Cisco Event Response: Microsoft Security Bulletin for May 2008

May 13, 2008

Microsoft released the May Security Update on May 13, 2008. Four bulletins were released that address six individual vulnerabilities. Microsoft rated three of the four bulletins as Critical. Some level of user interaction is required to exploit the Critical vulnerabilities, which exist in the Microsoft Jet Database Engine, Microsoft Publisher, and Microsoft Word. The update for Jet Database Engine is a re-release of a previous patch to address additional attack vectors related to this vulnerability. The bulletin rated as Moderate addresses a vulnerability in the Microsoft Malware Protection Engine.


Cisco Applied Mitigation Bulletin

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin for May 2008


Cisco Contact Center Enterprise and Hosted Products Impact Assessment

Products Notices for Cisco Enterprise and Hosted Contact Center evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.

Impact Assessment of May 2008 Microsoft Security Bulletins on Cisco Contact Center Enterprise and Hosted Products


Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures associated with this Microsoft update:

Microsoft Security Bulletin Affected Product Cisco IntelliShield Alert CVE ID
Search CVEs		 Cisco IPS Signature CVSS
Base Score
CVSS Q&A

Microsoft Security Bulletin MS08-026

Vulnerabilities in Microsoft Word Could Allow Remote Code Execution

Microsoft Office Microsoft Word Malformed Strings in RTF Files Memory Corruption Vulnerability CVE-2008-1091
6951-0
9.3
Microsoft Office Word Cascading Style Sheet Processing Memory Corruption Vulnerability CVE-2008-1434
6952-0
 9.3

Microsoft Security Bulletin MS08-27

Vulnerability in Microsoft Publisher Could Allow Remote Code Execution

Microsoft Office Microsoft Publisher Object Handler Data Processing Memory Corruption Vulnerability CVE-2008-0119
9.3

Microsoft Security Bulletin MS08-028

Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution

Microsoft Windows

Microsoft Windows XP

Microsoft Jet Database Engine

Microsoft Windows Server

 Microsoft Jet Database Engine msjet40.dll MDB Parsing Buffer Overflow Vulnerability CVE-2007-6026
6541-0
 9.3

Microsoft Security Bulletin MS08-029

Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service

Microsoft Windows Live OneCare

Microsoft Antigen

Microsoft Windows Defender

Microsoft Forefront Security

Microsoft Standalone System Sweeper

 Microsoft Malware Protection Engine Input Validation Vulnerability CVE-2008-1437
6539-0
 7.1
Microsoft Malware Protection Engine Data Structure Validation Vulnerability CVE-2008-1438
6539-1
 4.3

 

Return to Cisco Security Center