Microsoft Security Patches April 2008

Martin Brinkmann
Apr 8, 2008
Updated • Feb 11, 2013
Microsoft Office, Windows, Windows Updates
|
0

Microsoft have released their Security Bulletin Summary for April 2008 today which contains information and download links to eight patches for various Microsoft operating systems and applications like Microsoft Office and Microsoft Internet Explorer. Five of the eight security patches are patching critical vulnerabilities while three patch important ones. The update is recommended for every user that uses Windows and or Microsoft Office.

All critical vulnerabilities which affect Microsoft Windows, Microsoft Office and Internet Explorer allow Remote Code Execution. The easiest way to patch these security vulnerabilities is by visiting the Windows Update website with Internet Explorer and let a script check the available updates for your system. Please note that you will be asked if you want to install Service Pack 3 Refresh 2 for Windows XP if you use that operating system. My advise would be to not install this version yet and wait for the release version.

All security updates will be displayed and are selected for immediate download and installation. You could follow the link above which leads to the Microsoft website that explains the vulnerabilities and leads to downloads of the patches. This means that you have to make sure to pick the correct downloads for your operating system and software.

  • Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183) - This security update resolves a privately reported vulnerability in Microsoft Project that could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Vulnerabilities in GDI Could Allow Remote Code Execution (948590) - This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
  • Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338) - This security update resolves a privately reported vulnerability in the VBScript and JScript scripting engines in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
  • Security Update of ActiveX Kill Bits (948881) - This security update resolves one privately reported vulnerability for a Microsoft product. This update also includes a kill bit for the Yahoo! Music Jukebox product. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Cumulative Security Update for Internet Explorer (947864) - This security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Anonymous said on March 9, 2023 at 1:52 pm
    Reply

    Does it come back after every “moment” update?

  2. Baloney said on March 9, 2023 at 2:23 pm
    Reply

    Yeah right.. Like this is going to stop defender from running =) This is comedy gold right here.

  3. Anonymous said on March 9, 2023 at 3:25 pm
    Reply

    no ‘about the author’ paragraph?

  4. Gregory said on March 9, 2023 at 4:19 pm
    Reply

    For permanent disable defender is if removed complete from system no just change permission folder.

    Just this is joke.

  5. moi said on March 9, 2023 at 5:57 pm
    Reply

    simpler, load Autoruns (SysInternals)
    – filter “Defender”
    – untag all entries
    – reboot
    nothing has changed since my 1st modification years ago

  6. John G. said on March 9, 2023 at 6:32 pm
    Reply

    I wouldn’t disable Defender imho, it has too many hidden roots inside Windows itself. One time I tried to uninstall it using brute force scripts and then the Onedrive feature stopped working definitely. A reinstallation was needed and since those times I prefer to maintain Defender untouched. It’s a better method to install another antivirus and it will disable Defender in a safer and easier mode (e.g., Avast is the best in this way, and also Panda Cloud Free is good too).

    1. Tweakmaster said on September 29, 2023 at 9:57 am
      Reply

      U are just * [Editor: removed] thats the problem ;p first of all u shall always debloat windows u shall have max 65 services with your drivers for pc and windows own servs. You didnt know what that script did

  7. boris said on March 10, 2023 at 12:19 am
    Reply

    You can not stop defender from running in background or remove it without some penalty. All you can do is to limit telemetry.

    1. TelV said on March 10, 2023 at 4:52 pm
      Reply

      @borts,

      It’s probably Smartscreen which is preventing WD from being disabled. Get rid of that and the problem should be solved: https://thegeekpage.com/disable-windows-defender-smartscreen/#How_to_disable_the_Windows_Defender_SmartScreen_via_Local_Group_Policy_Editor

  8. hoho said on March 10, 2023 at 1:47 pm
    Reply

    Remove Windows and go for Linux.

    1. basingstoke said on March 10, 2023 at 2:51 pm
      Reply

      Linux sucks dude. Besides it’s not comparable to Windows, these OSes are in different classes entirely.

      1. Derp said on March 10, 2023 at 4:36 pm
        Reply

        I use Linux as my daily driver. It’s far more stable than Windows. When’s the last time you used Linux, 2010?

      2. Bromosexual said on March 11, 2023 at 2:04 am
        Reply

        @basingstoke

        You’re right, dude. Bro, linux is just a bunch of code that starts before the OS, dude. Brobrodude, that shit ain’t even got emojis, dudebrodudeman! Dudebro, it’s no way near as cool as Windows with its hardcoded abilities to make money off the user, bro. Yo brodude man, you’re the coolest dude ever man, bro. Dude.

      3. basingstoke said on August 16, 2023 at 7:20 pm
        Reply

        Lol what? Windows 7 doesn’t come with any Emojis

  9. TelV said on March 10, 2023 at 4:46 pm
    Reply

    Download Autoruns and remove the checkmark from Windows Defender. It doesn’t remove it, but it will never run. https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns

  10. Simon said on March 10, 2023 at 8:37 pm
    Reply

    Just use “Defender Control”:
    https://www.sordum.org/9480/defender-control-v2-1/comment-page-1/#comments

    Per this video,
    https://www.youtube.com/watch?v=CLIjr7FyxZ8
    it also works on Windows 11 too…

  11. Someone said on March 10, 2023 at 9:26 pm
    Reply

    Win Defender, is completly the most succesful free-built in antivirus of Microsoft. Really nice product. Saved my ass a lot of times. Has updated malware database, completly strong defence
    from whatever smart screen disables. Or if you want better and more upgrated (paid) program,
    you can go further. But defender is always on your side.

  12. CalixtoWVR1 said on March 10, 2023 at 10:03 pm
    Reply

    Why would one disable Windows (or Microsoft) Defender in the first place?. I consider this to be playing with fire big time. Everybody knows that if one is using another A-V, Defender will be disabled on its own and won’t be in one’s way.

  13. Ed D said on March 10, 2023 at 11:09 pm
    Reply

    Why would I want to disable Windows Defender in the first place? It’s a great anti virus in my opinion. Been using it since Windows 8 and and never had a problem or a virus. Why mess with a good thing, if it ain’t broke don’t fix it.

  14. owl said on August 17, 2023 at 1:57 am
    Reply

    How a ridiculous article!
    I am thoroughly stunned.

    Why Should You Disable First-Party Windows Defender?
    I can only think that it is “malice or perversely intention (want you to buy a third-party AV where you can expect a back margin)” to guide invalidation without showing the premise.
    No sane company will use third-party closed source programs (such as AV).

    As I thought, “Ghacks Technology News” seems to be coming to downfall.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.