Microsoft January 2008 Security Bulletins

[Donna Buenaventura]

Microsoft's January 2008 Security Bulletins

As part of Microsoft's routine, monthly security update cycle, today they
released two new security bulletins that affects Windows system.
Note: There may be latency issues due to replication, if the page does not
display keep refreshing.

Critical
MS08-001 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code
Execution (941644)
http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx

Important
MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of Privilege
(943485)
http://www.microsoft.com/technet/security/bulletin/MS08-002.mspx

Microsoft also released Non-Security, High-Priority Updates on MU, WU, and
WSUS:
- Five non-security, high-priority updates on Microsoft Update (MU) and
Windows Server Update Services (WSUS).
- Two non-security, high-priority updates for Windows on Windows Update (WU)
and WSUS.

Microsoft Windows Malicious Software Removal Tool
Microsoft has released an updated version of the Microsoft Windows Malicious
Software Removal Tool on Windows Update, Microsoft Update, Windows Server
Update Services, and the Download Center.

References:
January 2008 Security Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx
Security Bulletin for end-users:
http://www.microsoft.com/protect/computer/updates/bulletins/200801.mspx
MSRC Blog: http://blogs.technet.com

Support:
Call 1-866-PCSAFETY. There is no charge for support calls that are
associated with security updates. International users should go to
http://support.microsoft.com/common/international.aspx

Security Bulletin Webcast:
Microsoft will host a Webcast tomorrow. The webcast focuses on addressing
your questions and concerns about the security bulletins. Therefore, most of
the live webcast is aimed at giving you the opportunity to ask questions and
get answers from their security experts.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032357213&Culture=en-US

Regards,
Donna Buenaventura
Windows Security MVP
http://www.dozleng.com

 

[MAP]

Donna Buenaventura wrote:
> Microsoft's January 2008 Security Bulletins
>
> As part of Microsoft's routine, monthly security update cycle, today
> they released two new security bulletins that affects Windows system.
> Note: There may be latency issues due to replication, if the page
> does not display keep refreshing.
>
> Critical
> MS08-001 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code
> Execution (941644)
> http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
>
> Important
> MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of
> Privilege (943485)
> http://www.microsoft.com/technet/security/bulletin/MS08-002.mspx
>
> Microsoft also released Non-Security, High-Priority Updates on MU,
> WU, and WSUS:
> - Five non-security, high-priority updates on Microsoft Update (MU)
> and Windows Server Update Services (WSUS).
> - Two non-security, high-priority updates for Windows on Windows
> Update (WU) and WSUS.
>
> Microsoft Windows Malicious Software Removal Tool
> Microsoft has released an updated version of the Microsoft Windows
> Malicious Software Removal Tool on Windows Update, Microsoft Update,
> Windows Server Update Services, and the Download Center.
>
> References:
> January 2008 Security Bulletin Summary:
> http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx
> Security Bulletin for end-users:
> http://www.microsoft.com/protect/computer/updates/bulletins/200801.mspx
> MSRC Blog: http://blogs.technet.com
>
> Support:
> Call 1-866-PCSAFETY. There is no charge for support calls that are
> associated with security updates. International users should go to
> http://support.microsoft.com/common/international.aspx
>
> Security Bulletin Webcast:
> Microsoft will host a Webcast tomorrow. The webcast focuses on
> addressing your questions and concerns about the security bulletins.
> Therefore, most of the live webcast is aimed at giving you the
> opportunity to ask questions and get answers from their security
> experts.
> http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032357213&Culture=en-US
>
> Regards,
> Donna Buenaventura
> Windows Security MVP
> http://www.dozleng.com

Not needed for the home user.
http://www.ultimatewindowssecurity.com/

--
Mike Pawlak

 

[MedRxman]

will the lattency issue be a permanet issue if it does appear, or will the
issue resolve itself after refreshing?


"Donna Buenaventura" <dbuenaventura@mvps.org> wrote in message
news:4A157AEB-97DF-44BA-B394-0B1473417F56@microsoft.com...
> Microsoft's January 2008 Security Bulletins
>
> As part of Microsoft's routine, monthly security update cycle, today they
> released two new security bulletins that affects Windows system.
> Note: There may be latency issues due to replication, if the page does not
> display keep refreshing.
>
> Critical
> MS08-001 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code
> Execution (941644)
> http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
>
> Important
> MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of Privilege
> (943485)
> http://www.microsoft.com/technet/security/bulletin/MS08-002.mspx
>
> Microsoft also released Non-Security, High-Priority Updates on MU, WU, and
> WSUS:
> - Five non-security, high-priority updates on Microsoft Update (MU) and
> Windows Server Update Services (WSUS).
> - Two non-security, high-priority updates for Windows on Windows Update
> (WU) and WSUS.
>
> Microsoft Windows Malicious Software Removal Tool
> Microsoft has released an updated version of the Microsoft Windows
> Malicious Software Removal Tool on Windows Update, Microsoft Update,
> Windows Server Update Services, and the Download Center.
>
> References:
> January 2008 Security Bulletin Summary:
> http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx
> Security Bulletin for end-users:
> http://www.microsoft.com/protect/computer/updates/bulletins/200801.mspx
> MSRC Blog: http://blogs.technet.com
>
> Support:
> Call 1-866-PCSAFETY. There is no charge for support calls that are
> associated with security updates. International users should go to
> http://support.microsoft.com/common/international.aspx
>
> Security Bulletin Webcast:
> Microsoft will host a Webcast tomorrow. The webcast focuses on addressing
> your questions and concerns about the security bulletins. Therefore, most
> of the live webcast is aimed at giving you the opportunity to ask
> questions and get answers from their security experts.
> http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032357213&Culture=en-US
>
> Regards,
> Donna Buenaventura
> Windows Security MVP
> http://www.dozleng.com
>

 

[NeilP]

Windows Update automatically downloaded these last security updates on my
Windows 2000 Profession home system and initiated an system restart. When I
logged in with my username I discovered that all my settings and files
associated with my username were missing.

On closer inspection in the directory c:\documents and settings I noticed
that a new directory had been created called "\username.computername" to
which my user account was now connected.

All my old information is sitting in the folder "c:\documents and
settings\username"

Question: Why would it have done this and more importantly, when I log in,
how can I get my user to connect back to the original folder?

Any help gratefully accepted.

Thanks, Neil

"Donna Buenaventura" wrote:

> Microsoft's January 2008 Security Bulletins
>
> As part of Microsoft's routine, monthly security update cycle, today they
> released two new security bulletins that affects Windows system.
> Note: There may be latency issues due to replication, if the page does not
> display keep refreshing.
>
> Critical
> MS08-001 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code
> Execution (941644)
> http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
>
> Important
> MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of Privilege
> (943485)
> http://www.microsoft.com/technet/security/bulletin/MS08-002.mspx
>
> Microsoft also released Non-Security, High-Priority Updates on MU, WU, and
> WSUS:
> - Five non-security, high-priority updates on Microsoft Update (MU) and
> Windows Server Update Services (WSUS).
> - Two non-security, high-priority updates for Windows on Windows Update (WU)
> and WSUS.
>
> Microsoft Windows Malicious Software Removal Tool
> Microsoft has released an updated version of the Microsoft Windows Malicious
> Software Removal Tool on Windows Update, Microsoft Update, Windows Server
> Update Services, and the Download Center.
>
> References:
> January 2008 Security Bulletin Summary:
> http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx
> Security Bulletin for end-users:
> http://www.microsoft.com/protect/computer/updates/bulletins/200801.mspx
> MSRC Blog: http://blogs.technet.com
>
> Support:
> Call 1-866-PCSAFETY. There is no charge for support calls that are
> associated with security updates. International users should go to
> http://support.microsoft.com/common/international.aspx
>
> Security Bulletin Webcast:
> Microsoft will host a Webcast tomorrow. The webcast focuses on addressing
> your questions and concerns about the security bulletins. Therefore, most of
> the live webcast is aimed at giving you the opportunity to ask questions and
> get answers from their security experts.
> http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032357213&Culture=en-US
>
> Regards,
> Donna Buenaventura
> Windows Security MVP
> http://www.dozleng.com
>

 

[xxflop]

Latest updates broke my Tablet PC digitalizer drivers After installing
"MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of Privilege
(943485)" the Wacom digitalizer stopped working. It uses the standard Wacom
Serial Pen driver.

Somebody had similar problems? Any idea how to solve that? All Wacom Tablet
users affected?

"Donna Buenaventura" wrote:

> Microsoft's January 2008 Security Bulletins
>
> As part of Microsoft's routine, monthly security update cycle, today they
> released two new security bulletins that affects Windows system.
> Note: There may be latency issues due to replication, if the page does not
> display keep refreshing.
>
> Critical
> MS08-001 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code
> Execution (941644)
> http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
>
> Important
> MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of Privilege
> (943485)
> http://www.microsoft.com/technet/security/bulletin/MS08-002.mspx
>
> Microsoft also released Non-Security, High-Priority Updates on MU, WU, and
> WSUS:
> - Five non-security, high-priority updates on Microsoft Update (MU) and
> Windows Server Update Services (WSUS).
> - Two non-security, high-priority updates for Windows on Windows Update (WU)
> and WSUS.
>
> Microsoft Windows Malicious Software Removal Tool
> Microsoft has released an updated version of the Microsoft Windows Malicious
> Software Removal Tool on Windows Update, Microsoft Update, Windows Server
> Update Services, and the Download Center.
>
> References:
> January 2008 Security Bulletin Summary:
> http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx
> Security Bulletin for end-users:
> http://www.microsoft.com/protect/computer/updates/bulletins/200801.mspx
> MSRC Blog: http://blogs.technet.com
>
> Support:
> Call 1-866-PCSAFETY. There is no charge for support calls that are
> associated with security updates. International users should go to
> http://support.microsoft.com/common/international.aspx
>
> Security Bulletin Webcast:
> Microsoft will host a Webcast tomorrow. The webcast focuses on addressing
> your questions and concerns about the security bulletins. Therefore, most of
> the live webcast is aimed at giving you the opportunity to ask questions and
> get answers from their security experts.
> http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032357213&Culture=en-US
>
> Regards,
> Donna Buenaventura
> Windows Security MVP
> http://www.dozleng.com
>

 

[antioch]

"xxflop" <xxflop@discussions.microsoft.com> wrote in message
news:85BA378E-0908-4D7A-8D86-CD904A15C02A@microsoft.com...
> Latest updates broke my Tablet PC digitalizer drivers After installing
> "MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of
> Privilege
> (943485)" the Wacom digitalizer stopped working. It uses the standard
> Wacom
> Serial Pen driver.
>
> Somebody had similar problems? Any idea how to solve that? All Wacom
> Tablet
> users affected?

You could start your own post in the correct group - your post here is in
reply to general information re this months Black Tuesday offerings. I
think there is one for updates in the web interface - plus you will get a
wider audience to your problem. You are currently in the security.virus
group.

Antioch

 

[antioch]

"NeilP" <NeilP@discussions.microsoft.com> wrote in message
news:3EF81B2B-A40C-4C5B-8E8D-F8701C70774F@microsoft.com...
> Windows Update automatically downloaded these last security updates on my
> Windows 2000 Profession home system and initiated an system restart. When
> I
> logged in with my username I discovered that all my settings and files
> associated with my username were missing.
>
> On closer inspection in the directory c:\documents and settings I noticed
> that a new directory had been created called "\username.computername" to
> which my user account was now connected.

I would also suggest to you that you post your problem in the correct group
rather than in a general information posting, which is in security.virus -
search for windows.update in the web interface discussion group you are
using.

Antioch

 

[xxflop]

Sorry, I though I was in windowsupdate group.

"antioch" wrote:

>
> "xxflop" <xxflop@discussions.microsoft.com> wrote in message
> news:85BA378E-0908-4D7A-8D86-CD904A15C02A@microsoft.com...
> > Latest updates broke my Tablet PC digitalizer drivers After installing
> > "MS08-002 - Vulnerability in LSASS Could Allow Local Elevation of
> > Privilege
> > (943485)" the Wacom digitalizer stopped working. It uses the standard
> > Wacom
> > Serial Pen driver.
> >
> > Somebody had similar problems? Any idea how to solve that? All Wacom
> > Tablet
> > users affected?
>
> You could start your own post in the correct group - your post here is in
> reply to general information re this months Black Tuesday offerings. I
> think there is one for updates in the web interface - plus you will get a
> wider audience to your problem. You are currently in the security.virus
> group.
>
> Antioch
>
>
>

 

[PA Bear [MS MVP]]

Crossposting eliminated.

[<psst> Donna crossposted the original message to Security.Virus,
Security.HomeUsers, Win2K Security, Windows Update, and WinXP General
newsgroups.]
--
~PA Bear

antioch wrote:
> "NeilP" <NeilP@discussions.microsoft.com> wrote in message
> news:3EF81B2B-A40C-4C5B-8E8D-F8701C70774F@microsoft.com...
>> Windows Update automatically downloaded these last security updates on my
>> Windows 2000 Profession home system and initiated an system restart. When
>> I
>> logged in with my username I discovered that all my settings and files
>> associated with my username were missing.
>>
>> On closer inspection in the directory c:\documents and settings I noticed
>> that a new directory had been created called "\username.computername" to
>> which my user account was now connected.
>
> I would also suggest to you that you post your problem in the correct
> group
> rather than in a general information posting, which is in security.virus -
> search for windows.update in the web interface discussion group you are
> using.
>
> Antioch

 

[PA Bear [MS MVP]]

NeilP, please begin a new thread in Windows Update newsgroup about your
issues. Thank you.
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE, OE, Security, Shell/User)
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

NeilP wrote:
> Windows Update automatically downloaded these last security updates on my
> Windows 2000 Profession home system and initiated an system restart. When
> I
> logged in with my username I discovered that all my settings and files
> associated with my username were missing.
>
> On closer inspection in the directory c:\documents and settings I noticed
> that a new directory had been created called "\username.computername" to
> which my user account was now connected.
>
> All my old information is sitting in the folder "c:\documents and
> settings\username"
>
> Question: Why would it have done this and more importantly, when I log in,
> how can I get my user to connect back to the original folder?
>
> Any help gratefully accepted.
<snip>

 

[MAP]

Ah, didn't I say something along the lines that these updates where not
needed?
Enjoy your troubles.
--
Mike Pawlak

 

[NeilP]

Thanks - I have now done so. To be honest I didn't know where to start!


Neil

"PA Bear [MS MVP]" wrote:

> NeilP, please begin a new thread in Windows Update newsgroup about your
> issues. Thank you.
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (IE, OE, Security, Shell/User)
> AumHa VSOP & Admin http://aumha.net
> DTS-L http://dts-l.net/
>
> NeilP wrote:
> > Windows Update automatically downloaded these last security updates on my
> > Windows 2000 Profession home system and initiated an system restart. When
> > I
> > logged in with my username I discovered that all my settings and files
> > associated with my username were missing.
> >
> > On closer inspection in the directory c:\documents and settings I noticed
> > that a new directory had been created called "\username.computername" to
> > which my user account was now connected.
> >
> > All my old information is sitting in the folder "c:\documents and
> > settings\username"
> >
> > Question: Why would it have done this and more importantly, when I log in,
> > how can I get my user to connect back to the original folder?
> >
> > Any help gratefully accepted.
> <snip>
>
>

 

[mailtosekhardp@gmail.com]

On Jan 10, 7:08 am, "PA Bear [MS MVP]" <PABear...@gmail.com> wrote:
> NeilP, please begin a new thread in Windows Update newsgroup about your
> issues.  Thank you.
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (IE, OE,Security, Shell/User)
> AumHa VSOP & Adminhttp://aumha.net
> DTS-Lhttp://dts-l.net/
>
>
>
>
>
> NeilP wrote:
> > Windows Update automatically downloaded these lastsecurityupdates on my
> > Windows 2000 Profession home system and initiated an system restart. When
> > I
> > logged in with my username I discovered that all my settings and files
> > associated with my username were missing.
>
> > On closer inspection in the directory c:\documents and settings I noticed
> > that a new directory had been created called "\username.computername" to
> > which my user account was now connected.
>
> > All my old information is sitting in the folder "c:\documents and
> > settings\username"
>
> > Question: Why would it have done this and more importantly, when I log in,
> > how can I get my user to connect back to the original folder?
>
> > Any help gratefully accepted.
>
> <snip>- Hide quoted text -
>
> - Show quoted text -

sdfdasfasdf

 

[rdw]

We have about 10 Vista machines her running Vista 32 bit Enterprise.

After the patches, every Vista machine now takes over 3 minutes to login.
It previously took about 40 seconds.

Also, opening up MMC's now take minutes instead of seconds and some database
programs take minutes to open up each record.

Trying to get WSUS to uninstall but having difficulty doing that too.

Robert

 

[Plato]

=?Utf-8?B?cmR3?= wrote:
>
> We have about 10 Vista machines her running Vista 32 bit Enterprise.
>
> After the patches, every Vista machine now takes over 3 minutes to login.
> It previously took about 40 seconds.
>
> Also, opening up MMC's now take minutes instead of seconds and some database
> programs take minutes to open up each record.
>
> Trying to get WSUS to uninstall but having difficulty doing that too.

Next time. Wait until any MS OS is version II or later before using it.



--
http://www.bootdisk.com/