GFI Adds Support for January 2008 Microsoft Security Updates

Filed in archive Misc on January 31, 2008

GFI has announced it has added support for these recent Microsoft Security Updates:

MS08-002
Severity Rating: Important
Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)
Description:
This important update resolves a privately reported vulnerability in Microsoft Windows Local Security Authority Subsystem Service (LSASS). The vulnerability could allow an attacker to run arbitrary code with elevated privileges. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This
is an important security update for all supported editions of Windows 2000, Windows XP, and Windows 2003.

MS08-001
Severity Rating: Critical
Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)
Description:
This critical security update resolves two privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This is a critical security update for all supported editions of Windows XP and Windows Vista, an important security update for all supported editions of Windows Server 2003, and a moderate security update for all supported editions of Microsoft Windows 2000.

The products involved are GFI LANguard Network Security Scanner 7 and 8. More information is available here.