MVP Jubo Security Blog

Microsoft Security Bulletin Summary for May 2008

Yesterday, May 13th, Microsoft released 3 "critical" and 1 "moderate" update. If the automatic update didn't get them yet, then it's time to move your mouse over to Microsoft Update and start updating your computer. If you haven't installed SP3 for Windows XP yet, then Microsoft Update will offer you this too.

This months updates:

Critical:

• MS08-026 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
• MS08-027 - Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
• MS08-028 - Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

Moderate:

• MS08-029 - Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.

Support:

• Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also: Microsoft Security Response Center (MSRC) and Security Vulnerability Research & Defense blog: MS08-026: How to prevent Word from loading RTF files.