Original release date: December 09, 2008
Last revised: --
Source: US-CERT

Systems Affected

• Microsoft Windows and related components
• Microsoft Internet Explorer
• Microsoft Word, Excel and related components
• Microsoft Office SharePoint Server
• Microsoft Visual Basic 6

I. Description

As part of the Microsoft Security Bulletin Summary for December 2008, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Word, Excel, SharePoint Server,Visual Basic 6 and other related components.

II. Impact

A remote, unauthenticated attacker could gain elevated privileges, execute arbitrary code or cause a vulnerable application to crash.

III. Solution

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2008. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

IV. References

• Microsoft Security Bulletin Summary for December 2008 - <http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx>
• Microsoft Update - <https://www.update.microsoft.com/microsoftupdate/>
• Windows Server Update Services - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

Feedback can be directed to US-CERT.

Produced 2009 by US-CERT, a government organization. Terms of use

December 09, 2008: Initial release