Home > Tech, Windows > MS08-070 Microsoft Security – Remote Code Execution (932349)

MS08-070 Microsoft Security – Remote Code Execution (932349)

December 10th, 2008 Leave a comment Go to comments

Microsoft Security Bulletin MS08-070 – Critical

Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Affected Software

  • Microsoft Visual Basic 6.0 Runtime Extended Files;
  • all supported editions of Microsoft Visual Studio .NET 2002,
  • Microsoft Visual Studio .NET 2003,
  • Microsoft Visual FoxPro 8.0,
  • Microsoft Visual FoxPro 9.0,
  • Microsoft Office Project 2003,
  • Microsoft Office Project 2007;
  • Microsoft Office FrontPage 2002 (Chinese Simplified (China), Chinese Pan (Hong Kong), Chinese Traditional (Taiwan), and Korean)

The security update addresses the vulnerabilities by improving validation & error handling within the ActiveX controls.

This security update resolves five privately reported vulnerabilities & one publicly disclosed vulnerability in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files. These vulnerabilities could allow remote code execution if a user browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (support.microsoft.com)

Recommendation. Microsoft recommends that customers apply the update immediately.

Categories: Tech, Windows Tags: , , , , , , ,
  1. No comments yet.
  1. No trackbacks yet.
GoCache - ByREV-Cache v1.0 - live served in : 0.627213 sec (gzip)