LanGuard reports



Supported Microsoft Security Bulletins


More information on 2009 updates



Bulletin ID:
MS09-074
Title:
Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)
Update Type:
Security Update
Severity:
Critical
Date:
2009-12-08
Description:
This security update resolves a privately reported vulnerability in Microsoft Office Project. The vulnerability could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0102
Included Updates:
961079
961082
967183
Applies to:
Office 2002/XP
Office 2003

Bulletin ID:
MS09-073
Title:
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
Update Type:
Security Update
Severity:
Important
Date:
2009-12-08
Description:
This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.
Vulnerabilities:
CVE-2009-2506
Included Updates:
973904
974882
975008
975051
975539
977304
Applies to:
Microsoft Works 8
Office 2002/XP
Office 2003
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-071
Title:
Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)
Update Type:
Security Update
Severity:
Critical
Date:
2009-12-08
Description:
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if messages received by the Internet Authentication Service server are copied incorrectly into memory when handling PEAP authentication attempts. On Windows Server 2008, the Internet Authentication Service is replaced by Network Policy Server (NPS). An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. Servers using Internet Authentication Service or Network Policy Server are only affected when using PEAP with MS-CHAP v2 authentication.
Vulnerabilities:
CVE-2009-2505
CVE-2009-3677
Included Updates:
974318
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-070
Title:
Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
Update Type:
Security Update
Severity:
Important
Date:
2009-12-08
Description:
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server. An attacker would need to be an authenticated user in order to exploit either of these vulnerabilities.
Vulnerabilities:
CVE-2009-2508
CVE-2009-2509
Included Updates:
971726
Applies to:
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008

Bulletin ID:
MS09-069
Title:
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
Update Type:
Security Update
Severity:
Important
Date:
2009-12-08
Description:
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a remote, authenticated attacker, while communicating through Internet Protocol security (IPsec), sends a specially crafted ISAKMP message to the Local Security Authority Subsystem Service (LSASS) on an affected system.
Vulnerabilities:
CVE-2009-3675
Included Updates:
974392
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS08-037
Title:
Vulnerabilities in DNS Could Allow Spoofing (953230)
Update Type:
Security Update
Severity:
Important
Date:
2009-12-08
Description:
This security update resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.
Vulnerabilities:
CVE-2008-1447
CVE-2008-1454
Included Updates:
951746
951748
953230
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS08-076
Title:
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
Update Type:
Security Update
Severity:
Important
Date:
2009-11-24
Description:
This security update resolves two privately reported vulnerabilities in the following Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. The most severe vulnerability could allow remote code execution. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2008-3009
CVE-2008-3010
Included Updates:
952068
952069
954600
959807
972187
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-068
Title:
Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)
Update Type:
Security Update
Severity:
Important
Date:
2009-11-10
Description:
This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-3135
Included Updates:
973443
973444
973866
976307
Applies to:
Office 2002/XP
Office 2003

Bulletin ID:
MS09-067
Title:
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)
Update Type:
Security Update
Severity:
Important
Date:
2009-11-10
Description:
This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-3127
CVE-2009-3128
CVE-2009-3129
CVE-2009-3130
CVE-2009-3131
CVE-2009-3132
CVE-2009-3133
CVE-2009-3134
Included Updates:
972652
973471
973475
973484
973593
973704
973707
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-066
Title:
Vulnerability in Active Directory Could Allow Denial of Service (973309)
Update Type:
Security Update
Severity:
Important
Date:
2009-11-10
Description:
This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS.
Vulnerabilities:
CVE-2009-1928
Included Updates:
973037
973039
973309
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-065
Title:
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site.
Vulnerabilities:
CVE-2009-1127
CVE-2009-2513
CVE-2009-2514
Included Updates:
969947
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-064
Title:
Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.
Vulnerabilities:
CVE-2009-2523
Included Updates:
974783
Applies to:
Windows 2000

Bulletin ID:
MS09-063
Title:
Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability.
Vulnerabilities:
CVE-2009-2512
Included Updates:
973565
Applies to:
Windows Server 2008
Windows Vista

Bulletin ID:
MS09-051
Title:
Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0555
CVE-2009-2525
Included Updates:
954155
969878
975025
975682
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-045
Title:
Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves a privately reported vulnerability in the JScript scripting engine that could allow remote code execution if a user opened a specially crafted file or visited a specially crafted Web site and invoked a malformed script. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-1920
Included Updates:
971961
975542
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS08-070
Title:
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files. These vulnerabilities could allow remote code execution if a user browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2008-3704
CVE-2008-4252
CVE-2008-4253
CVE-2008-4254
CVE-2008-4255
CVE-2008-4256
Included Updates:
932349
949045
949046
957797
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS08-069
Title:
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
Update Type:
Security Update
Severity:
Critical
Date:
2009-11-10
Description:
This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2007-0099
CVE-2008-4029
CVE-2008-4033
Included Updates:
951535
951550
951597
954430
954459
955069
955218
Applies to:
Office 2003
Office 2007
Windows 2000
Windows 7
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Server 2008 R2
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-043
Title:
Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)
Update Type:
Security Update
Severity:
Critical
Date:
2009-10-27
Description:
This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0562
CVE-2009-1136
CVE-2009-1534
CVE-2009-2496
Included Updates:
947318
947319
947320
947826
957638
968377
971388
Applies to:
Acceleration Server 2004
Acceleration Server 2006
BizTalk Server 2002
Internet Security
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-062
Title:
Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)
Update Type:
Security Update
Severity:
Critical
Date:
2009-10-13
Description:
This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-2500
CVE-2009-2501
CVE-2009-2502
CVE-2009-2503
CVE-2009-2504
CVE-2009-2518
CVE-2009-2528
CVE-2009-3126
Included Updates:
957488
958869
970892
970894
970895
970896
970899
971023
971108
971110
971111
971117
971118
971119
972221
972222
972580
972581
973636
974811
975365
975962
Applies to:
Forefront Client Security
Microsoft Works 8
Office 2002/XP
Office 2003
Office 2007
Report Viewer 2005
Report Viewer 2008
SQL Server 2000
SQL Server 2005
Visual Studio 2005
Visual Studio 2008
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-059
Title:
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)
Update Type:
Security Update
Severity:
Important
Date:
2009-10-13
Description:
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sent a maliciously crafted packet during the NTLM authentication process.
Vulnerabilities:
CVE-2009-2524
Included Updates:
975467
Applies to:
Windows 7
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Server 2008 R2
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-058
Title:
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
Update Type:
Security Update
Severity:
Important
Date:
2009-10-13
Description:
This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logged on to the system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.
Vulnerabilities:
CVE-2009-2515
CVE-2009-2516
CVE-2009-2517
Included Updates:
971486
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-057
Title:
Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
Update Type:
Security Update
Severity:
Important
Date:
2009-10-13
Description:
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker set up a malicious Web page that invokes the Indexing Service through a call to its ActiveX component. This call could include a malicious URL and exploit the vulnerability, granting the attacker access to the client system with the privileges of the user browsing the Web page. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-2507
Included Updates:
969059
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-056
Title:
Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
Update Type:
Security Update
Severity:
Important
Date:
2009-10-13
Description:
This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow spoofing if an attacker gains access to the certificate used by the end user for authentication.
Vulnerabilities:
CVE-2009-2510
CVE-2009-2511
Included Updates:
974571
Applies to:
Windows 2000
Windows 7
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Server 2008 R2
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-053
Title:
Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
Update Type:
Security Update
Severity:
Important
Date:
2009-10-13
Description:
This security update resolves two publicly disclosed vulnerabilities in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, Microsoft Internet Information Services (IIS) 6.0, and Microsoft Internet Information Services (IIS) 7.0. On IIS 7.0, only FTP Service 6.0 is affected. The vulnerabilities could allow remote code execution (RCE) on systems running FTP Service on IIS 5.0, or denial of service (DoS) on systems running FTP Service on IIS 5.0, IIS 5.1, IIS 6.0 or IIS 7.0.
Vulnerabilities:
CVE-2009-2521
CVE-2009-3023
Included Updates:
975254
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-052
Title:
Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
Update Type:
Security Update
Severity:
Critical
Date:
2009-10-13
Description:
This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if a specially crafted ASF file is played using Microsoft Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-2527
Included Updates:
974112
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-050
Title:
Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
Update Type:
Security Update
Severity:
Critical
Date:
2009-10-13
Description:
This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Vulnerabilities:
CVE-2009-2526
CVE-2009-2532
CVE-2009-3103
Included Updates:
975517
Applies to:
Windows Server 2008
Windows Vista

Bulletin ID:
MS08-055
Title:
Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
Update Type:
Security Update
Severity:
Critical
Date:
2009-10-13
Description:
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2008-3007
Included Updates:
950130
951944
953404
955047
Applies to:
Office 2003
Office 2007

Bulletin ID:
MS09-047
Title:
Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812)
Update Type:
Security Update
Severity:
Critical
Date:
2009-09-22
Description:
This security update resolves two privately reported vulnerabilities in Windows Media Format. Either vulnerability could allow remote code execution if a user opened a specially crafted media file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-2498
CVE-2009-2499
Included Updates:
968816
972554
973812
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-049
Title:
Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710)
Update Type:
Security Update
Severity:
Critical
Date:
2009-09-08
Description:
This security update resolves a privately reported vulnerability in Wireless LAN AutoConfig Service. The vulnerability could allow remote code execution if a client or server with a wireless network interface enabled receives specially crafted wireless frames. Systems without a wireless card enabled are not at risk from this vulnerability.
Vulnerabilities:
CVE-2009-1132
Included Updates:
970710
Applies to:
Windows Server 2008
Windows Vista

Bulletin ID:
MS09-048
Title:
Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)
Update Type:
Security Update
Severity:
Critical
Date:
2009-09-08
Description:
This security update resolves several privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. The vulnerabilities could allow remote code execution if an attacker sent specially crafted TCP/IP packets over the network to a computer with a listening service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Vulnerabilities:
CVE-2008-4609
CVE-2009-1925
CVE-2009-1926
Included Updates:
967723
Applies to:
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista

Bulletin ID:
MS09-046
Title:
Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844)
Update Type:
Security Update
Severity:
Critical
Date:
2009-09-08
Description:
This security update resolves a privately reported vulnerability in the DHTML Editing Component ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-2519
Included Updates:
956844
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-044
Title:
Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)
Update Type:
Security Update
Severity:
Critical
Date:
2009-09-08
Description:
This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-1133
CVE-2009-1929
Included Updates:
956744
958469
958470
958471
970927
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-037
Title:
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
Update Type:
Security Update
Severity:
Critical
Date:
2009-09-08
Description:
This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2008-0015
CVE-2008-0020
CVE-2009-0901
CVE-2009-2493
CVE-2009-2494
Included Updates:
973354
973507
973540
973768
973815
973869
973908
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-036
Title:
Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)
Update Type:
Security Update
Severity:
Important
Date:
2009-08-25
Description:
This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.NET is configured to use integrated mode on affected versions of Microsoft Windows. An attacker could create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted. Customers who are running IIS 7.0 application pools in classic mode are not affected by this vulnerability.
Vulnerabilities:
CVE-2009-1536
Included Updates:
970957
972591
972592
972593
972594
Applies to:
Windows Server 2008
Windows Vista

Bulletin ID:
MS09-029
Title:
Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
Update Type:
Security Update
Severity:
Critical
Date:
2009-08-25
Description:
This security update resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0231
CVE-2009-0232
Included Updates:
961371
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-042
Title:
Vulnerability in Telnet Could Allow Remote Code Execution (960859)
Update Type:
Security Update
Severity:
Important
Date:
2009-08-11
Description:
This security update resolves a publicly disclosed vulnerability in the Microsoft Telnet service. The vulnerability could allow an attacker to obtain credentials and then use them to log back into affected systems. The attacker would then acquire user rights on a system identical to the user rights of the logged-on user. This scenario could ultimately result in remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-1930
Included Updates:
960859
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-041
Title:
Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
Update Type:
Security Update
Severity:
Important
Date:
2009-08-11
Description:
This security update resolves a privately reported vulnerability in the Windows Workstation Service. The vulnerability could allow elevation of privilege if an attacker created a specially crafted RPC message and sent the message to an affected system. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to a vulnerable system in order to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.
Vulnerabilities:
CVE-2009-1544
Included Updates:
971657
Applies to:
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-040
Title:
Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)
Update Type:
Security Update
Severity:
Important
Date:
2009-08-11
Description:
This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue.
Vulnerabilities:
CVE-2009-1922
Included Updates:
971032
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-039
Title:
Vulnerabilities in WINS Could Allow Remote Code Execution (969883)
Update Type:
Security Update
Severity:
Critical
Date:
2009-08-11
Description:
This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue.
Vulnerabilities:
CVE-2009-1923
CVE-2009-1924
Included Updates:
969883
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition

Bulletin ID:
MS09-038
Title:
Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)
Update Type:
Security Update
Severity:
Critical
Date:
2009-08-11
Description:
This security update resolves two privately reported vulnerabilities in Windows Media file processing. Either vulnerability could allow remote code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-1545
CVE-2009-1546
Included Updates:
971557
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-035
Title:
Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
Update Type:
Security Update
Severity:
Moderate
Date:
2009-08-03
Description:
This security update addresses several privately reported vulnerabilities in the public versions of the Microsoft Active Template Library (ATL) included with Visual Studio. This security update is specifically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin and follow the guidance provided to create, and distribute to their customers, components and controls that are not vulnerable to the vulnerabilities described in this security bulletin.
Vulnerabilities:
CVE-2009-0901
CVE-2009-2493
CVE-2009-2495
Included Updates:
969706
971090
971091
971092
973673
973674
973675
973830
973923
973924
Applies to:
Visual Studio 2005
Visual Studio 2008

Bulletin ID:
MS09-031
Title:
Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953)
Update Type:
Security Update
Severity:
Important
Date:
2009-07-14
Description:
This security update resolves a privately reported vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2006. The vulnerability could allow elevation of privilege if an attacker successfully impersonates an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation.
Vulnerabilities:
CVE-2009-1135
Included Updates:
970811
970953
971143
Applies to:
Acceleration Server 2006
Internet Security

Bulletin ID:
MS09-030
Title:
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516)
Update Type:
Security Update
Severity:
Important
Date:
2009-07-14
Description:
This security update resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0566
Included Updates:
969516
969693
Applies to:
Office 2007

Bulletin ID:
MS09-028
Title:
Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)
Update Type:
Security Update
Severity:
Critical
Date:
2009-07-14
Description:
This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-1537
CVE-2009-1538
CVE-2009-1539
Included Updates:
971633
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-027
Title:
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)
Update Type:
Security Update
Severity:
Critical
Date:
2009-07-14
Description:
This security update resolves two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited either vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Vulnerabilities:
CVE-2009-0563
CVE-2009-0565
Included Updates:
969514
969602
969603
969604
969613
969614
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-026
Title:
Vulnerability in RPC Could Allow Elevation of Privilege (970238)
Update Type:
Security Update
Severity:
Important
Date:
2009-06-09
Description:
This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately. The vulnerability could allow an attacker to execute arbitrary code and take complete control of an affected system. Supported editions of Microsoft Windows are not delivered with any RPC servers or clients that are subject to exploitation of this vulnerability. In a default configuration, users could not be attacked by exploitation of this vulnerability. However, the vulnerability is present in the Microsoft Windows RPC runtime and could affect third-party RPC applications.
Vulnerabilities:
CVE-2009-0568
Included Updates:
970238
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-025
Title:
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)
Update Type:
Security Update
Severity:
Important
Date:
2009-06-09
Description:
This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege. An attacker who successfully exploited any of these vulnerabilities could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.
Vulnerabilities:
CVE-2009-1123
CVE-2009-1124
CVE-2009-1125
CVE-2009-1126
Included Updates:
968537
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-024
Title:
Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)
Update Type:
Security Update
Severity:
Critical
Date:
2009-06-09
Description:
This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-1533
Included Updates:
957632
957646
967043
967044
968326
969559
Applies to:
Microsoft Works 8
Microsoft Works 9
Office 2002/XP
Office 2007
Works 6-9 Converter

Bulletin ID:
MS09-023
Title:
Vulnerability in Windows Search Could Allow Information Disclosure (963093)
Update Type:
Security Update
Severity:
Moderate
Date:
2009-06-09
Description:
This security update resolves a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results. By default, the Windows Search component is not preinstalled on Microsoft Windows XP and Windows Server 2003. It is an optional component available for download. Windows Search installed on supported editions of Windows Vista and Windows Server 2008 is not affected by this vulnerability.
Vulnerabilities:
CVE-2009-0239
Included Updates:
963093
Applies to:
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-022
Title:
Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
Update Type:
Security Update
Severity:
Critical
Date:
2009-06-09
Description:
This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Vulnerabilities:
CVE-2009-0228
CVE-2009-0229
CVE-2009-0230
Included Updates:
961501
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-021
Title:
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
Update Type:
Security Update
Severity:
Critical
Date:
2009-06-09
Description:
This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Vulnerabilities:
CVE-2009-0549
CVE-2009-0557
CVE-2009-0558
CVE-2009-0559
CVE-2009-0560
CVE-2009-0561
CVE-2009-1134
Included Updates:
969462
969679
969680
969681
969682
969685
969686
969737
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-020
Title:
Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
Update Type:
Security Update
Severity:
Important
Date:
2009-06-09
Description:
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.
Vulnerabilities:
CVE-2009-1122
CVE-2009-1535
Included Updates:
970483
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-018
Title:
Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)
Update Type:
Security Update
Severity:
Critical
Date:
2009-06-09
Description:
This security update resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Vulnerabilities:
CVE-2009-1138
CVE-2009-1139
Included Updates:
969805
970437
971055
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-003
Title:
Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
Update Type:
Security Update
Severity:
Critical
Date:
2009-05-26
Description:
This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding.
Vulnerabilities:
CVE-2009-0098
CVE-2009-0099
Included Updates:
959239
959241
959897
Applies to:
Exchange 2000 Server
Exchange Server 2003
Exchange Server 2007

Bulletin ID:
MS07-026
Title:
Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)
Update Type:
Security Update
Severity:
Critical
Date:
2009-05-26
Description:
This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
Vulnerabilities:
CVE-2007-0039
CVE-2007-0213
CVE-2007-0220
CVE-2007-0221
Included Updates:
931832
935490
Applies to:
Exchange 2000 Server
Exchange Server 2003
Exchange Server 2007

Bulletin ID:
MS09-017
Title:
Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340)
Update Type:
Security Update
Severity:
Critical
Date:
2009-05-12
Description:
This security update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0220
CVE-2009-0221
CVE-2009-0222
CVE-2009-0223
CVE-2009-0224
CVE-2009-0225
CVE-2009-0226
CVE-2009-0227
CVE-2009-0556
CVE-2009-1128
CVE-2009-1129
CVE-2009-1130
CVE-2009-1131
CVE-2009-1137
Included Updates:
957781
957784
957789
967340
969615
969618
970059
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-008
Title:
Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)
Update Type:
Security Update
Severity:
Important
Date:
2009-05-12
Description:
This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.
Vulnerabilities:
CVE-2009-0093
CVE-2009-0094
CVE-2009-0233
CVE-2009-0234
Included Updates:
961063
961064
962238
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008

Bulletin ID:
MS07-040
Title:
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
Update Type:
Security Update
Severity:
Critical
Date:
2009-05-07
Description:
This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2006-7192
CVE-2007-0041
CVE-2007-0042
CVE-2007-0043
Included Updates:
928365
928366
928367
929729
929916
930494
931212
933854
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-012
Title:
Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
Update Type:
Security Update
Severity:
Important
Date:
2009-04-29
Description:
This security update resolves four publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker is allowed to log on to the system and then run a specially crafted application. The attacker must be able to run code on the local machine in order to exploit this vulnerability. An attacker who successfully exploited any of these vulnerabilities could take complete control over the affected system.
Vulnerabilities:
CVE-2008-1436
CVE-2009-0078
CVE-2009-0079
CVE-2009-0080
Included Updates:
952004
956572
959454
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-016
Title:
Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)
Update Type:
Security Update
Severity:
Important
Date:
2009-04-14
Description:
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE). These vulnerabilities could allow denial of service if an attacker sends specially crafted network packets to the affected system, or information disclosure or spoofing if a user clicks on a malicious URL or visits a Web site that contains content controlled by the attacker.
Vulnerabilities:
CVE-2009-0077
CVE-2009-0237
Included Updates:
960995
961759
968075
968078
Applies to:
Acceleration Server 2004
Acceleration Server 2006
Forefront TMG MBE
Internet Security

Bulletin ID:
MS09-015
Title:
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
Update Type:
Security Update
Severity:
Moderate
Date:
2009-04-14
Description:
This security update resolves a publicly disclosed vulnerability in the Windows SearchPath function that could allow elevation of privilege if a user downloaded a specially crafted file to a specific location, then opened an application that could load the file under certain circumstances.
Vulnerabilities:
CVE-2008-2540
Included Updates:
959426
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-013
Title:
Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
Update Type:
Security Update
Severity:
Critical
Date:
2009-04-14
Description:
This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft Windows HTTP Services (WinHTTP). The most severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0086
CVE-2009-0089
CVE-2009-0550
Included Updates:
960803
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-011
Title:
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
Update Type:
Security Update
Severity:
Critical
Date:
2009-04-14
Description:
This security update resolves a privately reported vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted MJPEG file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0084
Included Updates:
961373
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-010
Title:
Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
Update Type:
Security Update
Severity:
Critical
Date:
2009-04-14
Description:
This security update resolves two publicly disclosed vulnerabilities and two privately reported vulnerabilities in Microsoft WordPad and Microsoft Office text converters. The vulnerabilities could allow remote code execution if a specially crafted file is opened in WordPad or Microsoft Office Word. Do not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources using affected versions of WordPad or Microsoft Office Word.
Vulnerabilities:
CVE-2008-4841
CVE-2009-0087
CVE-2009-0088
CVE-2009-0235
Included Updates:
923561
933399
960476
960477
Applies to:
Office 2002/XP
Office 2003
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-009
Title:
Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
Update Type:
Security Update
Severity:
Critical
Date:
2009-04-14
Description:
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Office Excel. The vulnerabilities could allow remote code execution if the user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0100
CVE-2009-0238
Included Updates:
959988
959993
959995
959997
960000
960003
968557
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS07-055
Title:
Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)
Update Type:
Security Update
Severity:
Critical
Date:
2009-03-24
Description:
This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files. The vulnerability could allow an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2007-2217
Included Updates:
923810
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP

Bulletin ID:
MS09-007
Title:
Vulnerability in SChannel Could Allow Spoofing (960225)
Update Type:
Security Update
Severity:
Important
Date:
2009-03-10
Description:
This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means.
Vulnerabilities:
CVE-2009-0085
Included Updates:
960225
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS09-006
Title:
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
Update Type:
Security Update
Severity:
Critical
Date:
2009-03-10
Description:
This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system.
Vulnerabilities:
CVE-2009-0081
CVE-2009-0082
CVE-2009-0083
Included Updates:
958690
Applies to:
Windows 2000
Windows 7
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Server 2008 R2
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS08-072
Title:
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
Update Type:
Security Update
Severity:
Critical
Date:
2009-03-10
Description:
This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2008-4024
CVE-2008-4025
CVE-2008-4026
CVE-2008-4027
CVE-2008-4028
CVE-2008-4030
CVE-2008-4031
CVE-2008-4837
Included Updates:
956329
956357
956358
956366
956828
957173
959487
Applies to:
Microsoft Works 8
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-005
Title:
Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
Update Type:
Security Update
Severity:
Important
Date:
2009-02-10
Description:
This security update resolves three privately reported vulnerabilities in Microsoft Office Visio that could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities:
CVE-2009-0095
CVE-2009-0096
CVE-2009-0097
Included Updates:
955654
955655
957634
957831
Applies to:
Office 2002/XP
Office 2003
Office 2007

Bulletin ID:
MS09-004
Title:
Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
Update Type:
Security Update
Severity:
Important
Date:
2009-02-10
Description:
This security update resolves a privately reported vulnerability in Microsoft SQL Server. The vulnerability could allow remote code execution if untrusted users access an affected system or if a SQL injection attack occurs to an affected system. Systems with SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, and SQL Server 2008 are not affected by this issue.
Vulnerabilities:
CVE-2008-5416
Included Updates:
959420
960082
960083
960089
960090
Applies to:
SQL Server 2000
SQL Server 2005
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008

Bulletin ID:
MS09-001
Title:
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
Update Type:
Security Update
Severity:
Critical
Date:
2009-01-13
Description:
This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Vulnerabilities:
CVE-2008-4114
CVE-2008-4834
CVE-2008-4835
Included Updates:
958687
Applies to:
Windows 2000
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows Server 2008
Windows Vista
Windows XP
Windows XP x64 Edition

Bulletin ID:
MS08-066
Title:
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
Update Type:
Security Update
Severity:
Important
Date:
2009-01-13
Description:
This security update resolves a privately reported vulnerability in the Microsoft Ancillary Function Driver. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Vulnerabilities:
CVE-2008-3464
Included Updates:
956803
Applies to:
Windows Server 2003
Windows Server 2003, Datacenter Edition
Windows XP
Windows XP x64 Edition