Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities

It was always a mystery to me why Microsoft released security patches on one day only considering that an unpatched security vulnerability could be exploited easily in that time. The impression with all the announcements regarding the patches a week or so earlier is that Microsoft has (some of) the patches ready but is not releasing them because they release them in one package on one day.

Microsoft released a batch of eleven security patches for various operating systems and products yesterday which are available by visiting Windows Update or Microsoft Technet which contains in depths information about the affected products and the security vulnerabilities.

The patches fix four critical, six important and 1 moderate security vulnerability:

• Microsoft Security Bulletin MS08-060 - Critical - Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
• Microsoft Security Bulletin MS08-058 - Critical - Cumulative Security Update for Internet Explorer (956390)
• Microsoft Security Bulletin MS08-059 - Critical - Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
• Microsoft Security Bulletin MS08-057 - Critical - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
• Microsoft Security Bulletin MS08-066 - Important - Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
• Microsoft Security Bulletin MS08-061 - Important -Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
• Microsoft Security Bulletin MS08-062 - Important - Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
• Microsoft Security Bulletin MS08-063 - Important - Vulnerability in SMB Could Allow Remote Code Execution (957095)
• Microsoft Security Bulletin MS08-064 - Important - Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
• Microsoft Security Bulletin MS08-065 - Important - Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)
• Microsoft Security Bulletin MS08-056 - Moderate - Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)

It is highly recommended to update the products as soon as possible to protect the system from this attacks.