Well it is that time of the month again all System Administrators dread, nope it is not Aunt Flo's visit for their wives but Microsoft Patch Day. This month we have Four Critical issues to patch.

 

The first of these is MS08-052, this resolves a series of issues with GDI+ and the parsing and handling of various image file formats. These include VML, EMF GIF, WMF and BMP files. The issue i srated Critical for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008, Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, Microsoft Digital Image Suite 2006, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package. For supported versions of Office it is rated as Important. This issue looks like a potential Malware writers wet dream along the lines of the infamous ANI file vulnerability as the issues covered by this fix can be used in a specially crafted web pages to execute code in the context of the current user. Th issues covered by MS08-52 include the following:

Second hitter to the plate, MS08-053, this resolves a remote code execution vulnerability that exists in the WMEX.DLL ActiveX control installed by Windows Media Encoder 9 Series.The vulnerability could allow remote code execution if a user views a specially crafted Web page, the code is executed with the rights of the logged in user.

Next up we have MS08-054, the fix resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. It affects Windows Media Player 11 only on any Windows platform including the super secure Windows Vista. As this was a privately reported vulnerability the details are scarce, however expect more details to follow as the patch is reverse engineered.

The final bit of heartache for this month is MS08-055,  this covers an issue within Office, it is rated as critical for installations of Office OneNote 2007 and as Important for installations of Office XP, Office 2003 and Office 2007. The issue is a remote code execution vulnerability  in the way that Office handles specially crafted URLs using the OneNote protocol handler (onenote://). The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL, the code would executed with the rights of the currently logged in user.

As always at this time of the month, be nice to your System Admins, and let them get on with the job of patching all your systems. It is recommended that all these fixes are installed as soon as possible to avoid the heartache that will be caused as the malware authors get their hands on working exploits.