Microsoft has released two new security bulletins. MS08-068 covers a vulnerability in SMB (Microsoft Server Message Block) with the potential impact of remote code execution. MS08-069 covers three vulnerabilities in MSXML (Microsoft XML Core Services). The most severe of the three may result in remote code execution.
- Critical
- Systems worldwide are targeted by a worm.
- New malware that potentially can cause damage has been reported and has spread globally.
- Severe
- An unpatched or recently patched vulnerability can be exploited by a worm, and systems worldwide are at risk to be targeted by a particular worm. No worm activity has been identified.
- A high incidence of new malware that potentially can cause damage has been reported.
- Elevated
- An unpatched or recently patched vulnerability is present on many systems worldwide but requires user interaction to be exploited.
- An existing vulnerability becomes more serious because new exploit code has been published.
- There is new malware activity, but it is not widespread.
- Low
- There is no direct threat to systems that have been patched.
- No new significant malware activity has been reported.
