Microsoft Security Bulletin: October 2009 Update
It’s that time again. Time to patch those systems and get up to date. This month we have 13 security updates. Please make sure you check out the details below and apply them to you environments where appropriate.
| Bulletin ID | Bulletin Title | Maximum Severity | Vulnerability Impact | Restart Requirement | Affected Software |
| MS09-050 | Vulnerabilities in SMBv2 Could Allow Remote Code Execution | Critical | Remote Code Execution | Requires Restart | Microsoft Windows Vista and Windows Server 2008 |
| MS09-051 | Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution | Critical | Remote Code Execution | Requires Restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 |
| MS09-052 | Vulnerability in Windows Media Player Could Allow Remote Code Execution | Critical | Remote Code Execution | May Require Restart | Microsoft Windows 2000, Windows XP, and Windows Server 2003 |
| MS09-053 | Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution | Important | Remote Code Execution | May Require Restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 |
| MS09-054 | Cumulative Security Update for Internet Explorer | Critical | Remote Code Execution | Requires Restart | Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 |
| MS09-055 | Cumulative Security Update of ActiveX Kill Bits | Critical | Remote Code Execution | May Require Restart | Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 |
| MS09-056 | Vulnerabilities in Windows CryptoAPI Could Allow Spoofing | Important | Spoofing | Requires Restart | Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 |
| MS09-057 | Vulnerability in Indexing Service Could Allow Remote Code Execution | Important | Remote Code Execution | Requires Restart | Microsoft Windows 2000, Windows XP, and Windows Server 2003 |
| MS09-058 | Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege | Important | Elevation of Privilege | Requires Restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 |
| MS09-059 | Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service | Important | Denial of Service | Requires Restart | Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 |
| MS09-060 | Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution | Critical | Remote Code Execution | May Require Restart | Microsoft Office Outlook 2002, Outlook 2003, Outlook 2007, Visio Viewer 2002, Visio Viewer 2003, and Visio Viewer 2007 |
| MS09-061 | Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution | Critical | Remote Code Execution | Requires Restart | Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, and Microsoft Silverlight 2 |
| MS09-062 | Vulnerabilities in GDI+ Could Allow Remote Code Execution | Critical | Remote Code Execution | Requires Restart | Microsoft Windows, Microsoft Office, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront |
If you would like a summary of all these bulletins you can get them at: https://www.microsoft.com/technet/security/bulletin/MS09-oct.mspx
Microsoft Windows Malicious Software Removal Tool
We are also releasing an updated version of the Windows Malicious Software Removal tool on Windows Server Update Services and Windows Update. You can get more information about this tool at: https://support.microsoft.com/?kbid=890830
It’s quite a big update this month so I recommend you look at these updates closely and apply them where needed. And as always make sure you keep up to date with the Microsoft Security Response Center Blog as they have heaps of good information.
Technorati Tags: Computer Security,Patching,Updates
Jeffa