwareSMS 2.0SMS 2003 with SUSFPSMS 2003 with ITMUConfiguration Manager 2007 Microsoft Office SharePoint Server 2007 (32-bit editions)NoNoYes. The content you requested has been removed. For more information about SCCM 2007 Software Update Management, visit System Center Configuration Manager 2007.

For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Setup Modes /passive Unattended Setup mode. The attacker could also take advantage of compromised Web sites and Web sites that accept or host user-provided content or advertisements. For SMS 2003, the SMS 2003 Inventory Tool for Microsoft Updates (ITMU) can be used by SMS to detect security updates that are offered by Microsoft Update and that are supported

However, users will still be offered this update because the update files for 2007 Microsoft Office Service Pack 1 are newer (with higher version numbers) than the files that currently on Workarounds for Windows Kernel TCP/IP/ICMP Vulnerability - CVE-2007-0066 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before Revisions V1.0 (December 9, 2008): Bulletin summary published. It should be a priority for customers who have older releases of the software to migrate to supported releases to prevent potential exposure to vulnerabilities.

We strongly recommend you to install this patch immediately by following this link MS08-078. For more information, see Microsoft Knowledge Base Article 910723. Affected Software and Download Locations How do I use this table? Security updates are also available from the Microsoft Download Center.

Removing the Update This security update supports the following setup switches. The following mitigating factors may be helpful in your situation: Router Discovery Protocol (RDP) is not enabled by default and is required in order to exploit this vulnerability. For more information about how to enable this setting in Outlook 2002, see Microsoft Knowledge Base Article 307594. By default, Protected Mode in Internet Explorer 7 and Internet Explorer 8 Beta 2 in Windows Vista and later helps protect users and their systems from malicious downloads by restricting requests

For more information about the Microsoft Update Catalog, see the Microsoft Update Catalog FAQ. Windows Kernel TCP/IP/ICMP Vulnerability - CVE-2007-0066 A denial of service vulnerability exists in TCP/IP due to the way that Windows Kernel processes fragmented router advertisement ICMP queries. You can find them most easily by doing a keyword search for "security update". If you installed your application from a server location, the server administrator must instead update the server location with the administrative update and deploy that update to your system.

To do this, follow these steps: In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. Security updates are also available from the Microsoft Download Center. Repeat steps 4-6 for the Server service Impact of Workaround. File Version Verification Because there are several versions of Microsoft Windows, the following steps may be different on your computer.

For more information about this behavior, see Microsoft Knowledge Base Article 824994.