Home > Microsoft Security > Microsoft Security Bulletin January 2009

Microsoft Security Bulletin January 2009

This update applies, with the same severity rating, to supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, whether or not installed using the Server Core installation Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you This documentation is archived and is not being maintained. V2.0 (January 21, 2010): Added Microsoft Security Bulletin MS10-002, Cumulative Update for Internet Explorer (978207). his comment is here

Bulletin IDBulletin TitleCVE IDExploitability Index AssessmentKey Notes MS09-028 Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633) CVE-2009-1537 1 - Consistent exploit code likely This vulnerability is currently being exploited Non-Security, High-Priority Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose.

The vulnerability could allow elevation of privilege if a user logs on to a system and runs a specially crafted application. Moderate Elevation of PrivilegeRequires restartMicrosoft Windows Exploitability Index The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. For supported editions of Windows Server 2008, this update applies, with the same severity rating, whether or not Windows Server 2008 was installed using the Server Core installation option. There is no charge for support calls that are associated with security updates.

  1. Built at 2014-04-18T13:49:36Z-07:00 Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful?
  2. For more information see the TechNet Update Management Center.
  3. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Eiram of Secunia for reporting an issue described in MS09-062 Support The affected software listed have been tested to determine which versions are affected. SMS 2.0 users can also use the Software Updates Services Feature Pack to help deploy security updates. For details on affected software, see the next section, Affected Software and Download Locations. Microsoft Security Bulletin Summary for April 2009 Published: April 14, 2009 | Updated: April 16, 2009 Version: 1.1 This bulletin summary lists security bulletins released for April 2009.

Most exploit code will yield inconsistent results. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification. The content you requested has been removed. You can also subscribe without commenting.

IT Pro Security Community Learn to improve security and optimize your IT infrastructure, and participate with other IT Pros on security topics in IT Pro Security Community. For more information, see Microsoft Knowledge Base Article 910723. Microsoft Office Suites and Software Microsoft Office Suites, Systems, and Components Bulletin Identifier MS09-030 Aggregate Severity Rating Important 2007 Microsoft Office System Service Pack 1 Microsoft Office Publisher 2007 Service Pack Security updates are also available at the Microsoft Download Center.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. Finally, security updates can be downloaded from the Microsoft Update Catalog. Microsoft Security Response Center (MSRC) blogView MSRC webcasts, posts, and Q&A for insights on bulletins and advisories. Notes for MS09-062 See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier.

For more information about the Microsoft Update Catalog, see the Microsoft Update Catalog FAQ. this content This bulletin spans more than one software category. Use this table to learn about the likelihood of functioning exploit code being released within 30 days of security bulletin release, for each of the security updates that you may need For more information, see About Microsoft Office Update: Frequently Asked Questions.

International customers can receive support from their local Microsoft subsidiaries. To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners listed in Microsoft Active Protections Program (MAPP) Partners. The attacker must be able to run code on the local machine in order to exploit this vulnerability. weblink We appreciate your feedback.

Microsoft Security Bulletin Summary for January 2009 Published: January 13, 2009 Version: 1.0 This bulletin summary lists security bulletins released for January 2009. Includes all Windows content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS09-035 Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706) CVE-2009-2493 1 - Consistent exploit code likelyFunctional code execution is easy and reliable. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Security TechCenter > Security Updates > Microsoft Security Bulletins Microsoft Security BulletinsUpcoming ReleaseMicrosoft security bulletins are released on the second Tuesday of each month.Latest Release Find the latest Microsoft security bulletinsGet How do I use these tables?

By searching using the security bulletin number (such as, "MS07-036"), you can add all of the applicable updates to your basket (including different languages for an update), and download to the Customers in the U.S. for reporting an issue described in MS09-013 Aviv Raff for reporting an issue described in MS09-014 Michal Zalewski of Google Inc. http://supportcanonprinter.com/microsoft-security/microsoft-security-bulletin-august-2016.html Updates from Past Months for Windows Server Update Services.

Note You may have to install several security updates for a single vulnerability. for reporting an issue described in MS09-014 ADLab of VenusTech for reporting an issue described in MS09-014 Aviv Raff for reporting an issue described in MS09-015 New York State Chief Information For details on affected software, see the next section, Affected Software and Download Locations. International customers can receive support from their local Microsoft subsidiaries.

Other versions are past their support life cycle. MS09-060 Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965) CVE-2009-2495 3 - Functioning exploit code unlikelyThis is an information disclosure vulnerability. Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry. With the release of the bulletins for April 2009, this bulletin summary replaces the bulletin advance notification originally issued April 9, 2009.

In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation Detection and Deployment Guidance Microsoft provides detection and deployment guidance for security updates. Administrators can use the Elevated Rights Deployment Tool (available in the SMS 2003 Administration Feature Pack and in the SMS 2.0 Administration Feature Pack) to install these updates. Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft

Consumers can visit Security At Home, where this information is also available by clicking “Latest Security Updates”. To determine whether active protections are available from security software providers, please visit the active protections Web sites provided by program partners, listed in Microsoft Active Protections Program (MAPP) Partners. Updates for consumer platforms are available from Microsoft Update. Non-Security, High-Priority Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services