[SECURITY-L] CAIS-Alerta: Resumo dos Boletins de Seguranca Microsoft - Agosto 2008
CSIRT - UNICAMP
security em unicamp.br
Qua Ago 13 15:19:39 -03 2008
----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----
From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Resumo dos Boletins de Seguranca Microsoft - Agosto
2008
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Wed, 13 Aug 2008 11:29:36 -0300 (BRT)
-----BEGIN PGP SIGNED MESSAGE-----
Prezados,
A partir deste mes o CAIS adotou uma nova abordagem para a divulgacao do
ciclo mensal de alertas da Microsoft. Neste novo formato sao apresentados
o resumo e informacoes essenciais dos boletins de seguranca da Microsoft
referentes ao mes de Agosto de 2008.
Dos 11 alertas divulgados sao tratadas 26 vulnerabilidades que afetam
diversos produtos e que podem resultar desde a divulgacao de informacoes
ate' o comprometimento completo do sistema atacado.
Informacoes disponiveis publicamente indicam que 3 (*) das
vulnerabilidades possuem codigo malicioso (exploit) que esta' sendo
utilizado amplamente em ataques, o que aumenta a criticidade na aplicacao
destas correcoes.
Critico:
MS08-041: Vulnerabilidade no controle ActiveX do Microsoft Access permite execucao remota de codigo (*)
MS08-043: Vulnerabilidade no Microsoft Excel permite execucao remota de codigo
MS08-044: Vulnerabilidade no Microsoft Office Filters permite execucao remota de codigo
MS08-045: Correcoes de seguranca acumulativas para Internet Explorer (*)
MS08-046: Vulnerabilidade no Microsoft Windows Image Color Management System permite execucao remota de codigo
MS08-051: Vulnerabilidade no Microsoft PowerPoint permite execucao remota de codigo
Importante:
MS08-042: Vulnerabilidade no Microsoft Word permite execucao remota de codigo (*)
MS08-047: Vulnerabilidade no IPsec Policy Processing pode permitir a divulgacao de informacoes
MS08-048: Correcoes de seguranca para o Outlook Express e Windows Mail
MS08-049: Vulnerabilidade no Event System permite execucao remota de codigo
MS08-050: Vulnerabilidade no Windows Messenger pode permitir a divulgacao de informacoes
CORRECOES DISPONIVEIS
Recomenda-se fazer a atualizacao para as versoes disponiveis em:
. Microsoft Update
https://www.update.microsoft.com/microsoftupdate/
. Windows Server Update Services
http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
MAIS INFORMACOES
. Microsoft Security Bulletin Summary for August 2008
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx
. SANS ISC Handler's Diary 2008-08-12: August 2008 Black Tuesday Overview
http://isc.sans.org/diary.html?storyid=4876
. MS08-041 - Vulnerability in the ActiveX Control for the Snapshot Viewerfor Microsoft Access Could Allow Remote Code Execution (955617)
http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx
. MS08-042 - Vulnerability in Microsoft Word Could Allow Remote CodeExecution (955048)
http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx
. MS08-043 - Vulnerabilities in Microsoft Excel Could Allow Remote CodeExecution (954066)
http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx
. MS08-044 - Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
http://www.microsoft.com/technet/security/bulletin/ms08-044.mspx
. MS08-045 - Cumulative Security Update for Internet Explorer (953838)
http://www.microsoft.com/technet/security/bulletin/ms08-045.mspx
. MS08-046 - Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
http://www.microsoft.com/technet/security/bulletin/ms08-046.mspx
. MS08-047 - Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)
http://www.microsoft.com/technet/security/bulletin/ms08-047.mspx
. MS08-048 - Security Update for Outlook Express and Windows Mail (951066)
http://www.microsoft.com/technet/security/bulletin/ms08-048.mspx
. MS08-049 - Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
http://www.microsoft.com/technet/security/bulletin/ms08-049.mspx
. MS08-050 - Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
http://www.microsoft.com/technet/security/bulletin/ms08-050.mspx
. MS08-051 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)
http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
. Windows Live OneCare
http://safety.live.com/site/pt-BR/default.htm
Identificador CVE (http://cve.mitre.org):
CVE-2008-2463, CVE-2008-2244, CVE-2008-3003, CVE-2008-3004,
CVE-2008-3005, CVE-2008-3006, CVE-2008-3018, CVE-2008-3019,
CVE-2008-3020, CVE-2008-3021, CVE-2008-3460, CVE-2008-2254,
CVE-2008-2255, CVE-2008-2256, CVE-2008-2257, CVE-2008-2258,
CVE-2008-2259, CVE-2008-2245, CVE-2008-2246, CVE-2008-1448,
CVE-2008-1457, CVE-2008-1458, CVE-2008-0082, CVE-2008-0120,
CVE-2008-0121, CVE-2008-1455
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iQCVAwUBSKLv1ukli63F4U8VAQHCzQP+KONxFKrAnh7QAfigQ9qT+G7jQ/FkTBjU
t9atRPh332zbgx/zTNAXWVzKC6LfGQlPKFbuPowWWII4hwHpEVlPB8X9FT3FJCWr
s9USIKKmYZyOtrwtrXOM8NAbO5PyRx/JRio4z3cZdf4fEHmtoaWRQ0PxbRAbQDW/
yZ/9AvjjQAk=
=iJCO
-----END PGP SIGNATURE-----
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L