Home
Resources
Training
About Us
eStore

>

home

 

 

 

 

 

 

 

Latest Blog: New Features in LogRhythm 4.0 Deserve a Place on Your Short List

  

Fast Facts on this Month's
Microsoft Security Bulletins

Bulletin Exploit Types
/Technologies Affected		 System Types Affected Exploit
details public?
/ Being exploited?		 Comprehensive,
practical
workaround
available?		 MS severity rating Products Affected Notes Randy's recommendation
MS08-037

953230		 Spoofing

/ Windows DNS		 Servers, Terminal Servers and
Workstations 		No/No No Important Win2000
Win2003
Win2008
XP 		Restart Req’d; Both DNS Clients and Servers affected Patch after normal testing
MS08-038

950582 		Remote code

/ Windows Explorer 		Terminal Servers and
Workstations 		Yes/No Yes Important Vista
Win2008
Restart req’d; Workarounds will disable saved search feature Patch after minimal testing
MS08-039

953747 		Privilege elevation

/ Exchange  Outlook Web Access 		Servers
No/No No Important Exch2003
Exch2007 		Client’s email at risk Patch after testing
MS08-040

941203 		Privilege elevation; information disclosure
/ SQL Server 		All systems that use SQL Server
 No/No No Important SQL Server; WMSDE; WYukon Restart req’d; Multiple vulnerabilities addressed Patch after normal testing




Download Free
Quick Reference Chart


Upcoming Webinars by Randy Franklin Smith

The Challenge and Benefits of Normalizing Log Data from Disparate Systems

IT Audit: Assessing and Auditing the Windows/Active Directory Environment


Additional Links

A
D
V

NEW! GFI EventsManager 8 Extends Event Management Capabilities. Find Out More.

Get Randy's Security Log Resource Kit


Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2007 Monterey Technology Group, All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.

Site Map