IntelliShield Event Response: Microsoft Security Bulletin for June 2008

June 10, 2008

Microsoft released the June Security Update on June 10, 2008. Seven bulletins were released that address ten individual vulnerabilities. Microsoft rated three of the seven bulletins as Critical. Some level of user interaction is required to exploit the Critical vulnerabilities that exist in Microsoft Internet Explorer and Microsoft DirectX. The Critical vulnerability in the Microsoft Bluetooth Stack does not require user interaction but only affects Bluetooth-enabled devices that reside within physical proximity of an attacker. Three bulletins rated as Important address vulnerabilities in Active Directory, Pragmatic General Multicast (PGM), and Microsoft WINS. The WINS vulnerability could allow for elevation of privileges, while the Active Directory and PGM vulnerabilities may result in a denial of service. A Moderate bulletin was also released to address a code execution vulnerability in the Windows Vista Speech Recognition ActiveX control.

Cisco Applied Mitigation Bulletin

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin for June 2008

Cisco Contact Center Enterprise and Hosted Products Impact Assessment

Products Notices for Cisco Enterprise and Hosted Contact Center evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.

Impact Assessment of June 2008 Microsoft Security Bulletins on Cisco Contact Center Enterprise and Hosted Products

Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures associated with this Microsoft update:

Microsoft Security Bulletin	Affected Product	Cisco IntelliShield Alert	CVE ID	Cisco IPS Signature	CVSS Base Score
Microsoft Security Bulletin MS08-030 Vulnerability in Bluetooth Stack Could Allow Remote Code Execution	Microsoft Windows XP Microsoft Windows Vista	Microsoft Windows Bluetooth Stack Service Description Requests Code Execution Vulnerability	CVE-2008-1453	–	7.9
Microsoft Security Bulletin MS08-031 Cumulative Security Update for Internet Explorer	Microsoft Internet Explorer Microsoft Windows Internet Explorer	Microsoft Internet Explorer setRequestHeader() Request Handling HTTP Request Splitting and Smuggling Vulnerability	CVE-2008-1542	6961-0	9.3
		Microsoft Internet Explorer setRequestHeader() Request Handling HTTP Request Splitting and Smuggling Vulnerability	CVE-2007-1544	6960-0 6960-1 6960-2	4.3
Microsoft Security Bulletin MS08-032 Cumulative Security Update of ActiveX Kill Bits	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server Microsoft Windows Vista	Microsoft Windows Speech Recognition Command Execution Vulnerability	CVE-2008-0675	6544-0 6544-1	6.8
Microsoft Security Bulletin MS08-033 Vulnerabilities in DirectX Could Allow Remote Code Execution	Microsoft DirectX	Microsoft DirectX MJPEG Decoder Code Execution Vulnerability	CVE-2008-0011	6963-0	9.3
	Microsoft DirectX	Microsoft DirectX SAMI File Remote Code Execution Vulnerability	CVE-2008-1444	–	9.3
Microsoft Security Bulletin MS08-034 Vulnerability in WINS Could Allow Elevation of Privilege	Microsoft Windows 2000 Microsoft Windows Server	Microsoft Windows WINS Server Privilege Escalation Vulnerability	CVE-2008-1451	6545-0	5.0
Microsoft Security Bulletin MS08-035 Vulnerability in Active Directory Could Allow Denial of Service	Microsoft ADAM Microsoft Active Directory Microsoft AD LDS	Microsoft Windows Active Directory LDAP Denial of Service Vulnerability	CVE-2008-1445	–	7.8
Microsoft Security Bulletin MS08-036 Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service	Microsoft Windows XP Microsoft Windows Server Microsoft Windows Vista	Microsoft Windows Pragmatic General Multicast Invalid Packet Length Processing Denial of Service Vulnerability	CVE-2007-CVE-2008-1440	–	5.4
		Microsoft Windows Pragmatic General Multicast Fragmented Packet Processing Denial of Service Vulnerability	CVE-2008-1441	–	5.4

Return to Cisco Security Center