Go to Home Page   IT ServiceLink IT ServiceLink Telephone us on 01206 235000
About us

Software Development
       Legacy Software Maintenance
       Project Life Cycle
       Bespoke Software Development
       Corporate Hosting
       Business Process Automation
       DotNetNuke (DNN) CMS Website Package
       Search Engine Optimisation (SEO)
          SEO Website Survey Report
          SEO Blog
       Nesox Email Marketing
       e-Commerce Services

IT Infrastructure
       Hardware Supply
       Software Supply
       IP Telephony
          Avaya
          Swyx
          Avaya Case Study
          Swyx Case Study 1
          Swyx Case Study 2
       Security Products
          BorderWare
          Kaspersky
             Kaspersky Open Space
             Kaspersky Case Study
       Networking
          Draytek

Professional Services
       Customer Relationship Management (CRM)
          ACT! By Sage
          Microsoft Dynamic 3.0
       IT Infrastructure Optimisation
       IT Security Planning
       Business Continuity Management (BCM)
       Digital Sealing

IT Support Services
       Network Management
       Virtual IT Department
       IT Help Desk
       IT Support Framework
       IT Security Updates
          Microsoft Bulletins
             July 2009
             Emergency Patch Release July 2009
             August 2009
             September 2009
             October 2009
             November 2009
             December 2009
             January 2010
             Emergency Patch Release January 2010
             February 2010
             March 2010
             Emergency Patch Release March 2010
             April 2010
             May 2010
             June 2010
             July 2010
             August 2010
       Disaster Recovery

Contact us
  Home >> IT Support Services >> IT Security Updates >> Microsoft Bulletins >> July 2009 08 September 2010  
Patch Tuesday July 2009

Microsoft have released six security bulletins and associated patches this month.

Three of these are classed as critical and need immediate attention.

These three critical patches relate to Windows Operating Systems – XP, Vista & Server 2003, and will affect almost all desktops and servers in general use in Small and Medium Business environments.

These critical patches address fundamental issues relating to recently discovered security holes in the operating systems. These holes could be used by attackers to compromise your systems.

We are aware of a number of current viruses and other malware which exploit these holes, and which are prevalent enough in the wild to make them a real threat.

Our advice is twofold...

  • Ensure that the 3 critical patches are deployed to all Windows desktop and server operating systems immediately
     
  • Ensure that all Anti-virus and Malware blocking software packages are fully up to date, and properly configured firewalls are in place within your environment.

Whilst the other three bulletins / patches are important, some consideration is needed in order to evaluate any risks depending on whether you have the effected software or operating system installed. More details on these patches is given in the table below.

In summary…

  • Update your Desktop and Server computers immediately with the three critical patches (MS09-029, MS09-028 & MS09-032).
     
  • Evaluate if you are using the affected software or operating system for the important patches (MS09-033, MS09-031 & MS09-030).
     
  • Please also make sure that all additional IT Security solutions (Anti Virus, Anti Malware and Firewall) are in place, are up to date and are appropriate for your environment.

Table 1: Details of MS Patches released Tuesday 14/7/2009

MS Link ITSL Summary Severity Affected Software Restart after patch
MS09-029 This patch is to fix an issue with font management within the windows operating system that could allow an attacker to take control of the system. As fonts are an integral part of the operating system and software such as Word etc we would consider applying this patch immediately. Critical MS Windows - 2000, XP, 2003 Yes
MS09-028 This patch plugs a hole within a multimedia component of Windows (DirectShow) that could allow an attacker to run code remotely (Such as delete files or format drives). Apply this patch as soon as feasible. Critical MS Windows - 2000, XP, Vista, 2003, 2008 May Require Restart
MS09-032 Similar to MS09-028 as a potential threat. Patch as soon as feasible. Critical MS Windows May Require Restart
MS09-033 If your company is running Virtual Machines there is a small vulnerability that could allow remote code to be run. Your IT representative should know if they are running any virtual machines. Although not critical we suggest patching during the next round of maintenance visits. Important Virtual PC 2004, Virtual PC 2007, Virtual Server 2005 Yes
MS09-031 This only affects ISA server 2006. And even then only with a specific set of circumstances. Check with the IT representative if you think you are running ISA server and patch if you met the criteria defined here: MS09-031 Important ISA Server 2006 Yes
MS09-030 This only affects Publisher from Office 2007 and only if an attacker created a clever document that would expose the venerability. Run this patch during your next Office update. Important Office 2007 SP1 May Require Restart

 

 

 

 

 

 

 

 

 

 

 

 

 

Rating Definition
Critical A vulnerability whose exploitation could allow the propagation of an Internet worm without user action.
Important A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources.
Moderate Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
Low A vulnerability whose exploitation is extremely difficult, or whose impact is minimal.

We also offer...


Accessibility  |  Privacy  |  Terms Of Use  |  Site Map

A Microsoft Certified Partner © Copyright 2009 IT ServiceLink LTD A Microsoft Small Business Specialist