Microsoft Security Bulletin: 13 October 2009

Microsoft released 13 new bulletins which address 34 vulnerabilities in Windows, Internet Explorer and Microsoft Office.

Microsoft is also re-releasing MS08-069, vulnerability in Microsoft XML Core Services could allow remote code execution (955218) to add detection for Windows 7 and Windows Server 2008 R2. Although this component does not ship with these platforms but many applications install it in order to use its functionality.

There was a change in the severity rating since the advance notification for several versions of Windows in the .NET bulletin (MS09-061). Microsoft elevated the severity from Important to Critical. This is not a regular practice, however, it was determined that this was the appropriate rating for these products when certain versions of the .NET Framework are installed on them.

The Malicious Software Removal Tool (MSRT) adds one new family this month: Win32/FakeScanti.

Critical

• MS09-050: Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
• MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
• MS09-052: Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
• MS09-054: Cumulative Security Update for Internet Explorer (974455)
• MS09-055: Cumulative Security Update of ActiveX Kill Bits (973525)
• MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
• MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)
• MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Important

• MS09-053: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
• MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
• MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
• MS09-058: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
• MS09-059: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

References

• Microsoft Malware Protection Center blog: Scanti-ly Clad – Another Rogue Stripped by MSRT
• MSRC: October 2009 Security Bulletin Release
• TechNet: Microsoft security bulletin summary for October 2009
• Security Research & Defense blog:
• Assessing the risk of the October security bulletins
• MS09-051: A note on the affected platforms
• MS09-050: Exploit timeline for SMB2 RCE vulnerability
• MS09-054: Extra info on the attack surface for the IE security bulletin
• MS09-061: More information about the .NET security bulletin
• Microsoft Malware Protection Center blog: Scanti-ly Clad – Another Rogue Stripped by MSRT
  

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information