Home / bulletins MS08-062 - Important: Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155) - Version:2.0
Posted on 15 October 2008
There is an newer version: MS08-062 - Version: 2.2
ImportantSeverity Rating: Important - Revision Note: V2.0 (October 15, 2008): Removed the severity rating for Windows Server 2008 for Itanium-based Systems. Added Frequently Asked Questions (FAQ) Related to This Security Update entries to explain the reason for the rating change and to clarify that the update for Windows Server 2008 for Itanium-based Systems is available through the Microsoft Download Center. Also, changed the Microsoft Baseline Security Analyzer and Systems Management Server deployment summaries to "no" for Windows Server 2008 for Itanium-based Systems in the Detection and Deployment Tools and Guidance section. There were no changes to the security update binaries.Summary: This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-062 - Version: 1.0
- MS08-062 - Version: 2.0
- MS08-062 - Version: 2.1
- MS08-062 - Version: 2.2
