November 09 Patch Tuesday Detailed
Yesterday, the 9th of November, Redmond-based software giant Microsoft released updates for the Windows operating system and for the Microsoft Office productivity suite. The only thing we’ve known until now is that the Patch Tuesday release was made up of 6 security bulletins (3 critical and 3 important) that addressed a total of 15 vulnerabilities.
Actually we did know a bit more than that. We knew that bulletins 1 through 3 apply to the Microsoft developed Windows operating system. The vulnerabilities are critical; they allow for remote code execution. After the update has been applied, the user has to restart the PC. Bulletin 4 also affects the Windows OS, but is rated as important (denial of service). It too requires a restart. Bulletins 5 and 6 are rated important, allow for remote code execution, require restart and apply to Microsoft Office. We also knew that none of the 6 bulletins applied to Windows 7.
Now that the Patch Tuesday release has come and gone, Microsoft has made public a few more details about the 6 security bulletins. Here they are:
MS09-063
Critical vulnerability in Web Services on Devices API on the Windows operating system. The vulnerability, if exploited by someone with malicious intent, could lead to remote code execution.
MS09-064
Critical vulnerability License Logging Server on Windows 2000. If a person with malicious intent sent a specially crafted network message to a computer running the License Logging Server, it could lead to remote code execution.
MS09-065
Critical and important vulnerabilities affecting the Windows Kernel-Mode Drivers. If a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font, it could lead to remote code execution (this is the most severe vulnerability).
MS09-066
Important vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could lead to denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests.
MS09-067
Important vulnerabilities in Microsoft Office Excel that could lead to remote code execution of the user would open a specially crafted Excel file.
MS09-068
Important vulnerability in Microsoft Office Word that could lead to remote code execution of the user were to open a specially crafted Word file.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the November 2009 Patch Tuesday update.
Additional details about the November 2009 Patch Tuesday are available here.
Actually we did know a bit more than that. We knew that bulletins 1 through 3 apply to the Microsoft developed Windows operating system. The vulnerabilities are critical; they allow for remote code execution. After the update has been applied, the user has to restart the PC. Bulletin 4 also affects the Windows OS, but is rated as important (denial of service). It too requires a restart. Bulletins 5 and 6 are rated important, allow for remote code execution, require restart and apply to Microsoft Office. We also knew that none of the 6 bulletins applied to Windows 7.
Now that the Patch Tuesday release has come and gone, Microsoft has made public a few more details about the 6 security bulletins. Here they are:
MS09-063
Critical vulnerability in Web Services on Devices API on the Windows operating system. The vulnerability, if exploited by someone with malicious intent, could lead to remote code execution.
MS09-064
Critical vulnerability License Logging Server on Windows 2000. If a person with malicious intent sent a specially crafted network message to a computer running the License Logging Server, it could lead to remote code execution.
MS09-065
Critical and important vulnerabilities affecting the Windows Kernel-Mode Drivers. If a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font, it could lead to remote code execution (this is the most severe vulnerability).
MS09-066
Important vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could lead to denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests.
MS09-067
Important vulnerabilities in Microsoft Office Excel that could lead to remote code execution of the user would open a specially crafted Excel file.
MS09-068
Important vulnerability in Microsoft Office Word that could lead to remote code execution of the user were to open a specially crafted Word file.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the November 2009 Patch Tuesday update.
Additional details about the November 2009 Patch Tuesday are available here.
