Patchday Dezember 2009
Alert - Critical Product Vulnerability - December 2009 Microsoft Security Bulletin Release;
die Microsoft Security Bulletins für Dezember 2009 wurden gestern Abend veröffentlicht. Die Veröffentlichung der Bulletins ersetzt die Bulletin Advance Notification, die erstmalig am 03.12.09 bekanntgegeben wurde.
Weitere Infos findet Ihr hier...
_________________________________________
|
What is the purpose of this alert? |
This alert is to provide you with an overview of the new security bulletin(s) being released on December 08, 2009. Security bulletins are released monthly to resolve critical problem vulnerabilities.
We will also provide summary information on two new security advisories, a revised security bulletin, and a revised security advisory.
New Security Bulletins
Microsoft is releasing the following six new security bulletins for newly discovered vulnerabilities:
|
Bulletin ID |
Bulletin Title |
Max Severity Rating |
Vulnerability Impact |
Restart Requirement |
Affected Software* |
|
MS09-069 |
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392) |
Important |
Denial of Service |
Requires restart |
Microsoft Windows 2000, Windows XP, and Windows Server 2003 |
|
MS09-070 |
Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726) |
Important |
Remote Code Execution |
Requires restart |
Microsoft Windows Server 2003 and Windows Server 2008 |
|
MS09-071 |
Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318) |
Critical |
Remote Code Execution |
Requires restart |
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 |
|
MS09-072 |
Cumulative Security Update for Internet Explorer (976325) |
Critical |
Remote Code Execution |
Requires restart |
Internet Explorer on Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 |
|
MS09-073 |
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) |
Important |
Remote Code Execution |
Requires restart |
Microsoft Windows 2000, Windows XP, Windows Server 2003, Office XP, Office 2003, Works 8.5, and Office Converter Pack |
|
MS09-074 |
Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183) |
Critical |
Remote Code Execution |
May require restart |
Microsoft Project 2000, Project 2002, and Project 2003 |
|
* The list of affected software in the summary table is an abstract. To see the full list of affected components please click on the bulletin summary Web page link below and review the "Affected Software" section. |
Summaries for new bulletin(s) may be found at http://www.microsoft.com/technet/security/bulletin/MS09-dec.mspx.
Microsoft Windows Malicious Software Removal Tool
Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. NOTE: this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.
High Priority Non-Security Updates
High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199.
Werbung:
