1 / 30

Microsoft February Security Bulletins

Microsoft February Security Bulletins . Microsoft Corporation. What We Will Cover. Review of February releases: New security bulletins High-priority non-security updates Other security information: Microsoft® Windows® Malicious Software* Removal Tool Resources Questions and answers.

berg
Télécharger la présentation

Microsoft February Security Bulletins

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft February Security Bulletins Microsoft Corporation

  2. What We Will Cover • Review of February releases: • New security bulletins • High-priority non-security updates • Other security information: • Microsoft® Windows® Malicious Software* Removal Tool • Resources • Questions and answers * Malicious software (malware)

  3. February 2008 Security BulletinsSummary • New security bulletins: • Six rated Critical • Five rated Important

  4. Questions and Answers • Submit text questions using the “Ask a Question” button

  5. February 2008 Security Bulletins Overview

  6. February 2008 Security Bulletins Overview

  7. February 2008 Security Bulletins Overview

  8. February 2008 Security BulletinsSeverity Summary

  9. February 2008 Security BulletinsSeverity Summary

  10. February 2008 Security BulletinsSeverity Summary

  11. MS08-003: Vulnerability in Active Directory Could Allow Denial of Service (946538) - Important

  12. MS08-004:Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456) – Important

  13. MS08-005:Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831) – Important

  14. MS08-006:Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830) – Important

  15. MS08-007:Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)– Critical

  16. MS08-008:Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)– Critical

  17. MS08-009:Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077) – Critical

  18. MS08-010:Cumulative Security Update for Internet Explorer (944533) – Critical

  19. MS08-011:Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)– Important

  20. MS08-012:Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085) – Critical

  21. MS08-013:Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108) – Critical

  22. Detection and Deployment

  23. Detection and Deployment

  24. Other Update Information

  25. February 2008 Non-Security Updates

  26. Additional Information • Office 2003 Service Pack 3 security update to be offered for the following bulletins—even though this Service Pack is not affected. • MS08-009 • MS08-012 • MS08-013 • Internet Explorer 7 • Windows Vista 1 and Window 2008 are not affected

  27. Windows Malicious Software Removal Tool • Adds the ability to remove: • Win32/Ldpinch • Available as a priority update through Windows Update or Microsoft Update: • Offered through WSUS 2.0 and WSUS 3.0 • Also available as a download at: http://www.microsoft.com/france/securite/malwareremove

  28. Resources • Update Management Process • http://www.microsoft.com/france/technet/security/guidance/patchmanagement/secmod193.mspx • Microsoft Security Response Center (MSRC) blog:http://blogs.technet.com/msrc • Security Bulletins Summary:www.microsoft.com/technet/security/bulletin/summary.mspx • Security Bulletins Search:www.microsoft.com/technet/security/current.aspx • Security Advisories:www.microsoft.com/technet/security/advisory/ • Microsoft Technical Security Notifications:www.microsoft.com/technet/security/bulletin/notify.mspx • TechNet Radio:www.microsoft.com/tnradio • SearchSecurity Column:http://searchsecurity.techtarget.com/news/0,289141,sid14,00.html • Microsoft Security Newsletter:www.microsoft.com/technet/security/secnews/ • TechNet Security Center:www.microsoft.com/technet/security

  29. Ressources • Retrouvez le compte-rendu des Webcasts sur les Bulletins de sécuritéhttp://www.microsoft.com/france/technet/security/bulletin/webcasts.mspx • Bulletins de sécuritéhttp://www.microsoft.com/france/technet/security/bulletin • Avis de sécuritéhttp://www.microsoft.com/france/technet/security/advisory • Processus de gestion des correctifshttp://www.microsoft.com/france/technet/security/guidance/patchmanagement/secmod193.mspx • Microsoft France sécurité http://www.microsoft.com/france/securite • Lettres d'information et notificationshttp://www.microsoft.com/france/securite/newsletters.mspx • TechNet sécuritéhttp://www.microsoft.com/france/technet/security • Blog du MSRC (Microsoft Security Response Center)http://blogs.technet.com/msrc • TechNet Radio (en anglais)http://www.microsoft.com/tnradio

  30. Informations légales L’OBJET DU PRESENT DOCUMENT EST DE VOUS FOURNIR L’INFORMATION QUE VOUS AVEZ DEMANDEE CONCERNANT LA SECURITE. GENERALEMENT, L’INFORMATION PROVOQUE UNE PRISE DE CONSCIENCE AUTOUR DE LA SECURITE ET IDENTIFIE LE PERSONNEL, LES PROCEDES, RESSOURCES ET TECHNOLOGIES QUI SONT DESTINES A PROMOUVOIR DE BONNES REGLES DE SECURITE DANS VOTRE ORGANISATION. LES VIRUS ET AUTRES TECHNOLOGIES NUISIBLES DESTINES A ATTAQUER VOTRE ENVIRONNEMENT INFORMATIQUE CHANGENT CONTINUELLEMENT AFIN DE CONTOURNER LES MESURES DE SECURITE EXISTANTES. DES LORS, MAINTENIR UN ENVIRONNEMENT INFORMATIQUE FIABLE EST UN PROCESSUS CONTINU QUI EXIGE QUE VOUS MAINTENIEZ UN PERSONNEL, DES PROCEDES, RESSOURCES ET TECHNOLOGIES ADEQUATS AFIN DE VOUS PROTEGER CONTRE TOUTE ATTEINTE A LA SECURITE. AUCUNE DISPOSITION CONTENUE DANS LES PRESENTES NE DOIT ETRE INTERPRETEE OU CONSIDEREE COMME UNE CERTIFICATION, UNE GARANTIE OU TOUTE AUTRE FORME DE VALIDATION QUE VOTRE ENVIRONNEMENT INFORMATIQUE EST ET DEMEURERA PROTEGE CONTRE DES ATTEINTES A LA SECURITE ET NOUS N’ASSUMONS AUCUNE RESPONSABILITE POUR TOUTE ATTEINTE A LA SECURITE OU TOUT DOMMAGE OU PERTE SUBSEQUENT. TOUTES COMMUNICATIONS OU TRANSMISSIONS D’INFORMATION QUI VOUS SONT ADRESSEES AU SUJET DE MICROSOFT ET CONCERNANT LA SECURITE INCLUANT NOTAMMENT TOUTES SUGGESTIONS, ANALYSES, OU COMMENTAIRES QUI VOUS SONT FOURNIS DURANT UNE ANALYSE RELATIVE A LA SECURITE OU TOUTE AUTRE INFORMATION PASSEE, PRESENTE OU FUTURE RELATIVE NOTAMMENT AUX TESTS DE SECURITE, EVALUATIONS, DISPONIBILITES, HORAIRES OU OBJECTIFS (CI-APRES COLLECTIVEMENT DENOMMES « INFORMATIONS SUR LA SECURITE »), SONT FOURNIS CONFORMEMENT AUX CONDITIONS DU CONTRAT DE SERVICE EXISTANT ENTRE VOUS ET MICROSOFT ET UNIQUEMENT AFIN DE VOUS PERMETTRE DE VOUS ORGANISER FACE A D’EVENTUELS PROBLEMES DE SECURITE. TOUTES LES INFORMATIONS SUR LA SECURITE CONTIENNENT TOUTES LES DONNEES QUI NOUS SONT ACTUELLEMENT ACCESSIBLES MAIS QUI SONT SUSCEPTIBLES DE CHANGER EN RAISON DU CHANGEMENT CONSTANT DE CES DONNEES SANS QUE MICROSOFT VOUS AIT PREALABLEMENT INFORME DE CES CHANGEMENTS. NOUS VOUS RECOMMANDONS DONC DE VERIFIER REGULIEREMENT AUPRES DE NOUS ET SUR LE SITE INTERNET DE SECURITE SITUE A L’ADRESSE SUIVANTE WWW.MICROSOFT.COM/SECURITY SI LES INFORMATIONS QUE NOUS VOUS AVONS FOURNIES FONT L’OBJET DE MISES A JOUR. VEUILLEZ NOUS CONTACTER SI VOUS AVEZ D’AUTRES QUESTIONS CONCERNANT DES PROBLEMES DE SECURITE OU SI VOUS AVEZ BESOIN D’UNE MISE A JOUR DES INFORMATIONS QUE NOUS VOUS AVONS FOURNIES.

More Related