The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)
had issued an alert on a critical security vulnerability "Microsoft Security Update for September 2008"
today (10 September 2008). Companies and individuals should install the latest security
patch for their Microsoft Products.

1. Microsoft Windows Media Player Sampling Rate Vulnerability
2. Microsoft Products GDI+ Multiple Vulnerabilities
3. Microsoft Windows Media Encoder Buffer Overrun Vulnerability
4. Microsoft Office Uniform Resource Locator Validation Error Vulnerability

This security alert applies to
- Microsoft Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Internet Explorer 6
- Windows Media Player 11
- Windows Media Encoder 9 Series
- Microsoft Office XP
- Microsoft Office 2003
- 2007 Microsoft Office System
- Microsoft Visio 2002
- Microsoft Office PowerPoint Viewer 2003
- Microsoft Works 8
- Microsoft Digital Image Suite 2006
- SQL Server 2000 Reporting Services
- SQL Server 2005
- Microsoft .NET Framework 1.0
- Microsoft .NET Framework 1.1
- Microsoft .NET Framework 2.0
- Microsoft Visual Studio .NET 2002
- Microsoft Visual Studio .NET 2003
- Microsoft Visual Studio 2005
- Microsoft Visual Studio 2008
- Microsoft Report Viewer 2005
- Microsoft Report Viewer 2008
- Microsoft Visual FoxPro 8.0
- Microsoft Platform SDK Redistributable: GDI+
- Microsoft Forefront Client Security 1.0

An attacker could exploit the vulnerabilities may be available to
remote execution of arbitrary code.

Please read the following URL for more details.
http://www.hkcert.org/english/salert/index.html

Users are cautioned to patch all their systems up-to-date from time to time.

For enquiries and incident reporting, please contact

Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

If you have any questions or suggestions, please contact us at:
Tel: (852) 8105 6060
Fax: (852) 8105 9760
E-mail: hkcert@hkcert.org