14 DAY TRIAL // Windows Vista SP1 has yet to reach the end of the first month since Microsoft made it available to the general public and the company is already hammering away at the service pack in an attempt to plug critical security holes. On April 8, 2008, Microsoft released a total of eight security bulletins for Windows, Office and Internet Explorer. No less than four security bulletins impact Windows Vista, with three affecting Vista SP1. Microsoft patched two critical security vulnerabilities in Vista SP1 via MS08-021, and two Important holes via MS08-023 and MS08-025.
MS08-021 is designed to resolve "two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This is a critical security update for Microsoft Windows 2000 Service Pack 4, and all supported releases of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008," Microsoft revealed.
MS08-023 is a security update of ActiveX Kill Bits for Vista SP1 plugging just one vulnerability labeled as Important despite the fact that it allows for remote code execution. The flaw is exploitable via malformed webpages, but Microsoft revealed that the User Account Control delivers an additional layer of security.
MS08-025 deals with a vulnerability in the Windows Kernel. "A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts," Microsoft explained. A successful exploit is intimately connected with physical access to the machine.
Here is the complete list of security bulletins released by Microsoft on April 8, 2008:
MS08-018 - Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183) MS08-019 - Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032) MS08-020 - Vulnerability in DNS Client Could Allow Spoofing (945553) MS08-021 - Vulnerabilities in GDI Could Allow Remote Code Execution (948590) MS08-022 - Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338) MS08-023 - Security Update of ActiveX Kill Bits (948881) MS08-024 - Cumulative Security Update for Internet Explorer (947864) MS08-025 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)