length: 00:06:46

only 2 bulletins: remote exec

last week out of cycle: MS08-067

MS08-069: ms xml, critical, remote execution, malicious webpage/open email

MS08-068: SMB credential vulnerability, potentially could lead to remote exec, user has to connect to attacker SM, replay the credential to user syste to execute code back in user machine.