Microsoft Security Bulletin Summary for May 2009

Microsoft Security Bulletin Summary for May 2009

Microsoft Security Bulletin Summary for May 2009
Published: May12 2009

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms09-may.mspx

Critical (1)

Microsoft Security Bulletin MS09-017 - Critical
Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340)
http://www.microsoft.com/technet/security/bulletin/ms09-017.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Families Cleaned by the Malicious Software Removal Tool
Additions Are Made Each Month to Address the Latest Threats
Published: April 12, 2005 | Updated: May 12, 2009


Run the tool from the Microsoft.com Web site, or download the tool and run it locally on your computer.

The Microsoft Windows Malicious Software Removal Tool removes specific, prevalent malicious software families from computers running compatible versions of Windows. Microsoft releases a new version of the tool on the second Tuesday of every month, and as needed to respond to security incidents.


New Malicious Software
The following malicious software was added this release. Click the name to learn more in our Malicious Software Encyclopedia.

• Winwebsec
http://www.microsoft.com/security/portal/Entry.aspx?name=Trojan:Win32/Winwebsec

• FakePowav
http://www.microsoft.com/security/portal/Entry.aspx?name=Trojan:Win32/FakePowav

 

TechNet Webcast: Information About Microsoft May Security Bulletins (Level 200)
Event ID: 1032395223

Language(s): English.
Product(s): Security.
Audience(s): IT Professional.

Duration: 90 Minutes
Start Date: Wednesday, May 13, 2009 11:00 AM Pacific Time (US & Canada)

Event Overview

On May, 13, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the May bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation and Jerry Bryant, Senior Security Program Manager, Microsoft Corporation

Register now for the May security bulletin webcast.

 

Microsoft Security Advisory Notification - May 12, 2009

Title: Microsoft Security Advisory Notification
Issued: May 12, 2009

==============================================

* Microsoft Security Advisory (969136)
- Title: Vulnerability in Microsoft Office PowerPoint
Could Allow Remote Code Execution

http://www.microsoft.com/technet/security/advisory/969136.mspx
- Revision Note: V2.0 (May 12, 2009): Advisory updated to
reflect publication of security bulletin

 

Microsoft Security Bulletin Major Revision - May 12, 2009

Title: Microsoft Security Bulletin Major Revision
Issued: May 12, 2009

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS09-008 - Important

Bulletin Information:
=====================

* MS09-008 - Important
http://www.microsoft.com/technet/security/bulletin/ms09-008.mspx

- Reason for Revision: V2.0 (May 12, 2009): Added an entry in the
section, Frequently Asked Questions (FAQ) Related to This
Security Update, explaining a detection change. As a result
of this change, the MS08-066 update may be offered to
affected systems running supported editions of Windows Server
2003 in a non-DNS server role. Microsoft recommends that
customers offered the MS08-066 update apply the update at the
earliest opportunity.
- Originally posted: March 10, 2009
- Updated: May 12, 2009- Bulletin Severity Rating: Important
- Version: 2.0

 

Microsoft Security Bulletin Minor Revisions - May 26, 2009

Title: Microsoft Security Bulletin Minor Revisions
Issued: May 26, 2009

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS07-026

Bulletin Information:
=====================

* MS07-026

http://www.microsoft.com/technet/security/bulletin/ms07-026.mspx
- Reason for Revision: V1.1 (May 26, 2009): Added an entry in the
section, Frequently Asked Questions (FAQ) Related to This
Security Update, to announce a detection change. The
detection no longer offers the MS06-019 and MS06-029 updates,
but instead will only offer MS07-026. There were no changes
to the binaries. Customers who have already successfully
installed the MS07-026 update do not need to reinstall.
- Originally posted: May 8, 2007
- Updated: May 26, 2009
- Bulletin Severity Rating: Critical
- Version: 1.1

 

Microsoft Security Bulletin Major Revision - May 26, 2009

Title: Microsoft Security Bulletin Major Revision
Issued: May 26, 2009

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS09-003 - Critical

Bulletin Information:
=====================

* MS09-003 - Critical


http://www.microsoft.com/technet/security/bulletin/ms09-003.mspx

- Reason for Revision: V3.0 (May 26, 2009): Added an entry in the
section, Frequently Asked Questions (FAQ) Related to This
Security Update, to announce a detection change to the update
for Microsoft Exchange Server 2003 Service Pack 2 (KB959897).
This is a detection change only. There were no changes to the
security update files in this bulletin. Customers who have
already installed the KB959897 update successfully do not
need to reinstall.
- Originally posted: February 10, 2009
- Updated: May 26, 2009
- Bulletin Severity Rating: Critical
- Version: 3.0

 

Microsoft Security Advisory (97177
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
Published: May 28, 2009
Revisions:

• V1.0 (May 28, 2009): Advisory published.

http://www.microsoft.com/technet/security/advisory/971778.mspx