Go to Home Page   IT ServiceLink IT ServiceLink Telephone us on 01206 235000
About us

Software Development
       Legacy Software Maintenance
       Project Life Cycle
       Bespoke Software Development
       Corporate Hosting
       Business Process Automation
       DotNetNuke (DNN) CMS Website Package
       Search Engine Optimisation (SEO)
          SEO Website Survey Report
          SEO Blog
       Nesox Email Marketing
       e-Commerce Services

IT Infrastructure
       Hardware Supply
       Software Supply
       IP Telephony
          Avaya
          Swyx
          Avaya Case Study
          Swyx Case Study 1
          Swyx Case Study 2
       Security Products
          BorderWare
          Kaspersky
             Kaspersky Open Space
             Kaspersky Case Study
       Networking
          Draytek

Professional Services
       Customer Relationship Management (CRM)
          ACT! By Sage
          Microsoft Dynamic 3.0
       IT Infrastructure Optimisation
       IT Security Planning
       Business Continuity Management (BCM)
       Digital Sealing

IT Support Services
       Network Management
       Virtual IT Department
       IT Help Desk
       IT Support Framework
       IT Security Updates
          Microsoft Bulletins
             Archive
                July 2009
                Emergency Patch Release July 2009
                August 2009
                September 2009
                October 2009
                November 2009
                December 2009
                Emergency Patch Release January 2010
                January 2010
                February 2010
                Emergency Patch Release March 2010
                March 2010
                April 2010
                May 2010
                June 2010
                July 2010
                August 2010
                September 2010
                October 2010
                November 2010
                December 2010
                January 2011
             February 2011
             March 2011
             April 2011
             May 2011
             June 2011
             July 2011
             August 2011
             September 2011
             December2011
             January 2012
       Disaster Recovery

Contact us
  Home >> IT Support Services >> IT Security Updates >> Microsoft Bulletins >> Archive >> October 2009 08 February 2012  
Patch Tuesday October 2009

This month's Microsoft Patch Tuesday has a record 13 bulletins. Eight of these are classed as Critical. Five security bulletins have a rating of Important.

Some of this month’s patches are targeting what are known as “Zero-Day” vulnerabilities. In simple terms this is where a threat tries to exploit vulnerabilities that were previously unknown to Microsoft or Software developers. More details on Zero-Day can be found here.

The patches relate to Microsoft Operating Systems and software. The majority of the supported operating systems are affected this month: Windows 2000, Windows XP, Windows 2003, Windows Vista, Windows 7 and Windows 2008. All of the patches either need a system reboot or may need a system reboot so please take this into account when implementing

As usual, these patches address fundamental issues relating to vulnerabilities in the operating system or software which could be used by attackers to compromise your systems. There are a number of viruses and malware that could exploit these vulnerabilities, making them a real threat if left open.

On top of the usual Microsoft Patches, Adobe has also released their Quarterly security bulletins for Acrobat and Acrobat Reader. These vulnerabilities can cause the applications to crash and could potentially allow an attacker to take control of the affected system. More Details available from Adobe here.

Our usual advice is…

  • Ensure that the critical patches are deployed to all Windows desktop and server operating systems and Software, where appropriate, immediately.
     
  • Ensure that all Anti-virus and Malware blocking software packages are fully up to date, and properly configured firewalls are in place within your environment
     
  • Update you Operating systems with the Eight critical patches (MS09-050, MS09-051, MS09-052, MS09-054, MS09-055, MS09-060, MS09-061, MS09-062)
     

As always, some consideration is needed in order to evaluate any risks depending on whether you have the relevant affected environment. More details on these patches is given in the table below with links to the relevant Microsoft Knowledge base articles.

Table 1: Details of MS Patches released Tuesday 08/09/2009

MS Link ITSL Summary Severity Affected Software Restart after patch

MS09-050

KB975517

This patch is for the Server Message Block Version 2 exploit that could allow remote code execution attacks, as well as fixing two other similar issues that have not been publically disclosed. This is highly critical and the patch should be applied immediately.

 Critical Windows Vista & Windows 2008 Yes

MS09-051

KB975682

 Vulnerabilities in the Windows Media Runtime that allow an attacker to run code using a modified file. The attacker could gain the same rights as the local user. You should install this patch as soon as possible. Critical Windows 2000, Windows XP, Windows 2003, Windows Vista, and Windows 2008 May Require Restart

MS09-052

KB974112

 Older versions of Windows Media Player are affected by this vulnerability. Similar to MS09-051, an attacker can use a modified file to run code with the same rights as the local user. Install this immediately if you have an operating system that is affected. Critical Windows 2000, Windows XP & Windows 2003 May Require Restart

MS09-053

KB975254

 This update corrects two issues with Internet Information Server’s FTP service (IIS). The problem exists in IIS 5.0 - IIS 7.0 Vista and 2008 servers (with IIS 7) are affected only if they have FTP Service 6 installed. On IIS 5.0, one of the vulnerabilities can lead to a remote code execution exploit. The other problem resolved with this patch can be used to perform a denial of service attack on all listed versions of IIS. If you are using IIS 5.0, install this patch ASAP, otherwise apply the patch as soon as convenient. Important Windows 2000, Windows XP, Windows 2003, Windows Vista, and Windows 2008 May Require Restart

MS09-054

KB974455

 This cumulative update for IE resolves four vulnerabilities, one of which has already been publically disclosed. It also bundles a number of other hotfixes in. These vulnerabilities could be exploited by attackers with specially crafted Web pages to perform remote code execution attacks with the local user’s rights. This is important and should be dealt with immediately. Critical IE 5.01, IE 6, IE 7, IE 8 Yes

MS09-055

KB973525

 This cumulative security update for the ActiveX Killbits component fixes a remote code execution exploit that is already being exploited in the wild. Depending on the security setting in Internet Explorer will dictate if you need to do this immediately or as soon as convenient. To be safe, apply this patch now. Critical Windows 2000, Windows XP, Windows 2003, Windows Vista, Windows 7 and Windows 2008 May Require Restart

MS09-056

KB974571

 A problem with the Windows cryptography system could allow spoofing attackers, should the attacker get a hold of the user’s certificates. In simple terms the chances of this happening are slim but there is still a chance. Install this patch when convenient but sooner rather than later. Important Windows 2000, Windows XP, Windows 2003, Windows Vista, Windows 7 and Windows 2008 Yes

MS09-057

KB969059

 There is a chance that an attacker could use the ActiveX control to force the target computer to index a bad URL which would then perform a remote code execution attack on the PC. Again, unlikely but possible. Install this patch as part of your usual updates. Important Windows 2000, Windows XP, Windows 2003 Yes

MS09-058

KB971486

 This could allow an attacker to run remote code. However, they would need to be on the PC to do this. Install this patch as part of your usual updates. Important Windows 2000, Windows XP, Windows 2003 and Windows 2008 Yes

MS09-059

KB975467

 A problem with the Windows security subsystem could allow an attacker to send a cleverly edited file to perform a denial of service exploit. Install this patch as part of your usual updates. Important Windows XP, Windows 2003, Windows Vista, Windows 7 and Windows 2008 Yes

MS09-060

KB973965

 This patch resolves ActiveX issues in various versions of Office, which could be used to perform remote code execution attacks, and gain the local user’s privileges. This patch should be installed immediately. Microsoft recommends that people with the Visio Viewers version 2002 and 2003 upgrade to the 2007 version immediately, as a separate hotfix will not be provided for those versions. Also, the Outlook View Control may not work after installing this update; Microsoft has made updates available to fix that issue as well. Check the details on this one but if in doubt apply the patch and upgrade Visio viewers. Critical Office XP, Office 2003, Visio Viewer 2002, Visio Viewer 2003, Visio Viewer 2007 May Require Restart

MS09-061

KB974378

 An issue with the .NET Framework could allow attackers to perform remote code execution attacks. If the user manages to upload an ASP.NET application to an IIS server, they could then trigger the exploit as well. Install this patch immediately on desktop OS versions of Windows (and Macs). Windows Server installations can wait until the next update cycle. Critical Windows 2000, Windows XP, Windows 2003, Windows Vista, Windows 7 and Windows 2008 May Require Restart

MS09-062

KB957488

 A number of problems in the graphics system in Windows can allow remote code execution attacks to be triggers with manipulated image files. This affects many operating systems and applications. Follow the link for a full list but as so many are affected, it is likely that you should be installing this patch ASAP. Critical

MS Windows & MS Office

Full list here

 May Require Restart

Adobe

 These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. This update represents the second quarterly security update for Adobe Reader and Acrobat. Important Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh. May Require Restart


Rating Definition
Critical A vulnerability whose exploitation could allow the propagation of an Internet worm without user action.
Important A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources.
Moderate Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
Low A vulnerability whose exploitation is extremely difficult, or whose impact is minimal.

We also offer...


Accessibility  |  Privacy  |  Terms Of Use  |  Site Map

A Microsoft Certified Partner © Copyright 2009-2011 IT ServiceLink LTD A Microsoft Small Business Specialist