Microsoft Security Bulletin Summary for April 2008

Microsoft released the Security Bulletin for April, 2008. In addition to an updated version of the Microsoft Windows Malicious Software Removal Tool, there were five critical and three important security update released.

Critical

• MS08-018 — Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
• MS08-021 — Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
• MS08-022 — Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
• MS08-023 — Security Update of ActiveX Kill Bits (948881)
• MS08-024 — Cumulative Security Update for Internet Explorer (947864)

Important

• MS08-019 — Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
• MS08-020 — Vulnerability in DNS Client Could Allow Spoofing (945553)
• MS08-025 — Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
  

References:

TechNet: Microsoft Security Bulletin for April 2008

MSRC Blog: April 2008 Monthly Release

“How Do I?”

Hat tip, Roddy32:

MSDN provides a number of “How Do I” videos on various security issues for developers. As described at the site:

Here you’ll find videos that explore a variety of security questions for developers, including encryption, handling attacks, security best practices, and a lot more. New videos are added regularly, so check back often.

You can find the videos at the MSDN Security Development Center.