Microsoft Security Bulletin: June 2009 Release

security bulletin
This month we have quite a few security bulletins for you to consider.  Please see the details below for links and more information.

Bulletin ID Bulletin Title Maximum Severity Rating Impact Restart Requirement Affected Software
MS09-018 Vulnerabilities in Active Directory Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Microsoft Windows
MS09-019 Cumulative Security Update for Internet Explorer Critical Remote Code Execution Requires Restart Microsoft Windows, Internet Explorer
MS09-020 Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege Important Elevation of Privilege Requires Restart Microsoft Windows
MS09-021 Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Office
MS09-022 Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Microsoft Windows
MS09-023 Vulnerability in Windows Search Could Allow Information Disclosure Moderate Information Disclosure Requires Restart Microsoft Windows
MS09-024 Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Office
MS09-025 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege Important Elevation of Privilege Requires Restart Microsoft Windows
MS09-026 Vulnerability in RPC Could Allow Elevation of Privilege Important Elevation of Privilege Requires Restart Microsoft Windows
MS09-027 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart  

If you want to see a summary of these bulletins please click here.

New Security Advisories

We are also releasing two new security advisories.  These were released on June 9th 2009.  Details are below.

Security Advisory # 1 Microsoft Security Advisory (971888) - Update for DNS Devolution
Summary Microsoft is announcing the availability of an update to DNS devolution that can help customers in keeping their systems protected. Customers whose domain name has three or more labels, such as "contoso.co.us", or who do not have a DNS suffix list configured, or for whom the following mitigating factors do not apply may inadvertently be allowing client systems to treat systems outside of the organizational boundary as though they were internal to the organization's boundary.
Mitigating Factors

Customers who are joined to a domain and have a DNS suffix search list configured on their system are not at risk of inadvertently treating external systems as though they were internal. Microsoft encourages all enterprise customers to set DNS suffix search lists on client systems in order to ensure all DNS queries stay within organizational boundaries.

In most cases, home users who are not members of a domain do not use DNS devolution and therefore are not exposed to this risk. Home users who are not members of a domain but have configured a primary DNS suffix, however, do use DNS devolution and are at risk of inadvertently treating external systems as though they were internal.

Customers whose DNS domain name consists of two labels are not exposed to this risk. An example of a customer who is not affected is contoso.com or fabrikam.gov, where "contoso" and "fabrikam" are customer registered domain names under their respective ".com" and ".gov" top-level domains (TLDs).

   
Security Advisory # 2 Microsoft Security Advisory (969898) - Update Rollup for ActiveX Kill Bits
Summary

Microsoft is releasing a new set of ActiveX Kill Bits with this advisory. The update includes a kill bit from a previously published Microsoft Cumulative Update:

  • Microsoft Visual Basic 6.0 Service Pack 6 Cumulative Update (KB957924)

The update also includes kill bits for the following third-party software:

  • Derivco: This security update sets a kill bit for an ActiveX control developed by Derivco. Derivco has released a security update that addresses a vulnerability in the affected component. For more information and download locations, see the security release from Derivco. This kill bit is being set at the request of the owner of the ActiveX controls.
  • eBay Advanced Image Upload Component: This security update sets a kill bit for an ActiveX control developed by eBay. eBay has released a security update that addresses a vulnerability in the affected component. For more information and download locations, see the security release from eBay. This kill bit is being set at the request of the owner of the ActiveX controls.
  • HP Virtual Room v7.0: This security update sets a kill bit for an ActiveX control developed by Research In Motion (RIM). RIM has released a security update that addresses a vulnerability in the affected component. For more information and download locations, see the security release from HP. This kill bit is being set at the request of the owner of the ActiveX controls.
Additional Resources

And as per normal we are release an updated version of the Microsoft Windows Malicious Software Removal Tool.  Get more details on that here.

Technorati Tags: Security,Patches,Updates,WSUS

Jeffa