Microsoft Security Bulletin - January 2008

Microsoft released the Security Bulletin for January, 2008. In addition to an updated version of of the Microsoft Windows Malicious Software Removal Tool, there was one critical and one important security update released.

Also included in the updates for Windows Vista is Security Advisory 943411. The purpose of this update is to enable Windows Sidebar to block potentially vulnerable gadgets.

Critical:

• MS08-001 -- Vulnerability in TCP(IP)/IGMP that could allow remote code execution. All currently supported versions of Windows are affected.

Important:

• MS08-002: Vulnerability in LSASS that could allow local elevation of privilege. Windows 2000, Windows XP and Windows Server 2003 are affected by this update.

Although the information is directed toward IT Professionals, the new Security Vulnerability Research & Defense Blog issued an in-depth analysis of MS08-001, linked below.