Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - December 2009


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 08 December 2009 - 12:29 PM

FYI...

- http://www.microsoft...n/MS09-dec.mspx
December 08, 2009 - "This bulletin summary lists security bulletins released for December 2009..." (Total of -6-)

Critical -3-

Microsoft Security Bulletin MS09-071 - Critical
Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)
- http://www.microsoft...n/MS09-071.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-074 - Critical
Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)
- http://www.microsoft...n/MS09-074.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office

Microsoft Security Bulletin MS09-072 - Critical
Cumulative Security Update for Internet Explorer (976325)
- http://www.microsoft...n/MS09-072.mspx
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows ...
Revisions:
• V1.0 (December 8, 2009): Bulletin published.
• V1.1 (December 9, 2009): Corrected a reference to Microsoft Knowledge Base Article 976749 in the section, Frequently Asked Questions (FAQ) Related to This Security Update. Also corrected, in the Security Update Deployment section, the registry key for verification of the update for Internet Explorer 7 for all supported x64-based editions of Windows XP.

Important -3-

Microsoft Security Bulletin MS09-069 - Important
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
- http://www.microsoft...n/MS09-069.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Denial of Service
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-070 - Important
Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
- http://www.microsoft...n/MS09-070.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

Microsoft Security Bulletin MS09-073 - Important
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
- http://www.microsoft...n/MS09-073.mspx
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows, Microsoft Office
___

Severity and Exploitability Index
- http://blogs.technet...6/original.aspx
December 08, 2009

Deployment priority
- http://blogs.technet...7/original.aspx
December 08, 2009
___

MSRT
- http://support.micro...om/?kbid=890830
December 8, 2009 - Revision: 67.0
(Recent additions)
Win32/FakeScanti - October 2009 (V 3.0) Moderate
Win32/FakeVimes - November 2009 (V 3.1) Moderate
Win32/PrivacyCenter - November 2009 (V 3.1) Moderate
Win32/Hamweq - December 2009 (V 3.2) Moderate
___

ISC Analysis
- http://isc.sans.org/...ml?storyid=7711
Last Updated: 2009-12-10 19:42:30 UTC
___

Microsoft Office Project Memory Validation Vuln
- http://secunia.com/advisories/37588/2/
... Original Advisory: http://www.microsoft...n/MS09-074.mspx
___

Microsoft WordPad / Office Text Converters Memory Corruption Vuln
- http://secunia.com/advisories/37580/2/
... Original Advisory: http://www.microsoft...n/MS09-073.mspx
___

Internet Explorer multiple vulns
- http://secunia.com/advisories/37448/2/
... Original Advisory: http://www.microsoft...n/MS09-072.mspx
___

Microsoft Windows Internet Authentication Service Vuln
- http://secunia.com/advisories/37579/2/
... Original Advisory: http://www.microsoft...n/MS09-071.mspx

Microsoft Windows MS-CHAP Authentication Bypass
- http://secunia.com/advisories/37543/2/
... Original Advisory: http://www.microsoft...n/MS09-071.mspx
___

Microsoft Windows Local Security Authority Subsystem DoS
- http://secunia.com/advisories/37524/2/
... Original Advisory: http://www.microsoft...n/MS09-069.mspx
___

Edited by AplusWebMaster, 13 December 2009 - 06:25 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 10 December 2009 - 04:20 PM

Also now showing up at the MS Update site:

AppCompat update for Indeo codec
- http://support.microsoft.com/kb/955759
December 9, 2009 - Revision: 3.0
- http://web.nvd.nist....d=CVE-2009-4311
- http://web.nvd.nist....d=CVE-2009-4310
Last revised: 12/15/2009

Extended Protection for Authentication in Microsoft Windows HTTP Services (WinHTTP)
- http://support.microsoft.com/kb/971737
December 8, 2009 - Revision: 1.0

Extended Protection for Authentication in the HTTP Protocol Stack (http.sys)
- http://support.microsoft.com/kb/970430
December 8, 2009 - Revision: 1.0

:scratch:

Edited by AplusWebMaster, 23 December 2009 - 04:15 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users