November 09 Patch Tuesday Detailed
Yesterday, the 9th of November, Redmond-based software giant Microsoft released updates for the Windows operating system and for the Microsoft Office productivity suite. The only thing we’ve known until now is that the Patch Tuesday release was made up of 6 security bulletins (3 critical and 3 important) that addressed a total of 15 vulnerabilities.
Actually we did know a bit more than that. We knew that bulletins 1 through 3 apply to the Microsoft developed Windows operating system. The vulnerabilities are critical; they allow for remote code execution. After the update has been applied, the user has to restart the PC. Bulletin 4 also affects the Windows OS, but is rated as important (denial of service). It too requires a restart. Bulletins 5 and 6 are rated important, allow for remote code execution, require restart and apply to Microsoft Office. We also knew that none of the 6 bulletins applied to Windows 7.
Now that the Patch Tuesday release has come and gone, Microsoft has made public a few more details about the 6 security bulletins. Here they are:
MS09-063
Critical vulnerability in Web Services on Devices API on the Windows operating system. The vulnerability, if exploited by someone with malicious intent, could lead to remote code execution.
MS09-064
Critical vulnerability License Logging Server on Windows 2000. If a person with malicious intent sent a specially crafted network message to a computer running the License Logging Server, it could lead to remote code execution.
MS09-065
Critical and important vulnerabilities affecting the Windows Kernel-Mode Drivers. If a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font, it could lead to remote code execution (this is the most severe vulnerability).
MS09-066
Important vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could lead to denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests.
MS09-067
Important vulnerabilities in Microsoft Office Excel that could lead to remote code execution of the user would open a specially crafted Excel file.
MS09-068
Important vulnerability in Microsoft Office Word that could lead to remote code execution of the user were to open a specially crafted Word file.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the November 2009 Patch Tuesday update.
Additional details about the November 2009 Patch Tuesday are available here.
Tags: Microsoft, Patch Tuesday, Update, Windows, Office
Actually we did know a bit more than that. We knew that bulletins 1 through 3 apply to the Microsoft developed Windows operating system. The vulnerabilities are critical; they allow for remote code execution. After the update has been applied, the user has to restart the PC. Bulletin 4 also affects the Windows OS, but is rated as important (denial of service). It too requires a restart. Bulletins 5 and 6 are rated important, allow for remote code execution, require restart and apply to Microsoft Office. We also knew that none of the 6 bulletins applied to Windows 7.
Advertising
Now that the Patch Tuesday release has come and gone, Microsoft has made public a few more details about the 6 security bulletins. Here they are:
MS09-063
Critical vulnerability in Web Services on Devices API on the Windows operating system. The vulnerability, if exploited by someone with malicious intent, could lead to remote code execution.
MS09-064
Critical vulnerability License Logging Server on Windows 2000. If a person with malicious intent sent a specially crafted network message to a computer running the License Logging Server, it could lead to remote code execution.
MS09-065
Critical and important vulnerabilities affecting the Windows Kernel-Mode Drivers. If a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font, it could lead to remote code execution (this is the most severe vulnerability).
MS09-066
Important vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could lead to denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests.
MS09-067
Important vulnerabilities in Microsoft Office Excel that could lead to remote code execution of the user would open a specially crafted Excel file.
MS09-068
Important vulnerability in Microsoft Office Word that could lead to remote code execution of the user were to open a specially crafted Word file.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the November 2009 Patch Tuesday update.
Additional details about the November 2009 Patch Tuesday are available here.
Tags: Microsoft, Patch Tuesday, Update, Windows, Office
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.
By George Norman on 09 Feb 2012
Redmond-based software giant Microsoft is giving all US residents the chance to win a Pink Sony VAIO Y laptop (ARV $6,000) as part of a Valentine’s Day SweepstakesRelated News
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.
By George Norman on 13 Dec 2011
Tuesday, the 13th of December, is December 2011 Patch Tuesday, the last Patch Tuesday of the year. This December Microsoft will release a total of 14 security bulletins to its customers.
By George Norman on 06 Jan 2012
On the 10th of January 2012, Microsoft will release seven security bulletins as part of its Patch Tuesday program. The aforementioned bulletins are meant to address a total of 8 vulnerabilities that plague the Microsoft Windows operating system and
By George Norman on 05 Jan 2012
To welcome in a new year, Microsoft has a pleasant surprise for all Office 2010 users out there: some very nice photo calendars have been released to the publicAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
November 09 Patch Tuesday Detailed
HTML Linking Code
HTML Linking Code