Microsoft Security Bulletin Summary for July 2009

[NICK ADSL UK]

Microsoft Security Bulletin Summary for july 2009

Microsoft Security Bulletin Summary for july 2009
Published: july 14 2009

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

http://www.microsoft.com/technet/sec.../ms09-jul.mspx

Critical (3)
Microsoft Security Bulletin MS09-032 - Critical
Cumulative Security Update of ActiveX Kill Bits (973346)
Published: July 14, 2009
http://www.microsoft.com/technet/sec.../MS09-032.mspx

Microsoft Security Bulletin MS09-029 - Critical
Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
Published: July 14, 2009
http://www.microsoft.com/technet/sec.../MS09-029.mspx

Microsoft Security Bulletin MS09-028 - Critical
Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)
Published: July 14, 2009
http://www.microsoft.com/technet/sec.../MS09-028.mspx


Important (3)

Microsoft Security Bulletin MS09-033 - Important
Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)
Published: July 14, 2009
http://www.microsoft.com/technet/sec.../MS09-033.mspx

Microsoft Security Bulletin MS09-031 - Important
Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953)
Published: July 14, 2009
http://www.microsoft.com/technet/sec.../MS09-031.mspx

Microsoft Security Bulletin MS09-030 - Important
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516)
Published: July 14, 2009
http://www.microsoft.com/technet/sec.../MS09-030.mspx
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

[NICK ADSL UK]

TechNet Webcast: Information About Microsoft July Security Bulletins (Level 200)
Event ID: 1032407482

Language(s): English.
Product(s): Security.
Audience(s): IT Professional.

Duration: 90 Minutes
Start Date: Wednesday, July 15, 2009 11:00 AM Pacific Time (US & Canada)

Event Overview

On July 15, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the July security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Christopher Budd, Trustworthy Computing Senior Public Relations Manager, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

Register now for the july security bulletin webcast.

[NICK ADSL UK]

Microsoft Windows Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
http://www.microsoft.com/downloads/d...displaylang=en

New Additions

We have added detection and cleaning capabilities for the following malicious software:

FakeSpypro
http://www.microsoft.com/security/po...2%2fFakeSpypro

[NICK ADSL UK]

Microsoft Security Advisory (973472)
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
Published: July 13, 2009 | Updated: July 23, 2009

http://www.microsoft.com/technet/sec...ry/973472.mspx

[NICK ADSL UK]

Microsoft Security Bulletin Minor Revisions - July 23, 2009

Title: Microsoft Security Bulletin Minor Revisions
Issued: July 23, 2009

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS09-032 - Critical
* MS09-016 - Important

Bulletin Information:


* MS09-032 - Critical-
Reason for Revision: V1.2 (July 23, 2009): Clarified the FAQ
about Microsoft-specific kill bits contained in this update.
- Originally posted: July 14, 2009
- Updated: July 23, 2009
- Bulletin Severity Rating: Critical
- Version: 1.2
http://www.microsoft.com/technet/sec.../ms09-032.mspx


* MS09-016 - Important

- Reason for Revision: V1.2 (July 23, 2009): Added a link to
Microsoft Knowledge Base Article 961759 under Known Issues in
the Executive Summary.
- Originally posted: April 14, 2009
- Updated: July 23, 2009
- Bulletin Severity Rating: Important
- Version: 1.2
http://www.microsoft.com/technet/sec.../ms09-016.mspx

[NICK ADSL UK]

MS Out-of-Band Security Bulletin Summary for July 28, 2009

Microsoft Security Bulletin Summary for July 2009
Published: July 28, 2009

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://www.microsoft.com/technet/sec.../ms09-jul.mspx

Critical (1)

Microsoft Security Bulletin MS09-034 - Critical
Cumulative Security Update for Internet Explorer (972260)
http://www.microsoft.com/technet/sec.../MS09-034.mspx

Moderate (1)
Microsoft Security Bulletin MS09-035 - Moderate
Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
http://www.microsoft.com/technet/sec.../MS09-035.mspx

[NICK ADSL UK]

Microsoft Security Bulletin MS09-034 - Critical
Cumulative Security Update for Internet Explorer (972260)
Published: July 28, 2009 | Updated: August 04, 2009

Version: 2.0
http://www.microsoft.com/technet/sec.../ms09-034.mspx


Microsoft Security Bulletin MS09-035 - Moderate
Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
Published: July 28, 2009 | Updated: August 04, 2009

Version: 1.1
http://www.microsoft.com/technet/sec.../ms09-035.mspx