Microsoft Security Bulletins for the Month of June

Number: AV08-052
Date: 10 June 2008

Purpose

The purpose of this advisory is to bring attention to the following 7 vulnerabilities (3 Critical) in some Microsoft products

Assessment

CCIRC is aware that exploit information for the Internet Explorer vulnerability (MS08-031) is publicly available, and strongly recommends that administrators place a higher priority on testing and installing this security update.

The following 7 vulnerabilities have been identified:

MS08-030 Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
--------
Details: This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Affected Products: Microsoft Windows
CVE reference: CVE-2008-1453
http://www.microsoft.com/technet/security/bulletin/ms08-030.mspx

MS08-031 Cumulative Security Update for Internet Explorer (950759)
--------
Details: This security update resolves one privately reported and one publicly disclosed vulnerability. The privately reported vulnerability could allow remote code execution, whereas the publicly disclosed vulnerability could allow information disclosure if a user viewed a specially crafted Web page using Internet Explorer.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Affected Products: Microsoft Windows, Internet Explorer
CVE reference: CVE-2008-1442, CVE-2008-1544
http://www.microsoft.com/technet/security/bulletin/ms08-031.mspx

MS08-033 Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
--------
Details: This security update resolves two privately reported vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Affected Products: Microsoft Windows
CVE reference: CVE-2008-0011, CVE-2008-1444
http://www.microsoft.com/technet/security/bulletin/ms08-033.mspx

MS08-034 Vulnerability in WINS Could Allow Elevation of Privilege (948745)
--------
Details: This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS) that could allow elevation of privilege.
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Affected Products: Microsoft Windows
CVE reference: CVE-2008-1451
http://www.microsoft.com/technet/security/bulletin/ms08-034.mspx

MS08-035 Vulnerability in Active Directory Could Allow Denial of Service (953235)
--------
Details: This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008; Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003; and Active Directory Lightweight Directory Service (AD LDS) when installed on Windows Server 2008.
Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Important
Affected Products: Microsoft Windows
CVE reference: CVE-2008-1445
http://www.microsoft.com/technet/security/bulletin/ms08-035.mspx

MS08-036 Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
--------
Details: This security update resolves two privately reported vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system.
Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Important
Affected Products: Microsoft Windows
CVE reference: CVE-2008-1440, CVE-2008-1441
http://www.microsoft.com/technet/security/bulletin/ms08-036.mspx

MS08-032 Cumulative Security Update of ActiveX Kill Bits (950760)
--------
Details: This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Moderate
Affected Products: Microsoft Windows
CVE reference: CVE-2007-0675
http://www.microsoft.com/technet/security/bulletin/ms08-032.mspx

Note: This vulnerability is being publicly discussed. CCIRC recommends that administrators place a higher priority on testing and installing this security update.

Suggested action

CCIRC recommends that administrators test and install the updates at the earliest opportunity.

References:
http://www.microsoft.com/technet/security/bulletin/ms08-Jun.mspx

Note to Readers

The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: communications@ps-sp.gc.ca