Microsoft released eleven security updates for August, rating six of them as critical. Here's a brief description of each update; for more information, go to
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx


MS08-041: Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution

The attack vector for this exploit is a specially created web page. The exploit targets the ActiveX control for the Snapshot Viewer for Microsoft Access. When exploited, the ActiveX control downloads a file from the Internet and writes it to any path on the local disk. This vulnerability, if unpatched, could allow the execution of remote code, gaining the same rights as the currently logged on user. This bulletin replaces MS03-038.

Applies to: Microsoft Office 2003, XP, 2000

Recommendation: Microsoft rates this update as critical, and exploits have been reported in the wild. You should promptly perform testing and deployment of this update.


MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code Execution

The attack vector for this exploit is a specially created Microsoft Word document. If leveraged, an attacker could take complete control of an affected computer.

Applies to: Microsoft Office 2003, XP

Recommendation: Although Microsoft rates this update as important, the ubiquitous nature of Word documents being transmitted over email means that you should promptly perform testing and deployment of this update.


MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Microsoft Excel file. If the target of the attack opens one of these specially crafted files, the attacker could gain complete control of the computer that they are logged on to. The amount of damage that an attacker could cause will be proportional to the rights and privileges of the logged on user. This bulletin replaces MS08-014 and MS08-026.

Applies to: All versions of Microsoft Office from 2007 to 2000, as well as SharePoint Server 2007

Recommendation: Microsoft rates this update as critical. This vulnerability can be exploited on all versions of the Office suite. You should promptly perform testing and deployment of this update.


MS08-044: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution

This update addresses five privately reported vulnerabilities, all of which address attacks that leverage specially crafted image files against Microsoft Office. The severity of the attack depends upon the rights of the logged on user. This bulletin replaces MS06-039.

Applies to: Microsoft Office 2003, XP, 2000; Microsoft Project 2002; Microsoft Office File Converter Pack; Microsoft Works 8

Recommendation: Microsoft rates this update as critical for Office 2000 and important for all other versions of the affected software. If your organization still uses Office 2000, you should prioritize the testing and deployment of this update.


MS08-045: Cumulative Security Update for Internet Explorer

This update fixes five privately reported vulnerabilities and one publicly reported vulnerability, all of which could allow remote code execution if the subject of an attack views a specially created web page in Internet Explorer (IE). This bulletin replaces bulletin MS08-031.

Applies to: All versions of IE

Recommendation: You should test and deploy this update as soon as possible.


MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution

This update addresses a vulnerability in the Microsoft Image Color Management (ICM) system that could be leveraged to allow remote code execution with the privileges of the currently logged on user. The vector for exploiting this vulnerability is getting the logged on user to open a specially modified image file.

Applies to: Windows Server 2003, XP, 2000

Recommendation: Microsoft rates this update as critical. If your organization uses the vulnerable OSs, you should promptly perform testing and deployment of this update.


MS08-047: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure

This vulnerability relates to the way that IPsec rules are applied and could cause computers to ignore IPsec policies and transmit data across the network in an unencrypted format.

Applies to: Windows Server 2008, Vista

Recommendation: Microsoft rates this vulnerability as important. If your organization deploys IPsec policies with Windows Server 2008 or Vista-based systems, you should test and deploy this update as a part of your organization’s normal patch management cycle.


MS08-048: Security Update for Outlook Express and Windows Mail

The attack vector for this exploit is a specially created web page. If unpatched, the exploit could be leveraged to allow information disclosure through Outlook Express or Windows Mail. This bulletin replaces bulletin MS07-056.

Applies to: Windows Server 2008, Vista, Server 2003, XP, 2000

Recommendation: Microsoft rates this update as important. If your organization uses Outlook Express or Windows Mail, you should test and deploy this update as a part of your patch management cycle.


MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution

The attack vector for this exploit involves subscriptions to the event system. An attacker who successfully leverages this exploit can take complete control of a targeted computer.

Applies to: Windows Server 2008, Vista, Server 2003, XP, 2000

Recommendation: Although Microsoft rates this update as important, you should consider accelerated testing and deployment of this update given the wide number of vulnerable OSs.


MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure

The attack vector for this exploit is an ActiveX control that can be leveraged through a messenger session to allow information disclosure about the currently logged on user. If unpatched, an attacker could initiate audio and video sessions without the knowledge of the logged on user. It is also possible for the attacker to leverage this exploit to capture the user’s logon ID and password.

Applies to: Windows Server 2003, XP, 2000

Recommendation: Microsoft rates this update as important. If your organization uses Windows Messenger, you should test and deploy this update as a part of your regular patch management cycle.


MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution

This update addresses three privately reported vulnerabilities in PowerPoint and PowerPoint Viewer. The attack vector for this exploit is a specially crafted PowerPoint file. This exploit can be leveraged to take complete control of a targeted computer. This bulletin replaces MS06-058.

Applies to: PowerPoint 2007, 2003, 2002, 2000

Recommendation: This update is rated critical for PowerPoint 2000 and important for all other editions of PowerPoint. You should perform accelerated testing and deployment on this patch if your organization uses PowerPoint 2000; otherwise, test and deploy as a part of your normal patch management cycle.