Microsoft Security Advisory (977544): Vulnerabilities in SMB Could Allow Denial of Service Revision Note: V1.0 (November 13, 2009): Advisory published.Summary: Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol. This vulnerability cannot be used to take control of or install malicious software on a user’s system. However, Microsoft is aware that detailed exploit code has been published for the vulnerability. Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
Thu, 12 Nov 2009 08:00:00 GMT
MS09-065 - Critical: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) - Version:1.1 Severity Rating: Critical - Revision Note: V1.1 (November 12, 2009): Added a link to Microsoft Knowledge Base Article 969947 under Known Issues in the Executive Summary.Summary: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site.
Tue, 10 Nov 2009 08:00:00 GMT
Microsoft Security Bulletin Summary for September 2009 Revision Note: V3.0 (November 10, 2009): Added JScript 5.7 on Microsoft Windows 2000 Service Pack 4 to the Affected Software table for MS09-045.Summary: This bulletin summary lists security bulletins released for September 2009.
Tue, 10 Nov 2009 08:00:00 GMT
Microsoft Security Bulletin Summary for October 2009 Revision Note: V4.0 (November 10, 2009): Bulletin revised to communicate the rerelease of the update for Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 in MS09-051 to fix a detection issue. This is a detection change only; there were no changes to the binaries. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This bulletin summary lists security bulletins released for October 2009.
MS09-068 - Important: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) - Version:1.0 Severity Rating: Important - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 10 Nov 2009 08:00:00 GMT
MS09-067 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) - Version:1.0 Severity Rating: Important - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 10 Nov 2009 08:00:00 GMT
MS09-066 - Important: Vulnerability in Active Directory Could Allow Denial of Service (973309) - Version:1.0 Severity Rating: Important - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS.
Tue, 10 Nov 2009 08:00:00 GMT
MS09-064 - Critical: Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) - Version:1.0 Severity Rating: Critical - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.
Tue, 10 Nov 2009 08:00:00 GMT
MS09-063 - Critical: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) - Version:1.0 Severity Rating: Critical - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. This security update is rated Critical for all supported editions of Windows Vista and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.
Tue, 10 Nov 2009 08:00:00 GMT
MS09-051 - Critical: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) - Version:2.0 Severity Rating: Critical - Revision Note: V2.0 (November 10, 2009): Bulletin revised to communicate the rerelease of the update for Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 to fix a detection issue. This is a detection change only; there were no changes to the binaries. Customers who have successfully updated their systems do not need to reinstall this update. Also corrected the registry key verification for DirectShow WMA Voice Codec on Windows Server 2003.Summary: This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 10 Nov 2009 08:00:00 GMT
MS09-045 - Critical: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961) - Version:2.0 Severity Rating: Critical - Revision Note: V2.0 (November 10, 2009): Added JScript 5.7 on Microsoft Windows 2000 Service Pack 4 (KB975542) to the Affected Software table and the Security Update Deployment section.Summary: This security update resolves a privately reported vulnerability in the JScript scripting engine that could allow remote code execution if a user opened a specially crafted file or visited a specially crafted Web site and invoked a malformed script. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Wed, 04 Nov 2009 08:00:00 GMT
Microsoft Security Bulletin Summary for October 2009 Revision Note: V3.1 (November 4, 2009): Removed erroneous references to Microsoft Office Visio Viewer 2007 as affected software in MS09-060 and MS09-062.Summary: This bulletin summary lists security bulletins released for October 2009.
Wed, 04 Nov 2009 08:00:00 GMT
MS09-062 - Critical: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) - Version:2.1 Severity Rating: Critical - Revision Note: V2.1 (November 4, 2009): Removed erroneous references to Microsoft Office Visio Viewer 2007 as affected software; corrected the setup switches for Microsoft .NET Framework 1.1 and Microsoft .NET Framework 2.0; clarified the entry, " If I have an installation of SQL Server, how am I affected?" in the FAQ section; and corrected the removal information for Microsoft Windows 2000.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Wed, 04 Nov 2009 08:00:00 GMT
MS09-061 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378) - Version:1.2 Severity Rating: Critical - Revision Note: V1.2 (November 4, 2009): Added an entry to the Frequently Asked Questions (FAQ) Related to This Security Update section to explain this revision. Customers who have successfully installed this update do not need to reinstall.Summary: This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in persuading a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing it, as could be the case in a Web hosting scenario. Microsoft .NET applications, Silverlight applications, XBAPs and ASP.NET pages that are not malicious are not at risk of being compromised because of this vulnerability.
Will open a new window (pop-up)