Jump to content


Photo

MS Security Bulletin Summary - December 2009


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,570 posts

Posted 08 December 2009 - 01:28 PM

FYI...

- http://www.microsoft...n/MS09-dec.mspx
December 08, 2009 - "This bulletin summary lists security bulletins released for December 2009..." (Total of -6-)

Critical -3-

Microsoft Security Bulletin MS09-071 - Critical
Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)
- http://www.microsoft...n/MS09-071.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-074 - Critical
Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)
- http://www.microsoft...n/MS09-074.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office

Microsoft Security Bulletin MS09-072 - Critical
Cumulative Security Update for Internet Explorer (976325)
- http://www.microsoft...n/MS09-072.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows ...
Revisions:
• V1.0 (December 8, 2009): Bulletin published.
• V1.1 (December 9, 2009): Corrected a reference to Microsoft Knowledge Base Article 976749 in the section, Frequently Asked Questions (FAQ) Related to This Security Update. Also corrected, in the Security Update Deployment section, the registry key for verification of the update for Internet Explorer 7 for all supported x64-based editions of Windows XP.

Important -3-

Microsoft Security Bulletin MS09-069 - Important
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
- http://www.microsoft...n/MS09-069.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Denial of Service
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-070 - Important
Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
- http://www.microsoft...n/MS09-070.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-073 - Important
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
- http://www.microsoft...n/MS09-073.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows, Microsoft Office
___

Severity and Exploitability Index
- http://blogs.technet...6/original.aspx
December 08, 2009

Deployment priority
- http://blogs.technet...7/original.aspx
December 08, 2009
___

MSRT
- http://support.micro...om/?kbid=890830
December 8, 2009 - Revision: 67.0
(Recent additions)
Win32/FakeScanti - October 2009 (V 3.0) Moderate
Win32/FakeVimes - November 2009 (V 3.1) Moderate
Win32/PrivacyCenter - November 2009 (V 3.1) Moderate
Win32/Hamweq - December 2009 (V 3.2) Moderate
___

ISC Analysis
- http://isc.sans.org/...ml?storyid=7711
Last Updated: 2009-12-10 19:42:30 UTC
___

Microsoft Office Project Memory Validation Vuln
- http://secunia.com/advisories/37588/2/
... Original Advisory: http://www.microsoft...n/MS09-074.mspx
___

Microsoft WordPad / Office Text Converters Memory Corruption Vuln
- http://secunia.com/advisories/37580/2/
... Original Advisory: http://www.microsoft...n/MS09-073.mspx
___

Internet Explorer multiple vulns
- http://secunia.com/advisories/37448/2/
... Original Advisory: http://www.microsoft...n/MS09-072.mspx
___

Microsoft Windows Internet Authentication Service Vuln
- http://secunia.com/advisories/37579/2/
... Original Advisory: http://www.microsoft...n/MS09-071.mspx

Microsoft Windows MS-CHAP Authentication Bypass
- http://secunia.com/advisories/37543/2/
... Original Advisory: http://www.microsoft...n/MS09-071.mspx
___

Microsoft Windows Local Security Authority Subsystem DoS
- http://secunia.com/advisories/37524/2/
... Original Advisory: http://www.microsoft...n/MS09-069.mspx
___

Edited by apluswebmaster, 13 December 2009 - 07:26 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,570 posts

Posted 10 December 2009 - 05:19 PM

Also now showing up at the MS Update site:

AppCompat update for Indeo codec
- http://support.microsoft.com/kb/955759
December 9, 2009 - Revision: 3.0
- http://web.nvd.nist....d=CVE-2009-4311
- http://web.nvd.nist....d=CVE-2009-4310
Last revised: 12/15/2009

Extended Protection for Authentication in Microsoft Windows HTTP Services (WinHTTP)
- http://support.microsoft.com/kb/971737
December 8, 2009 - Revision: 1.0

Extended Protection for Authentication in the HTTP Protocol Stack (http.sys)
- http://support.microsoft.com/kb/970430
December 8, 2009 - Revision: 1.0

:question: :question: :question:

Edited by apluswebmaster, 23 December 2009 - 05:15 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button