Microsoft Security Bulletins for July 2008

  • Thread starter Thread starter Donna Buenaventura
  • Start date Start date
D

Donna Buenaventura

Guest
As part of Microsoft's routine, monthly security update cycle, they released
4 new security bulletins:

MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)
http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx
MS08-038 - Vulnerability in Windows Explorer Could Allow Remote Code
Execution (950582)
http://www.microsoft.com/technet/security/Bulletin/MS08-038.mspx
MS08-039 - Vulnerabilities in Outlook Web Access for Exchange Server Could
Allow Elevation of Privilege (953747)
http://www.microsoft.com/technet/security/Bulletin/MS08-039.mspx
MS08-040 - Vulnerabilities in Microsoft SQL Server Could Allow Elevation of
Privilege (941203)
http://www.microsoft.com/technet/security/Bulletin/MS08-040.mspx

You can view this month's Security Bulletins Summary at their website:
http://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx
Visit also the MSCRC blog for further notes or details on the said security
bulletins:
http://blogs.technet.com/msrc/

For information about non-security releases on Windows Update and Microsoft
update, please see http://support.microsoft.com/kb/894199/en-us

Don't forget to scan the system using Microsoft Baseline Security Analyzer
(MBSA) to check for missing and mis-configured patches.
http://www.microsoft.com/technet/security/tools/mbsahome.mspx

Security Updates support is free of charge. Contact MS at 1-866-CSAFETY if
you are in the US or Canada. International users, please go to
http://go.microsoft.com/fwlink/?LinkId=21155

Regards,

Donna
http://cou.dozleng.com
 
This update causes ZoneAlarm to block all outgoing traffic went the security
setting for the Internet Zone is set to "High." Only by changing the setting
to "Medium" or turning ZoneAlarm off entirely can you access the internet.

I hope this can be figured out by either Microsoft or CheckPoint or both...
--
Robert
 
Hi,
There is a work-around at their forum on this issue (resetting the ZA
database) :
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727

Hopefully ZA will see the changes the next time MS releases an update.

Regards,
Donna

"gifguy" <gifguy@discussions.microsoft.com> wrote in message
news:D7BE0168-3EB7-43C4-ADBF-E757139B39AA@microsoft.com...
> This update causes ZoneAlarm to block all outgoing traffic went the
> security
> setting for the Internet Zone is set to "High." Only by changing the
> setting
> to "Medium" or turning ZoneAlarm off entirely can you access the internet.
>
> I hope this can be figured out by either Microsoft or CheckPoint or
> both...
> --
> Robert
 
That's an old post for an old problem, and doesn't fix the issue. ZoneLabs is
recommending uninstalling KB951748

http://forum.zonealarm.com/zonelabs/board/message?board.id=access&message.id=33534

--
Robert


"Donna Buenaventura" wrote:

> Hi,
> There is a work-around at their forum on this issue (resetting the ZA
> database) :
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> Hopefully ZA will see the changes the next time MS releases an update.
>
> Regards,
> Donna
 
"gifguy" <gifguy@discussions.microsoft.com> schrieb:

> ZoneLabs is recommending uninstalling KB951748

And I recommend uninstalling ZoneAlarm and enabling Windows Firewall
instead. There's a *long* history of problems after installing Windows
updates *caused* by ZoneAlarm and other snake oil.

KB951748 is trying to fix a *massive* issue, which you may find out
yourself after reading http://isc.sans.org/diary.html?storyid=4687
and following the links in there.

FWIW,
Freudi
 
Thanks, Freudi

I'm quite aware of the issue, I read the ISC's Handlers Diary daily.

"Snake oil" comments are a bit over-the-top, IMO. Never had an issue with ZA
and MS updates until now.
--
Robert


"Ottmar Freudenberger" wrote:

> "gifguy" <gifguy@discussions.microsoft.com> schrieb:
>
> > ZoneLabs is recommending uninstalling KB951748
>
> And I recommend uninstalling ZoneAlarm and enabling Windows Firewall
> instead. There's a *long* history of problems after installing Windows
> updates *caused* by ZoneAlarm and other snake oil.
>
> KB951748 is trying to fix a *massive* issue, which you may find out
> yourself after reading http://isc.sans.org/diary.html?storyid=4687
> and following the links in there.
>
> FWIW,
> Freudi
>
 
"gifguy" <gifguy@discussions.microsoft.com> schrieb:

> I'm quite aware of the issue, I read the ISC's Handlers Diary daily.

Fine.

> "Snake oil" comments are a bit over-the-top, IMO. Never had an issue with ZA
> and MS updates until now.

Well, it's like playing Russian Roulette.

BTW:
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
lists available updates from Check Point for different tastes of ZoneAlarm
in the meantime. Just in case you want to trust in <tadada> snake oil ;)

Bye,
Freudi
 
You must log in or register to reply here.

Similar threads

M
MS17-017 - Important: Security Update for Windows Kernel (4013081) - Version: 1.0
Replies
0
Views
315
Microsoft Security
M
NewsBot
MS17-017 - Important: Security Update for Windows Kernel (4013081) - Version: 1.0
Replies
0
Views
250
NewsBot
NewsBot
NewsBot
MS17-017 - Important: Security Update for Windows Kernel (4013081) - Version: 1.0
Replies
0
Views
206
NewsBot
NewsBot
NewsBot
MS17-017 - Important: Security Update for Windows Kernel (4013081) - Version: 1.0
Replies
0
Views
166
NewsBot
NewsBot
NewsBot
MS17-017 - Important: Security Update for Windows Kernel (4013081) - Version: 1.0
Replies
0
Views
157
NewsBot
NewsBot
Back
Top