2 replies to this topic

[AplusWebMaster]

FYI...

- http://www.microsoft...n/MS09-nov.mspx
November 10, 2009 - "This bulletin summary lists security bulletins released for November 2009..." (Total of -6-)

Critical -3-

Microsoft Security Bulletin MS09-063 - Critical
Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)
- http://www.microsoft...n/ms09-063.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-064 - Critical
Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)
- http://www.microsoft...n/ms09-064.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-065 - Critical
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
- http://www.microsoft...n/MS09-065.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Important -3-

Microsoft Security Bulletin MS09-066 - Important
Vulnerability in Active Directory Could Allow Denial of Service (973309)
- http://www.microsoft...n/ms09-066.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Denial of Service
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-067 - Important
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)
- http://www.microsoft...n/MS09-067.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office

Microsoft Security Bulletin MS09-068 - Important
Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)
- http://www.microsoft...n/MS09-068.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office
___

ISC Analysis
- http://isc.sans.org/...ml?storyid=7564
Last Updated: 2009-11-10 18:36:34 UTC
___

Severity summary and exploitability index
- http://blogs.technet...8/original.aspx
November 10, 2009

Deployment priority
- http://blogs.technet...1/original.aspx
November 10, 2009
___

MSRT
- http://support.micro...om/?kbid=890830
November 10, 2009 - Revision: 66.0
(Recent additions)
Win32/Bredolab - September 2009 (V 2.14) - Moderate
Win32/Daurso - September 2009 (V 2.14) - Moderate
Win32/FakeScanti - October 2009 (V 3.0) - Moderate
Win32/FakeVimes - November 2009 (V 3.1) - Moderate
Win32/PrivacyCenter - November 2009 (V 3.1) - Moderate

//

Edited by AplusWebMaster, 10 November 2009 - 01:07 PM.

[AplusWebMaster]

FYI...

MS updates requiring reboot delivered
- http://isc.sans.org/...ml?storyid=7645
Last Updated: 2009-11-25 21:40:37 UTC - "... received updates from Microsoft in the last 24 hours (via Automatic Update or similar) that required a reboot. Microsoft has apparently updated several of their bulletins. Two of them are related to previous updates MSXML (v3.0 or v6.0), one with MSXML Core Services 4.0 SP2, one is additional daylight saving time updates, and the 4th is also daylight saving time-related and has to do with an error in the Date and Time control panel on Vista and Windows Server 2008. While it isn't unusual for Microsoft to make some minor updates to bulletins and patches (especially detection fixes) at times other than "Patch Tuesday" some of our readers (and some of us, handlers) were surprised by updates that required reboot.

References:
http://support.microsoft.com/kb/973685
http://support.microsoft.com/kb/973687
http://support.microsoft.com/kb/973688
http://support.microsoft.com/kb/976098
http://support.microsoft.com/kb/976470 ..."

[AplusWebMaster]

FYI...

Reports of issues with November Security Updates
- http://blogs.technet...ty-updates.aspx
December 01, 2009 - "We’ve received questions about public reports that customers might be experiencing system issues with the November Security Updates (which some are referring to “Black Screen” issues). We’ve investigated these reports and found that our November Security Updates are not making changes to the system that these reports say are responsible for these issues. While these reports weren’t brought to us directly, from our research into them, it appears they’re saying that our security updates are making permission changes in the registry to the value for the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell key. We’ve conducted a comprehensive review of the November Security Updates, the Windows Malicious Software Removal Tool, and the non-security updates we released through Windows Update in November. That investigation has shown that none of these updates make any changes to the permissions in the registry. Thus, we don’t believe the updates are related to the “black screen” behavior described in these reports. We’ve also checked with our worldwide Customer Service and Support organization, and they’ve told us they’re not seeing “black screen” behavior as a broad customer issue. Because these reports were not brought to us directly, it’s impossible to know conclusively what might be causing a “black screen” in those limited instances where customers have seen it. However, we do know that “black screen” behavior is associated with some malware families such as Daonol*. This underscores the importance of our guidance to customers to contact our Customer Service and Support group any time they think they’re affected by malware or are experiencing issues with security updates. This enables us to determine what might be happening and take steps to help customers by documenting new malware families in our MMPC malware encyclopedia or documenting known issues in our security bulletins and the supporting Knowledge Base articles..."
* http://www.microsoft.....aonol malware
Search Term = Daonol malware / 500 entries found

- http://isc.sans.org/...ml?storyid=7672
Last Updated: 2009-12-02 16:43:47 UTC

Edited by AplusWebMaster, 02 December 2009 - 12:51 PM.