Home / bulletins MS09-018 - Critical: Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055) - Version:1.1
Posted on 01 August 2009
CriticalSeverity Rating: Critical - Revision Note: V1.1 (June 17, 2009): Listed Microsoft Windows 2000 Professional Service Pack 4, all supported editions of Windows Vista, and all supported versions of Windows Server 2008 for Itanium-based Systems as non-affected software. Also, clarified which ports are used by the Global Catalog server in the Block TCP ports workaround for CVE-2009-1139. This is an informational change only.Summary: This security update resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Other versions
- MS09-018 - Version: 1.0
- MS09-018 - Version: 1.1
- MS09-018 - Version: ion:1