Cisco Event Response: Microsoft Security Bulletin for April 2008

April 8, 2008

Microsoft released the April Security Update on April 8, 2008. Eight bulletins were released that address ten individual vulnerabilities. Microsoft rated five of the eight bulletins as Critical. Exploits of the Critical vulnerabilities, which exist in Microsoft Project, Windows GDI, Windows VBScript and Jscript, and Internet Explorer, all require some level of user interaction. The three updates rated as Important address vulnerabilities in Microsoft Visio, the Windows DNS Client, and the Windows Kernel.

Cisco Applied Mitigation Bulletin

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin for April 2008

Cisco Contact Center Enterprise and Hosted Products Impact Assessment

Products Notices for Cisco Enterprise and Hosted Contact Center evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.

Impact Assessment of April 2008 Microsoft Security Bulletins on Cisco Contact Center Enterprise and Hosted Products

Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures associated with this Microsoft update:

Microsoft Security Bulletin	Affected Product	Cisco IntelliShield Alert	CVE ID	Cisco IPS Signature	CVSS Base Score
Microsoft Security Bulletin MS08-018 Vulnerability in Microsoft Project Could Allow Remote Code Execution	Microsoft Project	Microsoft Project Memory Resource Allocation Vulnerability	CVE-2008-1088	6939/0	9.3
Microsoft Security Bulletin MS08-019 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution	Microsoft Visio	Microsoft Visio Object Header Data Validation Vulnerability	CVE-2008-1089	–	9.3
	Microsoft Visio	Microsoft Visio Memory Resource Allocation Vulnerability	CVE-2008-1090	–	9.3
Microsoft Security Bulletin MS08-020 Vulnerability in DNS Client Could Allow Spoofing	Microsoft VBScript Microsoft JScript	Microsoft Windows DNS Client Predictable Transaction ID Generation Issue	CVE-2008-0087	–
Microsoft Security Bulletin MS08-021 Vulnerabilities in GDI Could Allow Remote Code Execution	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server Microsoft Windows Vista	Microsoft Windows GDI Integer Calculation Vulnerability	CVE-2008-1083	6793/0 6793/1	9.3
		Microsoft Windows GDI File Name Parameter Vulnerability	CVE-2008-1087	6934/0	9.3
Microsoft Security Bulletin MS08-022 Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution	Microsoft VBScript Microsoft JScript	Microsoft Windows VBScript and JScript Processing Arbitrary Code Execution Vulnerability	CVE-2008-0083	6922/0	9.3
Microsoft Security Bulletin MS08-023 Security Update of ActiveX Kill Bits	Microsoft Internet Explorer Microsoft Windows XP Microsoft Windows Server Microsoft Windows Vista	Microsoft Help Visuals ActiveX Control Memory Corruption Vulnerability	CVE-2008-1086	6935/0	9.3
Microsoft Security Bulletin MS08-024 Cumulative Security Update for Internet Explorer	Microsoft Internet Explorer Microsoft Windows Explorer	Microsoft Internet Explorer Memory Corruption Vulnerability	CVE-2008-1085	6937/0	9.3
Microsoft Security Bulletin MS08-025 Vulnerability in Windows Kernel Could Allow Elevation of Privilege	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server Microsoft Windows Vista	Microsoft Windows Kernel Usermode Input Processing Privilege Escalation Vulnerability	CVE-2008-1084	–	6.8

Return to Cisco Security Center