Cisco Event Response: Microsoft Security Bulletin for April 2008

April 8, 2008

Microsoft released the April Security Update on April 8, 2008. Eight bulletins were released that address ten individual vulnerabilities. Microsoft rated five of the eight bulletins as Critical. Exploits of the Critical vulnerabilities, which exist in Microsoft Project, Windows GDI, Windows VBScript and Jscript, and Internet Explorer, all require some level of user interaction. The three updates rated as Important address vulnerabilities in Microsoft Visio, the Windows DNS Client, and the Windows Kernel.


Cisco Applied Mitigation Bulletin

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin for April 2008


Cisco Contact Center Enterprise and Hosted Products Impact Assessment

Products Notices for Cisco Enterprise and Hosted Contact Center evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.

Impact Assessment of April 2008 Microsoft Security Bulletins on Cisco Contact Center Enterprise and Hosted Products


Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures associated with this Microsoft update:

Microsoft Security Bulletin Affected Product Cisco IntelliShield Alert CVE ID
Search CVEs
Cisco IPS Signature CVSS
Base Score
CVSS Q&A

Microsoft Security Bulletin MS08-018

Vulnerability in Microsoft Project Could Allow Remote Code Execution

Microsoft Project Microsoft Project Memory Resource Allocation Vulnerability CVE-2008-1088
6939/0
9.3

Microsoft Security Bulletin MS08-019

Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution

Microsoft Visio

Microsoft Visio Object Header Data Validation Vulnerability CVE-2008-1089
9.3
Microsoft Visio Memory Resource Allocation Vulnerability CVE-2008-1090
9.3

Microsoft Security Bulletin MS08-020

Vulnerability in DNS Client Could Allow Spoofing

Microsoft VBScript

Microsoft JScript

Microsoft Windows DNS Client Predictable Transaction ID Generation Issue CVE-2008-0087
 

Microsoft Security Bulletin MS08-021

Vulnerabilities in GDI Could Allow Remote Code Execution

Microsoft Windows 2000

Microsoft Windows XP

Microsoft Windows Server

Microsoft Windows Vista

Microsoft Windows GDI Integer Calculation Vulnerability CVE-2008-1083
6793/0
6793/1
9.3
Microsoft Windows GDI File Name Parameter Vulnerability CVE-2008-1087
6934/0
9.3

Microsoft Security Bulletin MS08-022

Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution

Microsoft VBScript

Microsoft JScript

Microsoft Windows VBScript and JScript Processing Arbitrary Code Execution Vulnerability CVE-2008-0083
6922/0
9.3

Microsoft Security Bulletin MS08-023

Security Update of ActiveX Kill Bits

Microsoft Internet Explorer

Microsoft Windows XP

Microsoft Windows Server

Microsoft Windows Vista

Microsoft Help Visuals ActiveX Control Memory Corruption Vulnerability CVE-2008-1086
6935/0
9.3

Microsoft Security Bulletin MS08-024

Cumulative Security Update for Internet Explorer

Microsoft Internet Explorer

Microsoft Windows Explorer

Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2008-1085
6937/0
9.3

Microsoft Security Bulletin MS08-025

Vulnerability in Windows Kernel Could Allow Elevation of Privilege

Microsoft Windows 2000

Microsoft Windows XP

Microsoft Windows Server

Microsoft Windows Vista

Microsoft Windows Kernel Usermode Input Processing Privilege Escalation Vulnerability CVE-2008-1084
6.8

 

Return to Cisco Security Center