Microsoft Security Bulletin Summary for November 10, 2009

Discussion in 'other security issues & news' started by NICK ADSL UK, Nov 10, 2009.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Summary for November 10, 2009

    Microsoft Security Bulletin Summary for November 10, 2009
    Published: November 10 2009


    Note: There may be latency issues due to replication, if the page does not display keep refreshing


    Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


    Today Microsoft released the following Security Bulletin(s).

    Bulletin Summary:


    http://www.microsoft.com/technet/security/bulletin/ms09-nov.mspx

    Critical (3)

    Microsoft Security Bulletin MS09-063
    Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)
    http://www.microsoft.com/technet/security/bulletin/ms09-063.mspx

    Microsoft Security Bulletin MS09-064
    Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)
    http://www.microsoft.com/technet/security/bulletin/ms09-064.mspx

    Microsoft Security Bulletin MS09-065
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
    http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx




    Important (3)


    Microsoft Security Bulletin MS09-066
    Vulnerability in Active Directory Could Allow Denial of Service (973309)
    http://www.microsoft.com/technet/security/bulletin/ms09-066.mspx

    Microsoft Security Bulletin MS09-067
    Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)
    http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx

    Microsoft Security Bulletin MS09-068
    Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)
    http://www.microsoft.com/technet/security/bulletin/ms09-068.mspx

    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About Microsoft November Security Bulletins (Level 200)
    Event ID: 1032407490

    Language(s): English.
    Product(s): Security.
    Audience(s): IT Generalist.



    Duration: 90 Minutes
    Start Date: Wednesday, November 11, 2009 11:00 AM Pacific Time (US & Canada)

    Event Overview

    On November 11, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the November security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

    Presenters: Jerry Bryant, Senior Security Program Manager Lead, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

    Register now for the november security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft® Windows® Malicious Software Removal Tool (KB890830)
    Brief Description
    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

    Date Published: 10/11/2009


    Win32/FakeVimes

    Encyclopedia entry
    Updated: Nov 10, 2009 | Published: Nov 04, 2009




    http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS09-051 - Critical
    Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
    Published: October 13, 2009 | Updated: November 10, 2009


    Revisions
    • V1.0 (October 13, 2009): Bulletin published.

    • V1.1 (October 14, 2009): Clarified the entry, "I have Windows Media Player installed on my system. Why am I not being offered some of the updates?" in the FAQ section. Also corrected the FAQ for CVE-2009-0555 to indicate that Microsoft is aware of limited attacks attempting to exploit the vulnerability.

    • V2.0 (November 10, 2009): Bulletin revised to communicate the rerelease of the update for Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 to fix a detection issue. This is a detection change only; there were no changes to the binaries. Customers who have successfully updated their systems do not need to reinstall this update. Also corrected the registry key verification for DirectShow WMA Voice Codec on Windows Server 2003.

    http://www.microsoft.com/technet/security/bulletin/ms09-051.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS09-045 - Critical
    Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)
    Published: September 08, 2009 | Updated: November 10, 2009

    Revisions
    • V1.0 (September 8, 2009): Bulletin published.

    • V1.1 (September 9, 2009): Corrected the update package file name for JScript 5.6 on all supported x64-based editions of Windows Server 2003.

    • V1.2 (September 30, 2009): Added information about known issues related to uninstalling the security update and verifying the registry key on Windows XP and Windows Server 2003.

    • V2.0 (November 10, 2009): Added JScript 5.7 on Microsoft Windows 2000 Service Pack 4 (KB975542) to the Affected Software table and the Security Update Deployment section.

    http://www.microsoft.com/technet/security/bulletin/ms09-045.mspx
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS09-065 - Critical
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
    Published: November 10, 2009 | Updated: November 12, 2009


    Revisions
    • V1.0 (November 10, 2009): Bulletin published.

    • V1.1 (November 12, 2009): Added a link to Microsoft Knowledge Base Article 969947 under Known Issues in the Executive Summary.

    http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
  9. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
Loading...
Thread Status:
Not open for further replies.