November 09 Patch Tuesday Detailed
Article by George Norman
On 11 Nov 2009
Yesterday, the 9th of November, Redmond-based software giant Microsoft released updates for the Windows operating system and for the Microsoft Office productivity suite. The only thing we’ve known until now is that the Patch Tuesday release was made up of 6 security bulletins (3 critical and 3 important) that addressed a total of 15 vulnerabilities.

Actually we did know a bit more than that. We knew that bulletins 1 through 3 apply to the Microsoft developed Windows operating system. The vulnerabilities are critical; they allow for remote code execution. After the update has been applied, the user has to restart the PC. Bulletin 4 also affects the Windows OS, but is rated as important (denial of service). It too requires a restart. Bulletins 5 and 6 are rated important, allow for remote code execution, require restart and apply to Microsoft Office. We also knew that none of the 6 bulletins applied to Windows 7.

Advertising

Now that the Patch Tuesday release has come and gone, Microsoft has made public a few more details about the 6 security bulletins. Here they are:

MS09-063
Critical vulnerability in Web Services on Devices API on the Windows operating system. The vulnerability, if exploited by someone with malicious intent, could lead to remote code execution.

MS09-064
Critical vulnerability License Logging Server on Windows 2000. If a person with malicious intent sent a specially crafted network message to a computer running the License Logging Server, it could lead to remote code execution.

MS09-065
Critical and important vulnerabilities affecting the Windows Kernel-Mode Drivers. If a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font, it could lead to remote code execution (this is the most severe vulnerability).

MS09-066
Important vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could lead to denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests.

MS09-067
Important vulnerabilities in Microsoft Office Excel that could lead to remote code execution of the user would open a specially crafted Excel file.

MS09-068
Important vulnerability in Microsoft Office Word that could lead to remote code execution of the user were to open a specially crafted Word file.

The Microsoft Security Response Center (MSRC) has provided these visual representations of the November 2009 Patch Tuesday update.





Additional details about the November 2009 Patch Tuesday are available here.



Tags: Microsoft, Patch Tuesday, Update, Windows, Office
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 07 Jun 2017
Yes, I know that the global PC market is in a downwards spiral for its nth quarter and that mobile usage is on the rise. Still, I argue that a desktop PC is better than all the other alternatives.
By George Norman on 31 May 2017
Having lots of devices connected to your network and the internet isn't a problem, as long as you keep the bad guys out of the picture. That’s crucial, because they'll exploit any vulnerability that they can find.
By George Norman on 24 Jul 2017
As someone who has been using Firefox day-to-day for a very – VERY – long time, I’ve grown to know a lot about Mozilla’s web browser. As such, I thought it a good idea to share part of my knowledge with you and highlight 10 tips & tricks that I’m sure you’ll find very useful.
By George Norman on 26 Jul 2017
Top-notch real-time protection against viruses doesn’t have to cost money, not if you go with the recently introduced Kaspersky Free antivirus solution. It may not come with a lot of bells and whistles, but it nicely covers all the basics and...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
November 09 Patch Tuesday Detailed
HTML Linking Code