Microsoft Patch Tuesday November 08
Microsoft released only two patches for their products on this November's Patch Tuesday. The Microsoft Security Bulletins MS08-069 and MS08-068 patched two vulnerability with the status critical and important.
The vulnerability rated as critical could allow remote code execution in the in Microsoft XML Core Services while the vulnerability rated important could allow remote code execution in Microsoft Server Message Block (SMB) Protocol.
Both security vulnerabilities can be fixed by using Windows Update or by downloading the security updates directly from the Microsoft Download website by following the two links given above in this article.
- Microsoft Security Bulletin MS08-068 - Important - Vulnerability in SMB Could Allow Remote Code Execution (957097) - This security update resolves a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.
- Microsoft Security Bulletin MS08-069 - Critical - Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) - This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for Microsoft XML Core Services 3.0 and Important for Microsoft XML Core Services 4.0, Microsoft XML Core Services 5.0, and Microsoft XML Core Services 6.0. For more information, see the subsection, Affected and Non-Affected Software, in this section.