Cisco Event Response: Microsoft Security Bulletin Release for December 2008

December 9, 2008

Microsoft published its monthly security bulletin release on December 9, 2008. Eight bulletins were released that address twenty-eight individual vulnerabilities. Microsoft rated six bulletins as Critical and two as Important. The Critical bulletins address vulnerabilities in Excel, GDI, Internet Explorer, Visual Basic, Windows Search, and Word that could allow attackers to execute code with the privileges of the user. All of the Critical vulnerabilities require some level of user interaction to exploit. The Important bulletins address vulnerabilities in Office SharePoint and Windows Media Components products that could allow attackers to execute arbitrary code or elevate their privileges.

Cisco Security Intelligence Engineering

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco Security Monitoring, Analysis, and Response System Incidents, Cisco IOS NetFlow, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for December 2008

Impact on Cisco Products

Impact Assessment of December 2008 Microsoft Security Bulletins on Cisco Contact Center and Self Service Products
Impact Assessments for Cisco Contact Center and Self Service Products evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures that are associated with this Microsoft release:

Microsoft Security Bulletin	Affected Product	Cisco IntelliShield Alert	CVE ID	Cisco IPS Signature	CVSS Base Score
Microsoft Security Bulletin MS08-070 Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution	Microsoft Office FrontPage Microsoft Office Project Microsoft Visual Basic Microsoft Visual Studio .NET Microsoft Visual FoxPro	Microsoft Visual Basic DataGrid ActiveX Control Memory Corruption Vulnerability	CVE-2008-4252	7438-0	9.3
		Microsoft Visual Basic FlexGrid ActiveX Control Memory Corruption Vulnerability	CVE-2008-4253	7298-0 7298-1	9.3
		Microsoft Visual Basic Hierarchical FlexGrid Control Memory Corruption Vulnerability	CVE-2008-4254	7221-0 7221-1 7221-2	9.3
		Microsoft Visual Basic Windows Common ActiveX Control Memory Corruption Vulnerability	CVE-2008-4255	–	9.3
		Microsoft Visual Basic Charts ActiveX Control Memory Corruption Vulnerability	CVE-2008-4256	6227-0	9.3
		Microsoft Visual Studio Masked Edit ActiveX Control Buffer Overflow Vulnerability	CVE-2008-3704	6990-1 6990-5 6990-3 6990-4 6990-5	9.3
Microsoft Security Bulletin MS08-071 Vulnerabilities in GDI Could Allow Remote Code Execution	Microsoft Windows Microsoft Windows XP Microsoft Windows Server Microsoft Windows Vista Microsoft Windows Server	Microsoft Windows GDI WMF File Handling Buffer Overflow Vulnerability	CVE-2008-3465	–	9.3
		Microsoft Windows GDI WMF File Handling Integer Overflow Vulnerability	CVE-2008-2249	7265-0	9.3
Microsoft Security Bulletin MS08-072 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution	Microsoft Office Word Microsoft Office for Mac Microsoft Works Microsoft Office Word Viewer Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats	Microsoft Word Malformed Record Handling Memory Corruption Vulnerability	CVE-2008-4024	7297-0	9.3
		Microsoft Office Rich Text Format File Handling Arbitrary Code Execution Vulnerability	CVE-2008-4025	7296-0	9.3
		Microsoft Word Memory Corruption Arbitrary Code Execution Vulnerability	CVE-2008-4026	7434-0	9.3
		Microsoft Office Rich Text Format File Handling Memory Corruption Vulnerability	CVE-2008-4027	–	9.3
		Microsoft Office Rich Text Format File Processing Arbitrary Code Execution Vulnerability	CVE-2008-4028	7299-0	9.3
		Microsoft Office Rich Text Format File Handling Arbitrary Code Execution Vulnerability	CVE-2008-4030	7428-0	9.3
		Microsoft Office Rich Text Format File Parsing Arbitrary Code Execution Vulnerability	CVE-2008-4031	7432-0 7432-1 7432-2	9.3
		Microsoft Office Malformed Record Parsing Memory Corruption Vulnerability	CVE-2008-4837	7304-0	9.3
Microsoft Security Bulletin MS08-073 Cumulative Security Update for Internet Explorer	Microsoft Internet Explorer	Microsoft Internet Explorer Method Parameter Validation Vulnerability	CVE-2008-4258	7426-0 7426-1 7427-0 7427-1	9.3
		Microsoft Internet Explorer HTML Object Processing Code Execution Vulnerability	CVE-2008-4259	5082-0	9.3
		Microsoft Internet Explorer Deleted Memory Object Access Vulnerability	CVE-2008-4260	–	9.3
		Microsoft Internet Explorer HTML Object Parsing Memory Corruption Vulnerability	CVE-2008-4261	7430-0	9.3
Microsoft Security Bulletin MS08-074 Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution	Microsoft Office Excel Microsoft Office for Mac Microsoft Open XML File Format Converter for Mac Microsoft Office Excel Viewer Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats	Microsoft Office Excel File Malformed Formula Parsing Vulnerability	CVE-2008-4264	7436-0	9.3
		Microsoft Office Excel Document File Format Processing Vulnerability	CVE-2008-4265	7303-0	9.3
		Microsoft Office Excel Global Array Processing Vulnerability	CVE-2008-4266	7301-0	9.3
Microsoft Security Bulletin MS08-075 Vulnerabilities in Windows Search Could Allow Remote Code Execution	Microsoft Windows Vista Microsoft Windows Server	Microsoft Windows Saved Search Memory Processing Vulnerability	CVE-2008-4268	7302-0	9.3
	Microsoft Windows Vista Microsoft Windows Server	Microsoft Windows search-ms Protocol Processing Vulnerability	CVE-2008-4269	7429-0	9.3
Microsoft Security Bulletin MS08-076 Vulnerabilities in Windows Media Components Could Allow Remote Code Execution	Microsoft Windows Media Player Microsoft Windows Media Format Runtime	Microsoft Windows Media Components Service Principle Name Replay Vulnerability	CVE-2008-3009	–	9.3
		Microsoft Windows Media Components ISATAP URL Processing Information Disclosure Vulnerability	CVE-2008-3010	–	4.3
Microsoft Security Bulletin MS08-077 Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege	Microsoft Office SharePoint Server Microsoft Search Server	Microsoft Office SharePoint Authentication Bypass Vulnerability	CVE-2008-4032	7300-0	6.4

Return to Cisco Security Center