The latest Critical security patches for Windows XP Service Pack 3 and Windows Vista Service Pack 1 are available from Microsoft.
Of course, that the two Windows client versions are not the only software products patched by the Redmond company as a part of its monthly security update cycle. Although Microsoft was planning no less than a dozen security bulletin releases for August 12, 2008, it managed to come one short. Only 11 update packages made it out the door, six of which were rated with a maximum severity rating of Critical, with the remaining five receiving a label of Important.
"You may notice that we removed one of the bulletins that we had mentioned in the "Advanced Notification Service" that we released last week. We did this prior to today’s bulletin release because of a last minute quality issue. Microsoft has heard from customers that the quality of updates is very important and, as part of the process at the Microsoft Security Response Center (MSRC), Microsoft tests these updates continuously until they are ready for distribution to customers through our regularly scheduled security bulletin release," explained Tami Gallupe, Microsoft Security Response Center release manager.
The August 2008 incomplete dozen of Microsoft security bulletins are designed to plug a staggering 26 holes in not only Windows, but also Internet Explorer, Windows Messenger and Office. In fact six of the security bulletins impact Windows and the components of the operating system while the rest of five affect the Office system and its software. However, details on only three of the 26 vulnerabilities have been made available in the wild prior to the Redmond company releasing its patches.
Here is the complete list of the August 2008 security bulletins provided by Gallupe:
MS08-041 – Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) – Critical
MS08-042 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048) – Important
MS08-043 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066) – Critical
MS08-044 – Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090) – Critical
MS08-045 – Cumulative Security Update for Internet Explorer (953838) – Critical
MS08-046 – Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) – Critical
MS08-047 – Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733) – Important
MS08-048 – Security Update for Outlook Express and Windows Mail (951066) – Important
MS08-049 – Vulnerabilities in Event System Could Allow Remote Code Execution (950974) – Important
MS08-050 – Vulnerability in Windows Messenger Could Allow Information Disclosure (955702) – Important
MS08-051 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) – Critical