Critical Out of Cycle Update for Internet Explorer

What Is It?

Today, Microsoft released an out of cycle update for all supported versions of Internet Explorer for Windows, to fix an error that could permit a criminal to take over your computer. Microsoft took this unusual step because exploit code was made public the day after the last monthly update cycle, and that code is being actively employed to turn users' machines into remote controlled zombie computers.

Worse yet, there are reports that exploit code has made its way into legitimate Web sites that you would expect to be trustworthy and secure.

Microsoft Security Bulletin MS08-078 covers updates to the following versions of Internet Explorer.

• Version 5.01, Service Pack 4, when installed on Windows 2000, Service Pack 4.
• Version 6, Service Pack 1, when installed on the the following operating systems:
• Windows 2000, Service Pack 4.
• Windows XP, Service Pack 2.
• Windows XP, Service Pack 3.
• Windows XP, x64 edition, Service Pack 2.
• Windows Server 2003, all editions, Service Pack 1.
• Windows Server 2003, all editions, Service Pack 2.
• Version 7, when installed on the the following operating systems:
• Windows XP, Service Pack 2.
• Windows XP, Service Pack 3.
• Windows XP, x64 edition, Service Pack 2.
• Windows Server 2003, all editions, Service Pack 1.
• Windows Server 2003, all editions, Service Pack 2.
• Windows Vista, all editions.
• Windows Vista, all editions, Service Pack 1.
• Windows Server 2008, all editions.
• Windows Internet Explorer 8, Beta 2. If you are evaluating this latest edition, you should download and install the latest update from the beta test Web site.

What Should You Do?

If you have Automatic Update enabled, you may have already received this update. My machine had an update awaiting permission to install when I arrived at my office at about 1:30 PM today. Unless you are certain that the update has already arrived, you should visit the Microsoft Update Web site, at http://update.microsoft.com/, and install the update.

If you have not yet installed the cumulative update for Internet Explorer that was distributed last week, you must install that update before you install this one. If so, both updates should appear on the list of updates offered by the Windows Update service.

References

• http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx, Microsoft Security Bulletin MS08-078 - Critical: Security Update for Internet Explorer (960714), is the announcement covering this critical out of cycle security update for all supported versions of Microsoft Internet Explorer for Windows.
• http://update.microsoft.com/ is the Microsoft Update Web site.
• http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx, Microsoft Security Bulletin MS08-073 - Critical: Cumulative Security Update for Internet Explorer (958215), is the security bulletin that covers the most recent cumulative update for Internet Explorer, released last week, on 9 December 2008.
• http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx, Microsoft Security Bulletin Summary for December 2008, Published: December 9, 2008, most recently Updated: December 17, 2008, Version: 3.0.

David Gray, MBA, Chief Wizard WizardWrx – Making computer magic since 1985
	V: +1 (817) 812-3041 TZ: USA Central www.wizardwrx.com	4835 North O'Connor Road Suite 200 Irving, TX 75062-2742 USA
Tell me what you need, and I’ll conjure it.

December 2008 Patch Tuesday, Take Two

What Is It?

Yesterday, in the notice that I distributed to VirusWarn subscribers, and published on the VirusWarn Blog, at http://viruswarn.blogspot.com/2008/12/fw-viruswarn-there-is-something-for.html, I neglected to include two key products that require your immediate attention.

• Microsoft Office 2003. Both Word and Excel received patches to plug several remote code execution vulnerabilities. Even if you don't use Word or Excel, you need this update if Outlook is configured to use Word as its message editor. In this version of Outlook, this setting is optional.
• Microsoft Office 2007. Both Word and Excel received patches to plug several remote code execution vulnerabilities. Even if you don't use Word or Excel, you need this update if Outlook is configured to use Word as its message editor. In this version of Outlook, this setting is the default.

In case you have forgotten, or didn't know, remote code execution vulnerabilities are the currently favored means by which the Bad Guys install malicious software onto your computer.

What Should You Do?

Unless you know for certain that the updates for Office 2003 or 2007 installed themselves yesterday or today, visit the Microsoft Update Web site, at http://update.microsoft.com/, choose the Express option, and accept everything that is offered.

Attention Firefox users. You must use Internet Explorer for this task.

References

• http://viruswarn.blogspot.com/2008/12/fw-viruswarn-there-is-something-for.html, "There Is Something for Everyone This Patch Tuesday," is the announcement I made yesterday.
• http://update.microsoft.com/ is the entry to the main Microsoft Update page. Updates for Microsoft Office 2003 and 2007 are available here.
• http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx, Microsoft Security Bulletin MS08-072 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173).
• http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx, Microsoft Security Bulletin MS08-074 - Critical: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070).

Thank You!

Thanks to long time subscriber Sara Jenkins for calling my attention to this oversight, and to the fact that the Microsoft Update service requires Internet Explorer.

David Gray, MBA, Chief Wizard WizardWrx – Making computer magic since 1985
	+1 (817) 812-3041 TZ: USA Central http://www.wizardwrx.com/	4835 North O'Connor Road Suite 200 Irving, TX 75062-2742 USA
Tell me what you need, and I’ll conjure it.

There Is Something for Everyone This Patch Tuesday

What Is It?

The last Patch Tuesday of 2008 is a big one, and it affects virtually all users of Microsoft software products. Although many of you should receive your updates automatically, we are publishing this notice for three reasons.

1. Breadth of Impact. Due to the large number of bulletins, delivery via Automatic Update may be significantly delayed, and the risk of an update failure increases significantly with the number of affected components.
2. Restart Requirement. Several of the updates require a restart in order to be fully implemented.
3. Manual Installation Requirement. Some of the updates are for older versions of Microsoft software that is outside the scope of the Microsoft Update and Windows Update services.

What Should You Do?

Windows (All Versions)

All of the updates, except those for Office 2000 and the programming language products, should be offered on either Windows Update or Microsoft Update.

If you are still using Windows Update, we strongly urge you to begin using Microsoft Update, because it covers a much broader range of Microsoft software.

Microsoft Update is at http://update.microsoft.com/.

Office XP for Microsoft Windows

Visit the Microsoft Update Web site, at http://update.microsoft.com/, as soon as you can, and run the wizard, to be sure that all of the updates you need have been applied. If you are really paranoid, use the instructions in the various security bulletins listed in the References to verify the installations.

Office 2000 for Microsoft Windows

Visit the Office Update Web page, at http://office.microsoft.com/en-us/downloads/maincatalog.aspx, and download everything offered to you.

Important: Have your Office 2000 CD handy, because you will almost certainly be prompted to insert it, to validate your installation.

Works 8.0, 8.5, 2004, and 2005

Since Microsoft Word is the word processor in all recent versions of Microsoft Works, you are affected by the updates covered by security bulletin MS08-072.

If you are still using Works 2004, 2005, or 8.0, you must upgrade to Works 8.5, in order to get the updates.

1. If you are unsure of the version of Works installed on your machine, open any application in Microsoft Works, and display the About item on the Help menu.
2. If your About Box shows any version except 8.5, download and install the free upgrade to the latest version of Works, at http://www.microsoft.com/products/works/international/update_1001.mspx.
3. Once you have the latest version of Works installed, visit the Microsoft Update Web page, at http://update.microsoft.com/, and accept the update for Office Word.

Office 2004 for Mac

Download and install Microsoft Office 2004 for Mac, 11.5.3 Update, from http://www.microsoft.com/downloads/details.aspx?FamilyId=ECA13AD8-62AE-41A8-B308-41E2D1773820&displaylang=en.

Office 2008 for Mac

Download and install Microsoft Office 2004 for Mac, 12.1.5 Update, from http://www.microsoft.com/downloads/details.aspx?FamilyId=AB31A564-43D2-45BD-98BF-19E9CA477B62&displaylang=en.

Open XML File Format Converter for Mac

Download and install Open XML File Format Converter for Mac 1.0.2, from http://www.microsoft.com/downloads/details.aspx?FamilyId=EDB6CD8F-832C-4123-8982-AC0C601EA0A7&displaylang=en.

Visual Basic 6.0 ActiveX Components

Several key ActiveX components that ship with the Microsoft Visual Basic 6.0 compiler, in addition to Visual Studio .NET 2002 and 2003.

• If you are a software developer, you will need to update your development tools. See MS08-070 for details.
• You may have other software that uses one or more of these controls. If so, you can expect an update from your software vendor in coming months.
• If you use custom software that was developed specifically for you, there is a good chance that it was developed using Visual Basic 6, unless it was developed within the last few years.

References

• http://update.microsoft.com/ is the entrance to the Microsoft Update Web service.
• http://office.microsoft.com/en-us/downloads/maincatalog.aspx is the entrance to the Microsoft Office Update Web service.
  • This site offers updates for Windows versions of Microsoft Office only.
  • If you have a version of Office for the Mac, please see the appropriate page, listed below.
• http://www.microsoft.com/products/works/international/update_1001.mspx is the announcement of the free Works 8.5 update, which is a prerequisite for this, and all future security updates for Microsoft Works.
• http://www.microsoft.com/downloads/details.aspx?FamilyId=ECA13AD8-62AE-41A8-B308-41E2D1773820&displaylang=en is the download page for Microsoft Office 2004 for Mac, 11.5.3 Update.
• http://www.microsoft.com/downloads/details.aspx?FamilyId=AB31A564-43D2-45BD-98BF-19E9CA477B62&displaylang=en is the download page for Microsoft Office 2004 for Mac, 12.1.5 Update.
• http://www.microsoft.com/downloads/details.aspx?FamilyId=EDB6CD8F-832C-4123-8982-AC0C601EA0A7&displaylang=en is the download page for Open XML File Format Converter for Mac 1.0.2.
• http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx is the Microsoft Security Bulletin Summary for December 2008. The bulletin was published Tuesday, 09 December 2008.
• http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx is Microsoft Security Bulletin MS08-072 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173).
• http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx is Microsoft Security Bulletin MS08-073 - Critical: Cumulative Security Update for Internet Explorer (958215).
• http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx is Microsoft Security Bulletin MS08-074 - Critical: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070).
• http://www.microsoft.com/technet/security/bulletin/ms08-075.mspx is Microsoft Security Bulletin MS08-075 - Critical: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349).
• http://www.microsoft.com/technet/security/bulletin/ms08-071.mspx is Microsoft Security Bulletin MS08-071 - Critical: Vulnerabilities in GDI Could Allow Remote Code Execution (956802).
• http://www.microsoft.com/technet/security/bulletin/ms08-070.mspx is Microsoft Security Bulletin MS08-070 - Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349).
• http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx is Microsoft Security Bulletin MS08-076 - Important: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807).
• http://www.microsoft.com/technet/security/bulletin/ms08-077.mspx, is Microsoft Security Bulletin MS08-077 - Important: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175).
• http://www.wizardwrx.com/TechnicalArticles/docs/2008_DEC_MSSB_MATRIX.xls is a Microsoft Excel 2002 spreadsheet that I developed, in an attempt to organize the large amount of information about the products covered by the security bulletins released today. You should be able to open this document in Microsoft Excel 97 or later, or the corresponding viewer.
• http://www.wizardwrx.com/TechnicalArticles/docs/2008_DEC_MSSB_MATRIX.pdf is a PDF rendering of the Excel document listed above.

David Gray, MBA, Chief Wizard WizardWrx – Making computer magic since 1985
	+1 (817) 812-3041 TZ: USA Central http://www.wizardwrx.com/	4835 North O'Connor Road Suite 200 Irving, TX 75062-2742 USA
Tell me what you need, and I’ll conjure it.