Microsoft released four security updates for July, rating all of them as important. Here's a brief description of each update; for more information, go to
http://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx
MS08-037: Vulnerabilities in DNS Could Allow Spoofing
This vulnerability deals with the possible spoofing of the Windows DNS client and server. The most severe consequence from an attack leveraging this vulnerability is network traffic being redirected by the attacker from a legitimate host to the attacker's own systems. This bulletin replaces no previous bulletins.
Applies to: Windows Server 2003, Windows XP, and Windows 2000 DNS clients; Windows Server 2008, Windows Server 2003, and Windows 2000 DNS servers
Recommendation: Microsoft rates this update as important. The vulnerabilities have been privately rather than publically reported. You should test and deploy this update as a part of your organization's regular patch management strategy.
MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution
The attack vector for this vulnerability is a specially crafted saved-search file. The most severe consequence from an attack leveraging this vulnerability is an attacker taking complete control of an affected system. This bulletin does not replace any previous security bulletins.
Applies to: Windows Server 2008 and Windows Vista
Recommendation: Microsoft rates this update as important; however, the vulnerability was publically disclosed and could result in an attacked system being completely compromised. Although there were no critical bulletins released this month, you should test and deploy this update as a part of your organization’s accelerated patch management strategy.
MS08-039: Vulnerability in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege
Both of the vulnerabilities addressed by this update deal with cross-site scripting attacks against Outlook Web Access (OWA) clients connecting to OWA on Exchange Server 2007 and Exchange Server 2003. The most severe consequence from an attack leveraging this vulnerability is elevation of privilege, allowing the attacker to perform any action within an individual client’s OWA session. This bulletin replaces previous bulletin MS07-026.
Applies to: Exchange Server 2007 and Exchange Server 2003
Recommendation:
Microsoft rates this update as important. If your organization relies heavily on OWA, you should test and deploy this update as a part of your organization’s regular patch management strategy.
MS08-040: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege
This update addresses four vulnerabilities that have been privately disclosed to Microsoft. The most severe consequence from an attack leveraging one of the vulnerabilities addressed by this bulletin is that an attacker could execute code and take complete control of an affected server, thus being able to install programs; view, change, or delete data; and create new accounts with administrative rights. This bulletin replaces no previous bulletins.
Applies to: SQL Server 2005, SQL Server 2000, and SQL Server 7.0
Recommendation: Although Microsoft rates this update as important, given the critical nature of SQL Server to many organizations and the possible leveraging of these vulnerabilities to take complete control of a database server (though admittedly under a very specific set of circumstances), you should thoroughly test and deploy this update as a part of your organization’s accelerated patch management strategy.
