Microsoft Security Bulletin Summary for April 2008

Published by

Microsoft has published the Microsoft Security Bulletin Summary for April 2008
This bulletin summary lists security bulletins released for April 2008.
With the release of the bulletins for April 2008, this bulletin summary replaces the bulletin advance notification originally issued April 3, 2008. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft is hosting a webcast to address customer questions on these bulletins on April 9, 2008, at 11:00 AM Pacific Time (US & Canada). Register now for the April Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

5 Critical

MS08-018 - Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
MS08-021 - Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
MS08-022 - Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
MS08-023 - Security Update of ActiveX Kill Bits (948881)
MS08-024 - Cumulative Security Update for Internet Explorer (947864)

3 Important

MS08-019 - Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
MS08-020 - Vulnerability in DNS Client Could Allow Spoofing (945553)
MS08-025 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)

>> Microsoft Security Bulletin Summary for April 2008