Microsoft Security Bulletin Summary for February 2009

Published: February 10 2009

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms09-feb.mspx


Critical
Cumulative Security Update for Internet Explorer (961260)
http://www.microsoft.com/technet/security/Bulletin/MS09-002.mspx


Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
http://www.microsoft.com/technet/security/bulletin/MS09-003.mspx



Important
Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx

Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
http://www.microsoft.com/technet/security/bulletin/MS09-005.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information About Microsoft February Security Bulletins (Level 200)
Event ID: 1032395122

Language(s): English.
Product(s): Security.
Audience(s): IT Professional.

Duration: 90 Minutes
Start Date: Wednesday, February 11, 2009 11:00 AM Pacific Time (US & Canada)

Event Overview

On February, 11, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the February security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenter: Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

View other sessions from: Security360: Learn Best Practices to Guide Your Security Strategy.


If you have questions or feedback, contact us.

Register now for the February security bulletin webcast.

 

Malicious Software Removal Tool
Published: January 11, 2005 | Updated: February 10, 2009
New Additions
We have added detection and cleaning capabilities for the following malicious software:

• Srizbi

http://go.microsoft.com/fwlink/?LinkId=37020&Name=Trojan:Win32/Srizbi.gen


http://www.microsoft.com/security/malwareremove/default.mspx

 

Microsoft Security Advisory Notification - February 10, 2009

***********************************************
Title: Microsoft Security Advisory Notification
Issued: February 10, 2009
***********************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (961040)
- Title: Vulnerability in SQL Server Could Allow
Remote Code Execution
http://www.microsoft.com/technet/security/advisory/961040.mspx

- Revision Note: V2.0 (February 10, 2009): Advisory updated
to reflect publication of security bulletin.

* Microsoft Security Advisory (960715)
- Title: Update Rollup for ActiveX Kill Bits
http://www.microsoft.com/technet/security/advisory/960715.mspx
- Revision Note: Advisory published.

 

Microsoft Security Bulletin Re-Releases - Feb. 16, 2009

**********************************************
Title: Microsoft Security Bulletin Re-Releases
Issued: February 16, 2009
**********************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS09-003 - Critical

Bulletin Information:
=====================

* MS09-003 - Critical
http://www.microsoft.com/technet/security/bulletin/ms09-003.mspx

- Reason for Revision: V2.0 (February 16, 2009): Added the
Microsoft Exchange Server MAPI Client as affected software.
Also, added several entries to the section, Frequently Asked
Questions (FAQ) Related to This Security Update, relating to
updating the MAPI Client and the Exchange System Management
tools. No other update packages are affected by this
re-release. Customers running all other supported and
affected versions of Microsoft Exchange Server who have
already successfully applied the original security update
packages do not need to take any further action.
- Originally posted: February 10, 2009
- Updated: February 16, 2009
- Bulletin Severity Rating: Critical
- Version: 2.0

 

Microsoft Security Bulletin Minor Revisions - Feb 16, 2009

**************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: February 16, 2009
**************************************************

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS09-002 - Critical

Bulletin Information:
=====================

* MS09-002 - Critical

http://www.microsoft.com/technet/security/bulletin/ms09-002.mspx
- Reason for Revision: V1.1 (February 16, 2009): Added a link to
Microsoft Knowledge Base Article 961260 under Known Issues in
the Executive Summary.
- Originally posted: February 10, 2009
- Updated: February 16, 2009
- Bulletin Severity Rating: Critical
- Version: 1.1