Bulletin ID: MS09-074 |
Title: Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-12-08 |
Description: This security update resolves a privately reported vulnerability in Microsoft Office Project. The vulnerability could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0102 |
Included Updates: 961079 961082 967183 |
Applies to: Office 2002/XP Office 2003 |
Bulletin ID: MS09-073 |
Title: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) |
Update Type: Security Update |
Severity: Important |
Date: 2009-12-08 |
Description: This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges. | ||||
Vulnerabilities: CVE-2009-2506 |
Included Updates: 973904 974882 975008 975051 975539 977304 |
Applies to: Microsoft Works 8 Office 2002/XP Office 2003 Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-071 |
Title: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-12-08 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if messages received by the Internet Authentication Service server are copied incorrectly into memory when handling PEAP authentication attempts. On Windows Server 2008, the Internet Authentication Service is replaced by Network Policy Server (NPS). An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. Servers using Internet Authentication Service or Network Policy Server are only affected when using PEAP with MS-CHAP v2 authentication. | ||||
Vulnerabilities: CVE-2009-2505 CVE-2009-3677 |
Included Updates: 974318 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-070 |
Title: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726) |
Update Type: Security Update |
Severity: Important |
Date: 2009-12-08 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server. An attacker would need to be an authenticated user in order to exploit either of these vulnerabilities. | ||||
Vulnerabilities: CVE-2009-2508 CVE-2009-2509 |
Included Updates: 971726 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 |
Bulletin ID: MS09-069 |
Title: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392) |
Update Type: Security Update |
Severity: Important |
Date: 2009-12-08 |
Description: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a remote, authenticated attacker, while communicating through Internet Protocol security (IPsec), sends a specially crafted ISAKMP message to the Local Security Authority Subsystem Service (LSASS) on an affected system. | ||||
Vulnerabilities: CVE-2009-3675 |
Included Updates: 974392 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS08-037 |
Title: Vulnerabilities in DNS Could Allow Spoofing (953230) |
Update Type: Security Update |
Severity: Important |
Date: 2009-12-08 |
Description: This security update resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. | ||||
Vulnerabilities: CVE-2008-1447 CVE-2008-1454 |
Included Updates: 951746 951748 953230 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows XP Windows XP x64 Edition |
Bulletin ID: MS08-076 |
Title: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) |
Update Type: Security Update |
Severity: Important |
Date: 2009-11-24 |
Description: This security update resolves two privately reported vulnerabilities in the following Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. The most severe vulnerability could allow remote code execution. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2008-3009 CVE-2008-3010 |
Included Updates: 952068 952069 954600 959807 972187 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-068 |
Title: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) |
Update Type: Security Update |
Severity: Important |
Date: 2009-11-10 |
Description: This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-3135 |
Included Updates: 973443 973444 973866 976307 |
Applies to: Office 2002/XP Office 2003 |
Bulletin ID: MS09-067 |
Title: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) |
Update Type: Security Update |
Severity: Important |
Date: 2009-11-10 |
Description: This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-3127 CVE-2009-3128 CVE-2009-3129 CVE-2009-3130 CVE-2009-3131 CVE-2009-3132 CVE-2009-3133 CVE-2009-3134 |
Included Updates: 972652 973471 973475 973484 973593 973704 973707 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-066 |
Title: Vulnerability in Active Directory Could Allow Denial of Service (973309) |
Update Type: Security Update |
Severity: Important |
Date: 2009-11-10 |
Description: This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. | ||||
Vulnerabilities: CVE-2009-1928 |
Included Updates: 973037 973039 973309 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-065 |
Title: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. | ||||
Vulnerabilities: CVE-2009-1127 CVE-2009-2513 CVE-2009-2514 |
Included Updates: 969947 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-064 |
Title: Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. | ||||
Vulnerabilities: CVE-2009-2523 |
Included Updates: 974783 |
Applies to: Windows 2000 |
Bulletin ID: MS09-063 |
Title: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. | ||||
Vulnerabilities: CVE-2009-2512 |
Included Updates: 973565 |
Applies to: Windows Server 2008 Windows Vista |
Bulletin ID: MS09-051 |
Title: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0555 CVE-2009-2525 |
Included Updates: 954155 969878 975025 975682 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-045 |
Title: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves a privately reported vulnerability in the JScript scripting engine that could allow remote code execution if a user opened a specially crafted file or visited a specially crafted Web site and invoked a malformed script. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-1920 |
Included Updates: 971961 975542 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS08-070 |
Title: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files. These vulnerabilities could allow remote code execution if a user browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2008-3704 CVE-2008-4252 CVE-2008-4253 CVE-2008-4254 CVE-2008-4255 CVE-2008-4256 |
Included Updates: 932349 949045 949046 957797 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS08-069 |
Title: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-11-10 |
Description: This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2007-0099 CVE-2008-4029 CVE-2008-4033 |
Included Updates: 951535 951550 951597 954430 954459 955069 955218 |
Applies to: Office 2003 Office 2007 Windows 2000 Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-043 |
Title: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-10-27 |
Description: This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0562 CVE-2009-1136 CVE-2009-1534 CVE-2009-2496 |
Included Updates: 947318 947319 947320 947826 957638 968377 971388 |
Applies to: Acceleration Server 2004 Acceleration Server 2006 BizTalk Server 2002 Internet Security Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-062 |
Title: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-10-13 |
Description: This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-2500 CVE-2009-2501 CVE-2009-2502 CVE-2009-2503 CVE-2009-2504 CVE-2009-2518 CVE-2009-2528 CVE-2009-3126 |
Included Updates: 957488 958869 970892 970894 970895 970896 970899 971023 971108 971110 971111 971117 971118 971119 972221 972222 972580 972581 973636 974811 975365 975962 |
Applies to: Forefront Client Security Microsoft Works 8 Office 2002/XP Office 2003 Office 2007 Report Viewer 2005 Report Viewer 2008 SQL Server 2000 SQL Server 2005 Visual Studio 2005 Visual Studio 2008 Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-059 |
Title: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467) |
Update Type: Security Update |
Severity: Important |
Date: 2009-10-13 |
Description: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sent a maliciously crafted packet during the NTLM authentication process. | ||||
Vulnerabilities: CVE-2009-2524 |
Included Updates: 975467 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-058 |
Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486) |
Update Type: Security Update |
Severity: Important |
Date: 2009-10-13 |
Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logged on to the system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. | ||||
Vulnerabilities: CVE-2009-2515 CVE-2009-2516 CVE-2009-2517 |
Included Updates: 971486 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-057 |
Title: Vulnerability in Indexing Service Could Allow Remote Code Execution (969059) |
Update Type: Security Update |
Severity: Important |
Date: 2009-10-13 |
Description: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker set up a malicious Web page that invokes the Indexing Service through a call to its ActiveX component. This call could include a malicious URL and exploit the vulnerability, granting the attacker access to the client system with the privileges of the user browsing the Web page. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-2507 |
Included Updates: 969059 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-056 |
Title: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571) |
Update Type: Security Update |
Severity: Important |
Date: 2009-10-13 |
Description: This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. | ||||
Vulnerabilities: CVE-2009-2510 CVE-2009-2511 |
Included Updates: 974571 |
Applies to: Windows 2000 Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-053 |
Title: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254) |
Update Type: Security Update |
Severity: Important |
Date: 2009-10-13 |
Description: This security update resolves two publicly disclosed vulnerabilities in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, Microsoft Internet Information Services (IIS) 6.0, and Microsoft Internet Information Services (IIS) 7.0. On IIS 7.0, only FTP Service 6.0 is affected. The vulnerabilities could allow remote code execution (RCE) on systems running FTP Service on IIS 5.0, or denial of service (DoS) on systems running FTP Service on IIS 5.0, IIS 5.1, IIS 6.0 or IIS 7.0. | ||||
Vulnerabilities: CVE-2009-2521 CVE-2009-3023 |
Included Updates: 975254 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-052 |
Title: Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-10-13 |
Description: This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if a specially crafted ASF file is played using Microsoft Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-2527 |
Included Updates: 974112 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-050 |
Title: Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-10-13 |
Description: This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. | ||||
Vulnerabilities: CVE-2009-2526 CVE-2009-2532 CVE-2009-3103 |
Included Updates: 975517 |
Applies to: Windows Server 2008 Windows Vista |
Bulletin ID: MS08-055 |
Title: Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-10-13 |
Description: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2008-3007 |
Included Updates: 950130 951944 953404 955047 |
Applies to: Office 2003 Office 2007 |
Bulletin ID: MS09-047 |
Title: Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-09-22 |
Description: This security update resolves two privately reported vulnerabilities in Windows Media Format. Either vulnerability could allow remote code execution if a user opened a specially crafted media file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-2498 CVE-2009-2499 |
Included Updates: 968816 972554 973812 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-049 |
Title: Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-09-08 |
Description: This security update resolves a privately reported vulnerability in Wireless LAN AutoConfig Service. The vulnerability could allow remote code execution if a client or server with a wireless network interface enabled receives specially crafted wireless frames. Systems without a wireless card enabled are not at risk from this vulnerability. | ||||
Vulnerabilities: CVE-2009-1132 |
Included Updates: 970710 |
Applies to: Windows Server 2008 Windows Vista |
Bulletin ID: MS09-048 |
Title: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-09-08 |
Description: This security update resolves several privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. The vulnerabilities could allow remote code execution if an attacker sent specially crafted TCP/IP packets over the network to a computer with a listening service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. | ||||
Vulnerabilities: CVE-2008-4609 CVE-2009-1925 CVE-2009-1926 |
Included Updates: 967723 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista |
Bulletin ID: MS09-046 |
Title: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-09-08 |
Description: This security update resolves a privately reported vulnerability in the DHTML Editing Component ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-2519 |
Included Updates: 956844 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-044 |
Title: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-09-08 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-1133 CVE-2009-1929 |
Included Updates: 956744 958469 958470 958471 970927 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-037 |
Title: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-09-08 |
Description: This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2008-0015 CVE-2008-0020 CVE-2009-0901 CVE-2009-2493 CVE-2009-2494 |
Included Updates: 973354 973507 973540 973768 973815 973869 973908 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-036 |
Title: Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957) |
Update Type: Security Update |
Severity: Important |
Date: 2009-08-25 |
Description: This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.NET is configured to use integrated mode on affected versions of Microsoft Windows. An attacker could create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted. Customers who are running IIS 7.0 application pools in classic mode are not affected by this vulnerability. | ||||
Vulnerabilities: CVE-2009-1536 |
Included Updates: 970957 972591 972592 972593 972594 |
Applies to: Windows Server 2008 Windows Vista |
Bulletin ID: MS09-029 |
Title: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-08-25 |
Description: This security update resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0231 CVE-2009-0232 |
Included Updates: 961371 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-042 |
Title: Vulnerability in Telnet Could Allow Remote Code Execution (960859) |
Update Type: Security Update |
Severity: Important |
Date: 2009-08-11 |
Description: This security update resolves a publicly disclosed vulnerability in the Microsoft Telnet service. The vulnerability could allow an attacker to obtain credentials and then use them to log back into affected systems. The attacker would then acquire user rights on a system identical to the user rights of the logged-on user. This scenario could ultimately result in remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-1930 |
Included Updates: 960859 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-041 |
Title: Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657) |
Update Type: Security Update |
Severity: Important |
Date: 2009-08-11 |
Description: This security update resolves a privately reported vulnerability in the Windows Workstation Service. The vulnerability could allow elevation of privilege if an attacker created a specially crafted RPC message and sent the message to an affected system. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to a vulnerable system in order to exploit this vulnerability. The vulnerability could not be exploited by anonymous users. | ||||
Vulnerabilities: CVE-2009-1544 |
Included Updates: 971657 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-040 |
Title: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) |
Update Type: Security Update |
Severity: Important |
Date: 2009-08-11 |
Description: This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue. | ||||
Vulnerabilities: CVE-2009-1922 |
Included Updates: 971032 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-039 |
Title: Vulnerabilities in WINS Could Allow Remote Code Execution (969883) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-08-11 |
Description: This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue. | ||||
Vulnerabilities: CVE-2009-1923 CVE-2009-1924 |
Included Updates: 969883 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition |
Bulletin ID: MS09-038 |
Title: Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-08-11 |
Description: This security update resolves two privately reported vulnerabilities in Windows Media file processing. Either vulnerability could allow remote code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-1545 CVE-2009-1546 |
Included Updates: 971557 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-035 |
Title: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706) |
Update Type: Security Update |
Severity: Moderate |
Date: 2009-08-03 |
Description: This security update addresses several privately reported vulnerabilities in the public versions of the Microsoft Active Template Library (ATL) included with Visual Studio. This security update is specifically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin and follow the guidance provided to create, and distribute to their customers, components and controls that are not vulnerable to the vulnerabilities described in this security bulletin. | ||||
Vulnerabilities: CVE-2009-0901 CVE-2009-2493 CVE-2009-2495 |
Included Updates: 969706 971090 971091 971092 973673 973674 973675 973830 973923 973924 |
Applies to: Visual Studio 2005 Visual Studio 2008 |
Bulletin ID: MS09-031 |
Title: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953) |
Update Type: Security Update |
Severity: Important |
Date: 2009-07-14 |
Description: This security update resolves a privately reported vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2006. The vulnerability could allow elevation of privilege if an attacker successfully impersonates an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. | ||||
Vulnerabilities: CVE-2009-1135 |
Included Updates: 970811 970953 971143 |
Applies to: Acceleration Server 2006 Internet Security |
Bulletin ID: MS09-030 |
Title: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516) |
Update Type: Security Update |
Severity: Important |
Date: 2009-07-14 |
Description: This security update resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0566 |
Included Updates: 969516 969693 |
Applies to: Office 2007 |
Bulletin ID: MS09-028 |
Title: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-07-14 |
Description: This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-1537 CVE-2009-1538 CVE-2009-1539 |
Included Updates: 971633 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-027 |
Title: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-07-14 |
Description: This security update resolves two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited either vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. | ||||
Vulnerabilities: CVE-2009-0563 CVE-2009-0565 |
Included Updates: 969514 969602 969603 969604 969613 969614 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-026 |
Title: Vulnerability in RPC Could Allow Elevation of Privilege (970238) |
Update Type: Security Update |
Severity: Important |
Date: 2009-06-09 |
Description: This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately. The vulnerability could allow an attacker to execute arbitrary code and take complete control of an affected system. Supported editions of Microsoft Windows are not delivered with any RPC servers or clients that are subject to exploitation of this vulnerability. In a default configuration, users could not be attacked by exploitation of this vulnerability. However, the vulnerability is present in the Microsoft Windows RPC runtime and could affect third-party RPC applications. | ||||
Vulnerabilities: CVE-2009-0568 |
Included Updates: 970238 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-025 |
Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537) |
Update Type: Security Update |
Severity: Important |
Date: 2009-06-09 |
Description: This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege. An attacker who successfully exploited any of these vulnerabilities could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. | ||||
Vulnerabilities: CVE-2009-1123 CVE-2009-1124 CVE-2009-1125 CVE-2009-1126 |
Included Updates: 968537 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-024 |
Title: Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-06-09 |
Description: This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-1533 |
Included Updates: 957632 957646 967043 967044 968326 969559 |
Applies to: Microsoft Works 8 Microsoft Works 9 Office 2002/XP Office 2007 Works 6-9 Converter |
Bulletin ID: MS09-023 |
Title: Vulnerability in Windows Search Could Allow Information Disclosure (963093) |
Update Type: Security Update |
Severity: Moderate |
Date: 2009-06-09 |
Description: This security update resolves a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results. By default, the Windows Search component is not preinstalled on Microsoft Windows XP and Windows Server 2003. It is an optional component available for download. Windows Search installed on supported editions of Windows Vista and Windows Server 2008 is not affected by this vulnerability. | ||||
Vulnerabilities: CVE-2009-0239 |
Included Updates: 963093 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-022 |
Title: Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-06-09 |
Description: This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. | ||||
Vulnerabilities: CVE-2009-0228 CVE-2009-0229 CVE-2009-0230 |
Included Updates: 961501 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-021 |
Title: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-06-09 |
Description: This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. | ||||
Vulnerabilities: CVE-2009-0549 CVE-2009-0557 CVE-2009-0558 CVE-2009-0559 CVE-2009-0560 CVE-2009-0561 CVE-2009-1134 |
Included Updates: 969462 969679 969680 969681 969682 969685 969686 969737 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-020 |
Title: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483) |
Update Type: Security Update |
Severity: Important |
Date: 2009-06-09 |
Description: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs. | ||||
Vulnerabilities: CVE-2009-1122 CVE-2009-1535 |
Included Updates: 970483 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-018 |
Title: Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-06-09 |
Description: This security update resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. | ||||
Vulnerabilities: CVE-2009-1138 CVE-2009-1139 |
Included Updates: 969805 970437 971055 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-003 |
Title: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-05-26 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding. | ||||
Vulnerabilities: CVE-2009-0098 CVE-2009-0099 |
Included Updates: 959239 959241 959897 |
Applies to: Exchange 2000 Server Exchange Server 2003 Exchange Server 2007 |
Bulletin ID: MS07-026 |
Title: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-05-26 |
Description: This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. | ||||
Vulnerabilities: CVE-2007-0039 CVE-2007-0213 CVE-2007-0220 CVE-2007-0221 |
Included Updates: 931832 935490 |
Applies to: Exchange 2000 Server Exchange Server 2003 Exchange Server 2007 |
Bulletin ID: MS09-017 |
Title: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-05-12 |
Description: This security update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0220 CVE-2009-0221 CVE-2009-0222 CVE-2009-0223 CVE-2009-0224 CVE-2009-0225 CVE-2009-0226 CVE-2009-0227 CVE-2009-0556 CVE-2009-1128 CVE-2009-1129 CVE-2009-1130 CVE-2009-1131 CVE-2009-1137 |
Included Updates: 957781 957784 957789 967340 969615 969618 970059 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-008 |
Title: Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238) |
Update Type: Security Update |
Severity: Important |
Date: 2009-05-12 |
Description: This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. | ||||
Vulnerabilities: CVE-2009-0093 CVE-2009-0094 CVE-2009-0233 CVE-2009-0234 |
Included Updates: 961063 961064 962238 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 |
Bulletin ID: MS07-040 |
Title: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-05-07 |
Description: This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2006-7192 CVE-2007-0041 CVE-2007-0042 CVE-2007-0043 |
Included Updates: 928365 928366 928367 929729 929916 930494 931212 933854 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-012 |
Title: Vulnerabilities in Windows Could Allow Elevation of Privilege (959454) |
Update Type: Security Update |
Severity: Important |
Date: 2009-04-29 |
Description: This security update resolves four publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker is allowed to log on to the system and then run a specially crafted application. The attacker must be able to run code on the local machine in order to exploit this vulnerability. An attacker who successfully exploited any of these vulnerabilities could take complete control over the affected system. | ||||
Vulnerabilities: CVE-2008-1436 CVE-2009-0078 CVE-2009-0079 CVE-2009-0080 |
Included Updates: 952004 956572 959454 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-016 |
Title: Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759) |
Update Type: Security Update |
Severity: Important |
Date: 2009-04-14 |
Description: This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE). These vulnerabilities could allow denial of service if an attacker sends specially crafted network packets to the affected system, or information disclosure or spoofing if a user clicks on a malicious URL or visits a Web site that contains content controlled by the attacker. | ||||
Vulnerabilities: CVE-2009-0077 CVE-2009-0237 |
Included Updates: 960995 961759 968075 968078 |
Applies to: Acceleration Server 2004 Acceleration Server 2006 Forefront TMG MBE Internet Security |
Bulletin ID: MS09-015 |
Title: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426) |
Update Type: Security Update |
Severity: Moderate |
Date: 2009-04-14 |
Description: This security update resolves a publicly disclosed vulnerability in the Windows SearchPath function that could allow elevation of privilege if a user downloaded a specially crafted file to a specific location, then opened an application that could load the file under certain circumstances. | ||||
Vulnerabilities: CVE-2008-2540 |
Included Updates: 959426 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-013 |
Title: Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-04-14 |
Description: This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft Windows HTTP Services (WinHTTP). The most severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0086 CVE-2009-0089 CVE-2009-0550 |
Included Updates: 960803 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-011 |
Title: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-04-14 |
Description: This security update resolves a privately reported vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted MJPEG file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0084 |
Included Updates: 961373 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-010 |
Title: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-04-14 |
Description: This security update resolves two publicly disclosed vulnerabilities and two privately reported vulnerabilities in Microsoft WordPad and Microsoft Office text converters. The vulnerabilities could allow remote code execution if a specially crafted file is opened in WordPad or Microsoft Office Word. Do not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources using affected versions of WordPad or Microsoft Office Word. | ||||
Vulnerabilities: CVE-2008-4841 CVE-2009-0087 CVE-2009-0088 CVE-2009-0235 |
Included Updates: 923561 933399 960476 960477 |
Applies to: Office 2002/XP Office 2003 Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-009 |
Title: Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-04-14 |
Description: This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Office Excel. The vulnerabilities could allow remote code execution if the user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0100 CVE-2009-0238 |
Included Updates: 959988 959993 959995 959997 960000 960003 968557 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS07-055 |
Title: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-03-24 |
Description: This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files. The vulnerability could allow an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2007-2217 |
Included Updates: 923810 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP |
Bulletin ID: MS09-007 |
Title: Vulnerability in SChannel Could Allow Spoofing (960225) |
Update Type: Security Update |
Severity: Important |
Date: 2009-03-10 |
Description: This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means. | ||||
Vulnerabilities: CVE-2009-0085 |
Included Updates: 960225 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS09-006 |
Title: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-03-10 |
Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system. | ||||
Vulnerabilities: CVE-2009-0081 CVE-2009-0082 CVE-2009-0083 |
Included Updates: 958690 |
Applies to: Windows 2000 Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS08-072 |
Title: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-03-10 |
Description: This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2008-4024 CVE-2008-4025 CVE-2008-4026 CVE-2008-4027 CVE-2008-4028 CVE-2008-4030 CVE-2008-4031 CVE-2008-4837 |
Included Updates: 956329 956357 956358 956366 956828 957173 959487 |
Applies to: Microsoft Works 8 Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-005 |
Title: Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634) |
Update Type: Security Update |
Severity: Important |
Date: 2009-02-10 |
Description: This security update resolves three privately reported vulnerabilities in Microsoft Office Visio that could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2009-0095 CVE-2009-0096 CVE-2009-0097 |
Included Updates: 955654 955655 957634 957831 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS09-004 |
Title: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) |
Update Type: Security Update |
Severity: Important |
Date: 2009-02-10 |
Description: This security update resolves a privately reported vulnerability in Microsoft SQL Server. The vulnerability could allow remote code execution if untrusted users access an affected system or if a SQL injection attack occurs to an affected system. Systems with SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, and SQL Server 2008 are not affected by this issue. | ||||
Vulnerabilities: CVE-2008-5416 |
Included Updates: 959420 960082 960083 960089 960090 |
Applies to: SQL Server 2000 SQL Server 2005 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 |
Bulletin ID: MS09-001 |
Title: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) |
Update Type: Security Update |
Severity: Critical |
Date: 2009-01-13 |
Description: This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. | ||||
Vulnerabilities: CVE-2008-4114 CVE-2008-4834 CVE-2008-4835 |
Included Updates: 958687 |
Applies to: Windows 2000 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS08-066 |
Title: Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803) |
Update Type: Security Update |
Severity: Important |
Date: 2009-01-13 |
Description: This security update resolves a privately reported vulnerability in the Microsoft Ancillary Function Driver. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. | ||||
Vulnerabilities: CVE-2008-3464 |
Included Updates: 956803 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |