GFI - Supported MS Bulletins

Essentials

Overview

Features

ReportPack add-on

Screenshots

Pricing

How to buy

Download

Free 30-day trial

ReportPack

In-depth

Awards/reviews

Manual

Brochure/datasheet

Product news

Testimonials/Case Studies

Product Tour/Webcast

PCI DSS compliance

White papers

What's new in v. 9?

Support

Support Center

Forums

FAQ/KBase

Products > GFI LANguard N.S.S. > Supported OVAL checks

Bulletin ID	Title
MS08-069	Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
MS08-068	Vulnerability in SMB Could Allow Remote Code Execution (957097)
MS08-067	Vulnerability in Server Service Could Allow Remote Code Execution (958644)
957938	Update for Silverlight: October 20, 2008
MS08-066	Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
MS08-065	Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)
MS08-064	Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
MS08-063	Vulnerability in SMB Could Allow Remote Code Execution (957095)
MS08-062	Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
MS08-061	Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
MS08-060	Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
MS08-059	Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
MS08-058	Cumulative Security Update for Internet Explorer (956390)
MS08-057	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
MS08-056	Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
956391	Cumulative Security Update of ActiveX Kill Bits
MS08-055	Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
MS08-054	Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
MS08-053	Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
MS08-052	Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
955305	Update for Silverlight 1.0: July 23, 2008
951951	Forefront Client Security Service Pack 1
MS08-051	Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)
MS08-050	Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
MS08-049	Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
MS08-048	Security Update for Outlook Express and Windows Mail (951066)
MS08-047	Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)
MS08-046	Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
MS08-045	Cumulative Security Update for Internet Explorer (953838)
MS08-044	Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
MS08-043	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
MS08-042	Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)
MS08-041	Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)
951072	August 2008 cumulative time zone update for Microsoft Windows operating systems
943462	Internet Security and Acceleration Server 2006 Service Pack 1
MS08-040	Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
MS08-039	Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
MS08-038	Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
MS08-037	Vulnerabilities in DNS Could Allow Spoofing (953230)
953649	System Center Configuration Manager Service Pack 1
MS08-036	Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
MS08-035	Vulnerability in Active Directory Could Allow Denial of Service (953235)
MS08-034	Vulnerability in WINS Could Allow Elevation of Privilege (948745)
MS08-033	Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
MS08-032	Cumulative Security Update of ActiveX Kill Bits (950760)
MS08-031	Cumulative Security Update for Internet Explorer (950759)
MS08-030	Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
951532	Description of the Post-Service Pack 1 Rollup for Microsoft Expression Media: April 15, 2008
951213	Description of the update for Silverlight 1.0: April 4, 2008
MS08-028	Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)
MS08-027	Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
MS08-026	Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
948016	Description of Update Rollup 2 for Exchange Server 2007 Service Pack 1
936929	Windows XP Service Pack 3
949426	Microsoft Office Accounting 2008 Service Pack 1 for Accounting Professional 2008 and for Accounting Express 2008
936330	Windows Vista Service Pack 1 (SP1)
MS08-025	Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
MS08-024	Cumulative Security Update for Internet Explorer (947864)
MS08-023	Security Update of ActiveX Kill Bits (948881)
MS08-022	Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
MS08-021	Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
MS08-020	Vulnerability in DNS Client Could Allow Spoofing (945553)
MS08-019	Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
MS08-018	Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
948014	Windows Server Update Services 3.0 Service Pack 1
MS08-017	Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
MS08-016	Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)
MS08-015	Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031)
MS08-014	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)
946140	Update for Business Contact Manager for Outlook 2007: February 12, 2008
945684	Update Rollup 1 for Microsoft Exchange Server 2007 Service Pack 1
942846	Update Rollup 6 for Exchange Server 2007
941834	Microsoft Expression Media Service Pack 1
MS08-013	Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108)
MS08-012	Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)
MS08-011	Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)
MS08-010	Cumulative Security Update for Internet Explorer (944533)
MS08-009	Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077)
MS08-008	Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)
MS08-007	Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)
MS08-006	Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)
MS08-005	Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
MS08-004	Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
MS08-003	Vulnerability in Active Directory Could Allow Denial of Service (946538)
940767	Windows Internet Explorer 7 Installation and Availability Update
110806	Microsoft .NET Framework 2.0 Service Pack 1
MS08-002	Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)
MS08-001	Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)
941652	Business Contact Manager for Outlook 2007 Service Pack 1
940289	Office Compatibility Pack Service Pack 1
937961	Office 2003 Web Components Service Pack 1 for the 2007 Office system
937160	Visio Viewer 2007 Service Pack 1
937158	PowerPoint Viewer 2007 Service Pack 1
937157	Calendar Printing Assistant for Microsoft Office Outlook 2007 Service Pack 1
936988	Windows SharePoint Services 3.0 Service Pack 1 and of Windows SharePoint Services Language Pack 3.0 Service Pack 1
936984	Microsoft Office 2007 servers Service Pack 1 and Microsoft Office 2007 servers Language Pack Service Pack 1
936982	Microsoft Office 2007 suite Service Pack 1
MS07-069	Cumulative Security Update for Internet Explorer (942615)
MS07-068	Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275)
MS07-067	Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)
MS07-066	Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)
MS07-065	Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)
MS07-064	Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)
MS07-063	Vulnerability in SMBv2 Could Allow Remote Code Execution (942624)
942840	You may experience slow Web browser performance when you view a Web page that uses JScript in Internet Explorer on a Windows Server 2003-based computer or on a Windows XP-based computer
942763	December 2007 cumulative time zone update for Microsoft Windows operating systems
929300	Microsoft .NET Framework Service Pack 1 for versions 3.0, 2.0, and 1.1
MS07-062	Vulnerability in DNS Could Allow Spoofing (941672)
MS07-061	Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)
941421	Update Rollup 5 for Exchange 2007
MS07-060	Vulnerability in Microsoft Word Could Allow Remote Code Execution (942695)
MS07-059	Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site (942017)
MS07-058	Vulnerability in RPC Could Allow Denial of Service (933729)
MS07-057	Cumulative Security Update for Internet Explorer (939653)
MS07-056	Security Update for Outlook Express and Windows Mail (941202)
MS07-055	Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)
940006	Update Rollup 4 for Exchange 2007
935999	Update Rollup 3 for Exchange 2007
934737	Excel Viewer 2003 Service Pack 3
934736	Word Viewer 2003 Service Pack 3
933867	Microsoft Systems Management Server 2003 Service Pack 3
933360	August 2007 cumulative time zone update for Microsoft Windows operating systems
923648	Outlook Live 2003 Service Pack 3
923643	Windows SharePoint Services Service Pack 3
923642	Office 2003 Service Pack 3 for Proofing Tools
923633	OneNote 2003 Service Pack 3
923622	Project 2003 Service Pack 3
923620	Visio 2003 Service Pack 3
923618	Office 2003 Service Pack 3
MS07-053	Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege (939778)
MS07-052	Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution (941522)
MS07-051	Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827)
MS07-050	Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)
MS07-049	Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
MS07-048	Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)
MS07-047	Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)
MS07-046	Vulnerability in GDI Could Allow Remote Code Execution (938829)
MS07-045	Cumulative Security Update for Internet Explorer (937143)
MS07-044	Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
MS07-043	Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
MS07-042	Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
MS07-041	Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373)
MS07-040	Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
MS07-039	Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122)
MS07-038	Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807)
MS07-037	Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548)
MS07-036	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542)
MS07-035	Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)
MS07-034	Cumulative Security Update for Outlook Express and Windows Mail (929123)
MS07-033	Cumulative Security Update for Internet Explorer (933566)
MS07-032	Vulnerability in Windows Vista Could Allow Information Disclosure (931213)
MS07-031	Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)
MS07-030	Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)
MS07-029	Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966)
MS07-028	Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)
MS07-027	Cumulative Security Update for Internet Explorer (931768)
MS07-026	Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)
MS07-025	Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)
MS07-024	Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)
MS07-023	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
933669	Update for PowerPoint 2003: May 8, 2007
924406	Microsoft Internet Security and Acceleration Server 2004 Service Pack 3
MS07-022	Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)
MS07-021	Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)
MS07-020	Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)
MS07-019	Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)
MS07-018	Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)
932726	Service Pack 1 for Accounting Professional 2007 and for Accounting Express 2007.
MS07-017	Vulnerabilities in GDI Could Allow Remote Code Execution (925902)
923435	Microsoft Compute Cluster Pack Service Pack 1 (SP1) for Microsoft Windows Compute Cluster Server 2003
914961	Windows Server 2003 Service Pack 2
921896	SQL Server 2005 Service Pack 2
MS07-016	Cumulative Security Update for Internet Explorer (928090)
MS07-015	Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554)
MS07-014	Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434)
MS07-013	Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)
MS07-012	Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)
MS07-011	Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)
MS07-009	Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779)
MS07-008	Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)
MS07-007	Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)
MS07-006	Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)
MS07-005	Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723)
931836	February 2007 cumulative time zone update for Microsoft Windows operating systems
929060	Update for PowerPoint 2003: February 13, 2007
929058	Update for Excel 2003: February 13, 2007
928957	Visual Studio 2005 Service Pack 1 release notes
MS07-004	Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
MS07-003	Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)
MS07-002	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
MS07-001	Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)
924886	Update for Office 2003: December 12, 2006
MS06-078	Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
MS06-077	Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)
MS06-076	Cumulative Security Update for Outlook Express (923694)
MS06-075	Vulnerability in Windows Could Allow Elevation of Privilege (926255)
MS06-074	Vulnerability in SNMP Could Allow Remote Code Execution (926247)
MS06-073	Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
MS06-072	Cumulative Security Update for Internet Explorer (925454)
899738	Systems Management Server 2003 Service Pack 2
917275	Windows Rights Management Services with Service Pack 2
MS06-071	Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (928088)
MS06-070	Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)
MS06-069	Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)
MS06-068	Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)
MS06-067	Cumulative Security Update for Internet Explorer (922760)
MS06-066	Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution (923980)
926874	Windows Internet Explorer 7
MS06-065	Vulnerability in Windows Object Packager Could Allow Remote Execution (924496)
MS06-064	Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819)
MS06-063	Vulnerability in Server Service Could Allow Denial of Service (923414)
MS06-062	Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
MS06-061	Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)
MS06-060	Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
MS06-059	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
MS06-058	Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)
MS06-057	Vulnerability in Windows Explorer Could Allow Remote Execution (923191)
MS06-056	Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)
MS06-055	Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
MS06-054	Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)
MS06-053	Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)
MS06-052	Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007)
MS06-051	Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)
MS06-050	Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
MS06-049	Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)
MS06-048	Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)
MS06-047	Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
MS06-046	Vulnerability in HTML Help Could Allow Remote Code Execution (922616)
MS06-045	Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)
MS06-044	Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)
MS06-043	Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)
MS06-042	Cumulative Security Update for Internet Explorer (918899)
MS06-041	Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)
MS06-040	Vulnerability in Server Service Could Allow Remote Code Execution (921883)
920115	Service Pack 3 for Outlook 2003 with Business Contact Manager Update and for Small Business Accounting 2006
MS06-039	Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
MS06-038	Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284)
MS06-037	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
MS06-036	Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388)
MS06-035	Vulnerability in Server Service Could Allow Remote Code Execution (917159)
MS06-034	Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537)
MS06-033	Vulnerability in ASP.NET Could Allow Information Disclosure (917283)
MS06-032	Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)
MS06-031	Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736)
MS06-030	Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)
MS06-029	Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)
MS06-028	Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768)
MS06-027	Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)
MS06-025	Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)
MS06-024	Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734)
MS06-023	Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)
MS06-022	Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)
MS06-021	Cumulative Security Update for Internet Explorer (916281)
MS06-020	Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)
MS06-019	Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)
MS06-018	Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)
MS06-017	Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)
MS06-016	Cumulative Security Update for Outlook Express (911567)
MS06-015	Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)
MS06-014	Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
MS06-013	Cumulative Security Update for Internet Explorer (912812)
MS06-012	Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)
MS06-011	Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)
MS06-009	Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)
MS06-008	Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)
MS06-007	Vulnerability in TCP/IP Could Allow Denial of Service (913446)
MS06-006	Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
MS06-005	Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
MS06-004	Cumulative Security Update for Internet Explorer (910620)
MS06-003	Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)
MS06-002	Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)
MS06-001	Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
MS05-055	Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)
MS05-054	Cumulative Security Update for Internet Explorer (905915)
MS05-053	Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
MS05-052	Cumulative Security Update for Internet Explorer (896688)
MS05-051	Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)
MS05-050	Vulnerability in DirectShow Could Allow Remote Code Execution (904706)
MS05-049	Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)
MS05-048	Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)
MS05-047	Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)
MS05-046	Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)
MS05-045	Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)
MS05-044	Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)
MS05-043	Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)
MS05-042	Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)
MS05-041	Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)
MS05-040	Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)
MS05-039	Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
MS05-038	Cumulative Security Update for Internet Explorer (896727)
MS05-037	Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)
MS05-036	Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
MS05-035	Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)
MS05-033	Vulnerability in Telnet Client Could Allow Information Disclosure (896428)
MS05-032	Vulnerability in Microsoft Agent Could Allow Spoofing (890046)
MS05-031	Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458)
MS05-030	Vulnerability in Outlook Express Could Allow Remote Code Execution (897715)
MS05-028	Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)
MS05-027	Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)
MS05-026	Vulnerability in HTML Help Could Allow Remote Code Execution (896358)
MS05-025	Cumulative Security Update for Internet Explorer (883939)
MS05-024	Vulnerability in Web View Could Allow Remote Code Execution (894320)
MS05-023	Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)
MS05-021	Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)
MS05-020	Cumulative Security Update for Internet Explorer (890923)
MS05-019	Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
MS05-018	Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)
MS05-017	Vulnerability in Message Queuing Could Allow Code Execution (892944)
MS05-016	Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)
MS05-015	Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)
MS05-014	Cumulative Security Update for Internet Explorer (867282)
MS05-013	Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)
MS05-012	Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)
MS05-011	Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)
MS05-010	Vulnerability in the License Logging Service Could Allow Code Execution (885834)
MS05-009	Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)
MS05-008	Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)
MS05-007	Vulnerability in Windows Could Allow Information Disclosure (888302)
MS05-006	Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)
MS05-005	Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)
MS05-004	ASP.NET Path Validation Vulnerability (887219)
MS05-003	Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)
MS05-002	Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)
MS05-001	Vulnerability in HTML Help Could Allow Code Execution (890175)
MS04-045	Vulnerability in WINS Could Allow Remote Code Execution (870763)
MS04-044	Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)
MS04-043	Vulnerability in HyperTerminal Could Allow Code Execution (873339)
MS04-041	Vulnerability in WordPad Could Allow Code Execution (885836)
MS04-040	Cumulative Security Update for Internet Explorer (889293)
MS04-038	Cumulative Security Update for Internet Explorer (834707)
MS04-037	Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
MS04-036	Vulnerability in NNTP Could Allow Remote Code Execution (883935)
MS04-035	Vulnerability in SMTP Could Allow Remote Code Execution (885881)
MS04-034	Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)
MS04-032	Security Update for Microsoft Windows (840987)
MS04-031	Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
MS04-030	Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)
MS04-028	Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
MS04-027	Vulnerability in WordPerfect Converter Could Allow Code Execution (884933)
MS04-025	Cumulative Security Update for Internet Explorer (867801)
MS04-024	Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)
MS04-023	Vulnerability in HTML Help Could Allow Code Execution (840315)
MS04-022	Vulnerability in Task Scheduler Could Allow Code Execution (841873)
MS04-020	Vulnerability in POSIX Could Allow Code Execution (841872)
MS04-019	Vulnerability in Utility Manager Could Allow Code Execution (842526)
MS04-018	Cumulative Security Update for Outlook Express (823353)
MS04-016	Vulnerability in DirectPlay Could Allow Denial of Service (839643)
MS04-015	Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)
MS04-014	Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)
MS04-013	Cumulative Security Update for Outlook Express (837009)
MS04-012	Cumulative Update for Microsoft RPC/DCOM (828741)
MS04-011	Security Update for Microsoft Windows (835732)
MS04-008	Vulnerability in Windows Media Services Could Allow a Denial of Service (832359)
MS04-007	ASN.1 Vulnerability Could Allow Code Execution (828028)
MS04-006	Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)
MS04-004	Cumulative Security Update for Internet Explorer (832894)
MS04-003	Buffer Overrun in MDAC Function Could Allow Code Execution (832483)
MS03-051	Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)
MS03-049	Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)
MS03-048	Cumulative Security Update for Internet Explorer (824145)
MS03-045	Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)
MS03-044	Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)
MS03-043	Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
MS03-042	Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232)
MS03-041	Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)
MS03-040	Cumulative Patch for Internet Explorer (828750)
MS03-039	Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)
MS03-034	Flaw in NetBIOS Could Lead to Information Disclosure (824105)
MS03-033	Unchecked Buffer in MDAC Function Could Enable System Compromise (823718)
MS03-031	Cumulative Patch for Microsoft SQL Server (815495)
MS03-030	Unchecked Buffer in DirectX Could Enable System Compromise (819696)
MS03-027	Unchecked Buffer in Windows Shell Could Enable System Compromise (821557)
MS03-026	Buffer Overrun In RPC Interface Could Allow Code Execution (823980)
MS03-025	Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679)
MS03-024	Buffer Overrun in Windows Could Lead to Data Corruption (817606)
MS03-023	Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
MS03-022	Vulnerability in ISAPI Extension for Windows Media Services Could Cause Code Execution (822343)
MS03-021	Flaw In Windows Media Player May Allow Media Library Access (819639)
MS03-018	Cumulative Patch for Internet Information Service (811114)
MS03-017	Flaw in Windows Media Player Skins Downloading could allow Code Execution (817787)
MS03-014	Cumulative Patch for Outlook Express (330994)
MS03-013	Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)
MS03-011	Flaw in Microsoft VM Could Enable System Compromise (816093)
MS03-010	Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)
MS03-008	Flaw in Windows Script Engine Could Allow Code Execution (814078)
MS03-007	Unchecked Buffer In Windows Component Could Cause Server Compromise (815021)
MS03-005	No Title Available
MS03-001	Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)
MS02-072	Unchecked Buffer in Windows Shell Could Enable System Compromise (329390)
MS02-071	Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310)
MS02-070	Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
MS02-065	Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
MS02-063	Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)
MS02-062	Cumulative Patch for Internet Information Service (Q327696)
MS02-060	Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)
MS02-058	Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)
MS02-055	Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)
MS02-054	Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)
MS02-053	Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
MS02-051	Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure (Q324380)
MS02-050	Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)
MS02-048	Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172)
MS02-045	Unchecked Buffer in Network Share Provider Can Lead to Denial of Service (Q326830)
MS02-042	Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886)
MS02-032	26 June 2002 Cumulative Patch for Windows Media Player (Q320920)
MS02-029	Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
MS02-024	Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206)
MS02-017	Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution (Q311967)
MS02-012	Malformed Data Transfer Request can Cause Windows SMTP Service to Fail
MS02-009	Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files
MS02-008	XMLHTTP Control Can Allow Access to Local Files
MS02-006	Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
MS01-059	Unchecked Buffer in Universal Plug and Play can Lead to System Compromise
919004	Windows Server Update Services Service Pack 1
917347	Update for Word 2002: July 11, 2006
917153	Update for PowerPoint 2002: July 11, 2006
913807	Update for Outlook 2003: March 14, 2006
913571	Updates for Office 2003: March 14, 2006
913090	SQL Server 2005 Service Pack 1
912440	Description of the update for Office 2003 Alternative User Input: May 9, 2006
907747	Update for Intelligent Message Filter for Exchange Server 2003
903676	Microsoft Internet Security and Acceleration Server 2004 Service Pack (SP2).
902963	Service Pack 1 for Outlook 2003 with Business Contact Manager Update and for Small Business Accounting 2006
902848	Outlook Live 2003 Service Pack 2
891861	Update Rollup 1 for Windows 2000 SP4 and known issues
890830	The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000
889101	Release notes for Windows Server 2003 Service Pack 1
887624	Description of Windows SharePoint Services Service Pack 2
887622	Description of Visio 2003 Service Pack 2
887620	Description of Project 2003 Service Pack 2
887619	Description of OneNote 2003 Service Pack 2
887618	Description of Office 2003 Service Pack 2 for Proofing Tools
887616	Description of Office 2003 Service Pack 2
870540	Availability of the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup
867461	List of bugs that are fixed in Microsoft .NET Framework 1.0 Service Pack 3
867460	List of bugs that are fixed in the .NET Framework 1.1 Service Pack 1 (SP1)
843188	Description of Office 2003 Service Pack 1 for Proofing Tools
842774	Description of OneNote 2003 Service Pack 1
842532	Description of Office 2003 Service Pack 1
841876	Description of Windows SharePoint Services Service Pack 1
840663	Description of Visio 2003 Service Pack 1
837240	Description of Project 2003 Service Pack 1
834693	Description of Office XP Service Pack 3 for Access 2002 Runtime
832671	Description of Microsoft Office XP Service Pack 3
830242	Description of Visio 2002 Service Pack 2
830241	Description of Microsoft Project 2002 Service Pack 1
826939	Help and Support
811113	List of fixes included in Windows XP Service Pack 2
321884	INFO: List of Bugs Fixed in Microsoft .NET Framework Service Pack 2
899456	Release manifest for MDAC 2.8 Service Pack 1 (2.81.1117.6)
884525	Additions to the SQL Server 2000 Service Pack 4 readme files
842262	Release manifest for the MDAC 2.7 Service Pack 1 Refresh (2.71.9040.2)
952580
999999
953839
918523
1111111
000000

More information on each product update

Bulletin ID: MS08-069	Title: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)	Update Type: Security Update	Severity: Critical
This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Microsoft XML Core Services 3.0 and Important for Microsoft XML Core Services 4.0, Microsoft XML Core Services 5.0, and Microsoft XML Core Services 6.0.
Applies to: Windows Vista Windows Server 2008 Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows XP Windows XP x64 Edition Office 2007 Office 2003

Bulletin ID: MS08-068	Title: Vulnerability in SMB Could Allow Remote Code Execution (957097)	Update Type: Security Update	Severity: Important
This security update resolves a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008.
Applies to: Windows Server 2008 Windows Vista Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000

Bulletin ID: MS08-067	Title: Vulnerability in Server Service Could Allow Remote Code Execution (958644)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows Server 2008 Windows Vista

Bulletin ID: 957938	Title: Update for Silverlight: October 20, 2008	Update Type: Update Rollup	Severity:
This major update includes improvements in performance, in security, and in functionality. This update is backward compatible with Silverlight 1.0 Web applications.
Applies to: Silverlight

Bulletin ID: MS08-066	Title: Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)	Update Type: Security Update	Severity: Important
This security update resolves a privately reported vulnerability in the Microsoft Ancillary Function Driver. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This is an important security update for all supported editions of Windows XP and Windows Server 2003.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003

Bulletin ID: MS08-065	Title: Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)	Update Type: Security Update	Severity: Important
This security update resolves a privately reported vulnerability in the Message Queuing Service (MSMQ) on Microsoft Windows 2000 systems. The vulnerability could allow remote code execution on Microsoft Windows 2000 systems with the MSMQ service enabled. This security update is rated Important for all supported editions of Microsoft Windows 2000.
Applies to: Windows 2000

Bulletin ID: MS08-064	Title: Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)	Update Type: Security Update	Severity: Important
This security update resolves a privately reported vulnerability in Virtual Address Descriptor. The vulnerability could allow elevation of privilege if a user runs a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could gain elevation of privilege on an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows Server 2008 Windows Vista

Bulletin ID: MS08-063	Title: Vulnerability in SMB Could Allow Remote Code Execution (957095)	Update Type: Security Update	Severity: Important
This security update resolves a privately reported vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on a server that is sharing files or folders. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Applies to: Windows Server 2008 Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows Vista

Bulletin ID: MS08-062	Title: Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)	Update Type: Security Update	Severity: Important
This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2008.
Applies to: Windows Vista Windows Server 2008 Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000

Bulletin ID: MS08-061	Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)	Update Type: Security Update	Severity: Important
This security update resolves one publicly disclosed and two privately reported vulnerabilities in the Windows kernel. A local attacker who successfully exploited these vulnerabilities could take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows Server 2008 Windows Vista

Bulletin ID: MS08-060	Title: Vulnerability in Active Directory Could Allow Remote Code Execution (957280)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker gains access to an affected network. This vulnerability only affects Microsoft Windows 2000 servers configured to be domain controllers. If a Microsoft Windows 2000 server has not been promoted to a domain controller, it will not be listening to Lightweight Directory Access Protocol (LDAP) or LDAP over SSL (LDAPS) queries, and will not be exposed to this vulnerability. This security update is rated Critical for implementations of Active Directory on Microsoft Windows 2000 Server.
Applies to: Windows 2000

Bulletin ID: MS08-059	Title: Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in Microsoft Host Integration Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted Remote Procedure Call (RPC) request to an affected system. Customers who follow best practices and configure the SNA RPC service account to have fewer user rights on the system could be less impacted than customers who configure the SNA RPC service account to have administrative user rights. This security update is rated Critical for all supported editions of Microsoft Host Integration Server 2000, Microsoft Host Integration Server 2004, and Microsoft Host Integration Server 2006.
Applies to: Host Integration Server 2006 Host Integration Server 2004 Host Integration Server 2000

Bulletin ID: MS08-058	Title: Cumulative Security Update for Internet Explorer (956390)	Update Type: Security Update	Severity: Critical
This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerabilities could allow information disclosure or remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1, running on all supported editions of Microsoft Windows 2000, and for Internet Explorer 6 running on all supported editions of Windows XP. For Internet Explorer 7 running on all supported editions of Windows XP and Windows Vista, this security update is rated Important. Otherwise, this security update is rated Moderate or Low.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows Internet Explorer 7.0 Dynamic Installer Windows 2000 Windows Vista Windows Server 2008

Bulletin ID: MS08-057	Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)	Update Type: Security Update	Severity: Critical
This security update resolves three privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Office Excel 2000 and rated Important for all supported editions of Microsoft Office Excel 2002, Microsoft Office Excel 2003, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2007, Microsoft Office Compatibility Pack , Microsoft Office Excel Viewer, and Microsoft Office SharePoint Server 2007.
Applies to: Office 2007 Office 2003 Office 2002/XP

Bulletin ID: MS08-056	Title: Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)	Update Type: Security Update	Severity: Moderate
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow information disclosure if a user clicks a specially crafted CDO URL. An attacker who successfully exploited this vulnerability could inject a client side script in the user's browser that could spoof content, disclose information, or take any action that the user could take on the affected Web site. This security update is rated Moderate for supported editions of Microsoft Office XP. The security update addresses the vulnerability by unregistering the CDO protocol.
Applies to: Office 2002/XP

Bulletin ID: 956391	Title: Cumulative Security Update of ActiveX Kill Bits	Update Type: Update Rollup	Severity:
Cumulative Security Update of ActiveX Kill Bits
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows Vista Windows Server 2008

Bulletin ID: MS08-055	Title: Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Applies to: Office 2007 Office 2003

Bulletin ID: MS08-054	Title: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported and affected editions of Windows Media Player 11.
Applies to: Windows Vista Windows Server 2008 Windows XP Windows XP x64 Edition

Bulletin ID: MS08-053	Title: Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported and affected editions of Microsoft Windows 2000, Windows XP, and Windows Vista, and Moderate for supported and affected versions of Windows Server 2003 and Windows Server 2008.
Applies to: Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows XP x64 Edition

Bulletin ID: MS08-052	Title: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)	Update Type: Security Update	Severity: Critical
This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008, Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, Microsoft Digital Image Suite 2006, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package. This security update is rated Important for all supported editions of Microsoft Office XP, Microsoft Office 2003, 2007 Microsoft Office System, Microsoft Visio 2002, Microsoft Office PowerPoint Viewer 2003, Microsoft Works 8, and Microsoft Forefront Client Security 1.0.
Applies to: Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Visual Studio 2008 Visual Studio 2005 Forefront Client Security Office 2002/XP Office 2003 Office 2007 Windows XP x64 Edition Windows XP Windows Server 2008 Windows Vista SQL Server 2005 SQL Server

Bulletin ID: 955305	Title: Update for Silverlight 1.0: July 23, 2008	Update Type: Update Rollup	Severity:
Update for Silverlight 1.0: July 23, 2008
Applies to: Silverlight

Bulletin ID: 951951	Title: Forefront Client Security Service Pack 1	Update Type: Service Pack	Severity:
Forefront Client Security Service Pack 1
Applies to: Forefront Client Security

Bulletin ID: MS08-051	Title: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)	Update Type: Security Update	Severity: Critical
This security update resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for supported editions of Microsoft Office PowerPoint 2000 and rated Important for supported editions of Microsoft Office PowerPoint 2002, Microsoft Office PowerPoint 2003, Microsoft Office PowerPoint 2007, Microsoft Office PowerPoint Viewer 2003, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for Mac.
Applies to: Office 2003 Office 2007 Office 2002/XP

Bulletin ID: MS08-050	Title: Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)	Update Type: Security Update	Severity: Important
This security update resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user. This security update is rated Important for all supported editions of Microsoft Windows 2000 and Windows XP, and Moderate for all supported versions of Windows Server 2003.
Applies to: Windows XP x64 Edition Windows XP

Bulletin ID: MS08-049	Title: Vulnerabilities in Event System Could Allow Remote Code Execution (950974)	Update Type: Security Update	Severity: Important
This update resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. This security update is rated Important for all supported editions of Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows 2000 Windows Vista Windows Server 2008

Bulletin ID: MS08-048	Title: Security Update for Outlook Express and Windows Mail (951066)	Update Type: Security Update	Severity: Important
This security update resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for supported editions of Windows XP and Windows Vista and rated Low for supported editions of Windows Server 2003 and Windows Server 2008.
Applies to: Windows 2000 Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows Vista Windows Server 2008

Bulletin ID: MS08-047	Title: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)	Update Type: Security Update	Severity: Important
This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network. This update is rated Important for all supported versions of Windows Vista and Windows Server 2008.
Applies to: Windows Server 2008 Windows Vista

Bulletin ID: MS08-046	Title: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)	Update Type: Security Update	Severity: Critical
This update resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update is rated Critical for all supported versions of Microsoft Windows 2000, Windows XP and Windows Server 2003.
Applies to: Windows XP x64 Edition Windows 2000 Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003

Bulletin ID: MS08-045	Title: Cumulative Security Update for Internet Explorer (953838)	Update Type: Security Update	Severity: Critical
This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported releases of Internet Explorer.
Applies to: Windows XP x64 Edition Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows Internet Explorer 7.0 Dynamic Installer Windows 2000 Windows Server 2008 Windows Vista

Bulletin ID: MS08-044	Title: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)	Update Type: Security Update	Severity: Critical
This security update resolves five privately reported vulnerabilities. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using Microsoft Office. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for supported editions of Microsoft Office 2000, and Important for supported editions of Microsoft Office XP, Microsoft Office 2003 Service Pack 2, Microsoft Project 2002 Service Pack 1, Microsoft Office Converter Pack, and Microsoft Works 8.
Applies to: Office 2003 Office 2002/XP

Bulletin ID: MS08-043	Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)	Update Type: Security Update	Severity: Critical
This security update resolves four privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Microsoft Office Excel 2000 Service Pack 3 and rated Important for Excel 2002 Service Pack 3, Excel 2003 Service Pack 2, Excel 2003 Service Pack 3, Excel Viewer 2003, Excel Viewer 2003 Service Pack 3, Excel 2007, Excel 2007 Service Pack 1, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1, Microsoft Office Excel Viewer, and Microsoft Office SharePoint Server 2007.
Applies to: Office 2007 Office 2003 Office 2002/XP

Bulletin ID: MS08-042	Title: Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)	Update Type: Security Update	Severity: Important
This security update resolves a publicly reported vulnerability in Microsoft Word. This vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for supported editions of Microsoft Word 2002 and Microsoft Word 2003.
Applies to: Office 2003 Office 2002/XP

Bulletin ID: MS08-041	Title: Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)	Update Type: Security Update	Severity: Critical
This security update resolves a privately reported vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. This security update is rated Critical for the Snapshot Viewer for Microsoft Access and for supported versions of Microsoft Office Access 2000, Microsoft Office Access 2002, and Microsoft Office Access 2003. The security update addresses the vulnerability by correcting an error in the Microsoft Access Snapshot Viewer control.
Applies to: Office 2003 Office 2002/XP

Bulletin ID: 951072	Title: August 2008 cumulative time zone update for Microsoft Windows operating systems	Update Type: Update Rollup	Severity:
August 2008 cumulative time zone update for Microsoft Windows operating systems.
Applies to: Windows XP Windows Server 2003, Datacenter Edition Windows Server 2003 Windows Server 2008 Windows Vista Windows XP x64 Edition

Bulletin ID: 943462	Title: Internet Security and Acceleration Server 2006 Service Pack 1	Update Type: Service Pack	Severity:
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1.
Applies to: Internet Security and Acceleration Server 2006

Bulletin ID: MS08-040	Title: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)	Update Type: Security Update	Severity: Important
This security update resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of an affected system. An authenticated attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. This security update is rated Important for supported releases of SQL Server 7.0, SQL Server 2000, SQL Server 2005, Microsoft Data Engine (MSDE) 1.0, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon). The security update addresses the vulnerabilities by modifying the way that SQL Server manages page reuse, allocating more memory for the convert function, validating on-disk files before loading them, and validating insert statements.
Applies to: SQL Server SQL Server 2005 Windows Server 2003, Datacenter Edition Windows Server 2003 Windows Server 2008

Bulletin ID: