Consider the following scenario:

• In an Active Directory domain, you have member computers that are running Windows Vista Service Pack 1 or Windows Server 2008.
• You configure a file security policy to set file permissions on a folder.
• The path that you specified for the folder contains some environment variables. For example, you specify the following path for the folder:
  

  %ALLUSERSPROFILE%\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP

In this scenario, when you run the Resultant Set of Policy (RSoP) Microsoft Management Console (MMC) snap-in on a member computer, the security file policy is missing. Additionally, the following event is logged on the domain controllers and on the member computers:

Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: Date_Time
Event ID: 1091
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: ComputerName
Description:
Windows could not record the Resultant Set of Policy (RSoP) information for the Group Policy extension Security. Group Policy settings successfully applied to the computer or user; however, management tools may not report accurately.

Consider the following scenario:

• In a network environment, you configure the Internet Protocol security (IPsec) policy to use the tunnel mode.
• In the IP Filter Properties dialog box of the IPsec policy, you use a subnet address for the Source Address or for the Destination Address.
• You try to establish the IPsec tunnel-mode connection to a partner computer from a Windows Vista-based computer or from a Windows Server 2008-based computer.

In this scenario, the computer cannot negotiate the security mode with the partner computer. Therefore, you cannot use IPsec to secure the connection.

Description: This security update resolves a privately reported vulnerability in Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by performing additional parameter validation and modifying the way that controls in Windows Media Encoder interact with Internet Explorer. Keep reading →

Description: This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerabilities by modifying the way that GDI+ handles viewing malformed images. Keep reading →

Description: This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by correcting the manner in which Windows Media Player 11 handles audio files streamed from a server-side playlist (SSPL). Keep reading →

Next Tuesday expect one critical update for the Media Player in Vista. Keep reading →

Though the Security Bulletin Advance Notification for August 2008 said Vista would be getting five updates, four were delivered. Missing from the list was a critical update for Windows Media Player. Also released were 7 other updates, mostly for Microsoft Office, revisions for four existing security bulletins, and two security advisories. Here’s what was released for Vista: Keep reading →

Description: This security update resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update addresses the vulnerability by changing the MHTML protocol handler in Windows so that it securely handles MHTML URLs in redirection scenarios. Keep reading →

Ed examines the claim that Windows security has been bypassed and there is nothing that Microsoft can do about it. His verdict? The sky is not falling… Keep reading →

Microsoft posted the Security Bulletin Advance Notification for August 2008 today. In all, seven security updates are being released that affect the Windows Operating System, with five of them affecting Windows Vista. Three are ‘Important’, the other two ‘Critical’. Expect updates for the following issues on Tuesday, August 12th: Keep reading →