Issued: October 21, 2009 Summary The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details. * MS09-061 - Critical * MS09-060 - Critical Bulletin Information: * MS09-061 - Critical - http://www.microsoft.com/technet/security/bulletin/ms09-061.mspx - Reason for Revision: V1.1 (October 21, 2009): Corrected the deployment information for Microsoft .NET Framework on all supported releases of Microsoft Windows. This is an informational change

Oracle has released its Critical Patch Update for October 2009 to address 38 vulnerabilities across several products. This update contains the following security fixes: 16 for the Oracle Database 3 for the Oracle Application Server 8 for the Oracle E-Business Suite and Applications 4 for the Oracle PeopleSoft and JD Edwards Suite 6 for the Oracle BEA Products Suite 1 for the Oracle Industry Applications Products Suite US-CERT encourages users and administrators to review the October Critical Patch

Issued: October 19, 2009 Summary The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details. * MS09-054 - Critical * MS09-053 - Important Bulletin Information: * MS09-054 - Critical - http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx - Reason for Revision: V1.2 (October 19, 2009): Added a link to Microsoft Knowledge Base Article 974455 under Known Issues in the Executive Summary. - Originally posted: October 13, 2009 - Updated

Issued: October 19, 2009 Summary The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details. * MS09-053 - Important Bulletin Information: * MS09-053 - Important - http://www.microsoft.com/technet/security/bulletin/ms09-053.mspx - Reason for Revision: V1.1 (October 19, 2009): Removed the acknowledgments section. Corrected the affected software and severity tables to reclassify Windows XP Professional x64 Edition Service Pack 2 as running

Issued: October 18, 2009 Summary The following bulletin has undergone a minor revision increment. * MS09-054 - Critical Bulletin Information: * MS09-054 - Critical - http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx - Reason for Revision: V1.1 (October 18, 2009): Revised the Executive Summary and added FAQ entries for CVE-2009-2529 to provide direction for Firefox users. - Originally posted: October 13, 2009 - Updated: October 18, 2009 - Bulletin Severity Rating: Critical - Version

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new wave of malicious attacks claiming to be an update for Microsoft Outlook Web Access (OWA). Victims receive a message leading to a site to apply mailbox settings which were supposedly changed due to a "security upgrade." The especially dangerous thing about these messages is that they are very deceiving. The messages and attack pages are personalized for the To: email address to imply the message is being

Issued: October 14, 2009 Security Advisory Updated or Released Today * Microsoft Security Advisory (973811) - Title: Extended Protection for Authentication - http://www.microsoft.com/technet/security/advisory/973811.mspx - Revision Note: V1.1 (October 14, 2009): Updated the FAQ with information about a non-security update included in MS09-054 relating to WinINET.

Issued: October 14, 2009 Summary The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details. * MS09-062 - Critical * MS09-059 - Important * MS09-055 - Critical * MS09-051 - Critical * MS09-050 - Critical * MS09-046 - Critical Bulletin Information: * MS09-062 - Critical - http://www.microsoft.com/technet/security/bulletin/ms09-062.mspx - Reason for Revision: V1.1 (October 14, 2009): Added Microsoft SQL Server 2005 Express Edition Service

Issued: October 13, 2009 Summary The following bulletin has undergone a minor revision increment. * MS09-024 - Critical Bulletin Information: * MS09-024 - Critical - http://www.microsoft.com/technet/security/bulletin/ms09-024.mspx - Reason for Revision: V1.1 (October 13, 2009): Bulletin revised to announce the addition of language localizations to the update for Works 9. Customers who have already successfully applied the original update to Works 9 are not affected by this revision. - Originally

Issued: October 13, 2009 Security Advisories Updated or Released Today * Microsoft Security Advisory (975497) - Title: Vulnerabilities in SMB Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/advisory/975497.mspx - Revision Note: V2.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin. * Microsoft Security Advisory (975191) - Title: Vulnerabilities in the FTP Service in Internet Information Services - http://www.microsoft.com/technet/security