MVP Jubo Security Blog

The Blog

Recent Posts

Tags

News

  • Kim's Journal
    My wife's blog, the "alternative" truth...


    MVPs
    2003 - 2004 - 2005 - 2006 - 2007 - 2008 - 2009


    Jubo





    Locations of visitors to this page

Community

Email Notifications

MVP Sites

Microsoft Links

Blogs

Security Forums

Microsoft Blogs

Archives

October 2009 - Posts

Microsoft Security Bulletin Summary for October 2009

Yes, it has been a while but have been on a trip to Europe and visited family. In the meantime Microsoft released a big security update for patch Tuesday earlier this month. There are 8 "critical" and 5 rated as "Important". There can be more when you check for them depending on the configuration of your computer. Here's the list:

Critical:

  • MS09-050 - Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
  • MS09-051 - Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
  • MS09-052 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
  • MS09-054 - Cumulative Security Update for Internet Explorer (974455)
  • MS09-055 - Cumulative Security Update of ActiveX Kill Bits (973525)
  • MS09-060 - Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
  • MS09-061 - Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)
  • MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Important:

  • MS09-053 - Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
  • MS09-056 - Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
  • MS09-057 - Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
  • MS09-058 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
  • MS09-059 - Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft's Security Updates website.

See also the MSRC blog: October 2009 Security Bulletin Release. And the Security Research and Defense blog for additional technical information on these updates.

Even though this is a bit late, and I really hope you already have updated your computer(s). But if not then you know the drill! Point your mouse to the Microsoft Update website and start updating.

Have a wonderful day... From a Barnes & Noble Starbucks Cafe in the Evergreen State... 

 

Posted: Thu, Oct 22 2009 10:11 by jubo | with 1 comment(s)
Filed under: