Microsoft Security Bulletins for June 2009
Microsoft has released ten (10) security bulletins for June 2009
- MS09-018 - Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)
- MS09-019 - Cumulative Security Update for Internet Explorer (969897)
- MS09-020 - Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
- MS09-021 - Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
- MS09-022 - Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
- MS09-023 - Vulnerability in Windows Search Could Allow Information Disclosure (963093)
- MS09-024 - Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)
- MS09-025 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)
- MS09-026 - Vulnerability in RPC Could Allow Elevation of Privilege (970238)
- MS09-027 - Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)
They also re-released Security Bulletin:
- MS09-017 - Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340) - V2.0 (June 9, 2009): Bulletin rereleased to provide security update packages for Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac, Open XML File Format Converter for Mac, Microsoft Works 8.5, and Microsoft Works 9. Customers who currently have this software installed need to apply this update immediately.
Note that Microsoft has not release a security bulletin or security update for Vulnerability in Microsoft DirectShow (Security Advisory – 971778). Windows XP, Windows 2000 and Windows Server 2003 are affected by the said vulnerability in DirectShow. Use the provided Fix It Solution or work-around to help protect your systems.
Security Bulletin summary is at:
For IT Pro: http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx
For Home users: http://www.microsoft.com/protect/computer/updates/bulletins/200906.mspx
The Microsoft Security Response Center (MSRC) blog: http://blogs.technet.com/msrc/archive/2009/06/09/june-2009-bulletin-release.aspx
Microsoft Security Research & Defense blog: http://blogs.technet.com/srd/default.aspx
You might want to use Microsoft Baseline Security Analyzer (MBSA) to scan for missing security updates and common security misconfigurations.
Please do not download security updates from other sources (email, other website). It’s recommended to get them via Microsoft Update, Windows Update or Office Update website only. You can also get the updates via Automatic Update feature in Windows. Other sources of security updates is in Microsoft Download Center and Microsoft Update Catalog.