Patch Tuesday Analysis for June 2008

All of this month's patches deal with Windows vulnerability but run the gamut in system types from workstations to domain controllers.  The only 2 publicly disclosed vulnerabilities are workstation-type security holes and they aren't currenlty being used in attacks so do your testing but don't delay getting the patches deployed.  The server and domain controller security holes are either privilege elevation or denial of service risks so I'm not viewing those as super urgent.  Follow your normal testing. 

 
Below is the fast facts table on all of the patches to help your impact analysis:
BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS08-034

948745
Privilege elevation

/ WINS Server
Servers
No/NoNoImportant Win2000
Win2003
NonePatch after normal testing
MS08-031

950759
Arbitrary code
Information disclosure

/ Internet Explorer
Workstations
Terminal Servers
Yes/NoNoCritical Win2000
XP
Win2003
Vista
Win2008
NonePatch ASAP after minimum testing
MS08-032

950760
Arbitrary code

/ Microsoft Speech API
Workstations
Terminal Servers
Yes/NoYesModerate Win2000
XP
Win2003
Vista
Win2008
See Death of an ActiveX Control on my site for automating workaround, Vista SP1 immuneImplement workaround or patch after minimun testing
MS08-036

950762
Denial of service

/ PGM, MSMQ
Workstations
Servers
No/NoNoImportant XP
Win2003
Vista
Win2008
Computers with MSMQ or are running a PGM-supported applicationPatch if concerned with DOS attacks on internal network
MS08-030

951376
Arbitrary code

/ Bluetooth stack
Workstations
No/NoYesCritical XP
Vista
Physical proximity apparently requiredDisable Bluetooth or patch after testing
MS08-033

951698
Arbitrary code

/ DirectX
Workstations
Terminal Servers
No/NoYesCritical Win2000
XP
Win2003
Vista
Win2008
Use startup scripts to run workaround commandsImplement workaround or patch after normal testing
MS08-035

953235
Denial of service

/ AD and ADAM
Domain Controllers
No/NoNoImportant Win2000
XP
Win2003
Win2008
DCs and ADAM serversPatch if concerned with DOS attacks on internal network

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Tuesday Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.