Microsoft Updates for Multiple Vulnerabilities

Original release date: December 09, 2008
Last revised: January 13, 2009
Source: US-CERT

Systems Affected

• Microsoft Windows and related components
• Microsoft Internet Explorer
• Microsoft Word, Excel and related components

Overview

Multiple vulnerabilities exist in various Microsoft products, including Windows, Internet Explorer, and Office. The most severe of these vulnerabilities may allow an attacker to gain control of your computer.

Solution

Install updates

The updates to address these vulnerabilities are available on the Microsoft Update site. We recommend enabling Automatic Updates.

Description

In the Microsoft Security Bulletin Summary for December 2008, Microsoft released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Word, and Excel. The most severe of these vulnerabilities may allow an attacker to gain control of your computer.

More technical information is available in US-CERT Technical Cyber Security Alert TA08-344A.

References

• Microsoft Security Bulletin Summary for December 2008 - <http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx>
• US-CERT Technical Cyber Security Alert TA08-344A - <http://www.us-cert.gov/cas/techalerts/TA08-344A.html>
• Microsoft Windows Update - <https://www.update.microsoft.com/microsoftupdate/>

---

Feedback can be directed to US-CERT.

---

Produced 2008 by US-CERT, a government organization. Terms of use

Revision History

December 09, 2008: Initial release
January 13, 2009: Corrected impact statements