Home / vulnerabilitiesPDF  

TA09-314A.txt

Posted on 17 November 2009
Source : packetstormsecurity.org Link

 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA09-314A


Microsoft Updates for Multiple Vulnerabilities

Original release date:
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows and Windows Server
* Microsoft Office Word and Excel


Overview

Microsoft has released updates to address vulnerabilities in
Microsoft Windows and Windows Server and Office Word and Excel.


I. Description

Microsoft has released multiple security bulletins for critical
vulnerabilities in Microsoft Windows and Windows Server and Office
Word and Excel. These bulletins are described in the Microsoft
Security Bulletin Summary for November 2009.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code,
gain elevated privileges, or cause a vulnerable application to
crash.


III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for November 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).


IV. References

* Microsoft Security Bulletin Summary for November 2009 -
<http://www.microsoft.com/technet/security/bulletin/ms09-nov.mspx>

* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA09-314A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-314A Feedback VU#825685" in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2009 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

November 10, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSvnpitucaIvSvh1ZAQLgdggAhWgMY33A80XxEvDBnudIxLPxxaWghAa0
x93joYG1l4JOoBQIyMhR+dlbGI2NL/Sxabsg2/Mh/5lO4h2wbKNkd2mdXdeWXvsP
CpJqM6AhZ/88dfCtpXWNoV362sRJJvSjXuyatDvLjzGJUb9PBk8jiOki806X+MVO
VL72ytlODYIPU2bDAl2YhTq6qWX0wjXn100Y8BDX+a+hvrz+0gFF37i7ImO8fLCC
PPrPpFRHN7pjcARmFMACCDk99wWUu7EwymjgXQGB+E0Hs2rJOigokEcNm1JguQvI
kFE05iDOXVdSOldf2WTx/CFViTIif/f2IRz1Z+59RTZ0oLoeCj6HdA==
=06SV
-----END PGP SIGNATURE-----

 

TOP

Malware :

Exploits :