About the Author

author photo

Joe Harris, CCIE No. 6200 (R&S, Security & SP) is a Systems Engineer with Cisco Systems® specializing in Security. In addition to authoring Cisco Network Security Little Black Book, Joe has also been a technical reviewer for several Cisco Press publications and written articles, white papers, and presentations on various security technologies. He also assists various Certification Partners by beta testing their newest CCIE certification workbooks and has been recognized by Cisco as an SE Wall of Fame award winner.

See All Posts by This Author

IntelliShield Event Response: Microsoft Security Bulletin for June 2008

June 10th, 2008 • RelatedFiled Under

Microsoft released the June Security Update on June 10, 2008. Seven bulletins were released that address ten individual vulnerabilities. Microsoft rated three of the seven bulletins as Critical. Some level of user interaction is required to exploit the Critical vulnerabilities that exist in Microsoft Internet Explorer and Microsoft DirectX. The Critical vulnerability in the Microsoft Bluetooth Stack does not require user interaction but only affects Bluetooth-enabled devices that reside within physical proximity of an attacker. Three bulletins rated as Important address vulnerabilities in Active Directory, Pragmatic General Multicast (PGM), and Microsoft WINS. The WINS vulnerability could allow for elevation of privileges, while the Active Directory and PGM vulnerabilities may result in a denial of service. A Moderate bulletin was also released to address a code execution vulnerability in the Windows Vista Speech Recognition ActiveX control.

Information about affected and unaffected products is available in the respective Microsoft advisories and the IntelliShield alerts that are referenced below. In addition, multiple Cisco products use Microsoft operating systems as their base operating system. Cisco products that may be affected by the vulnerabilities described in the referenced Microsoft advisories are detailed in the “Associated Products” table in the “Product Sets” section.

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin for June 2008

Post a Response