Affected operating systems include Windows Vista, Windows XP, Windows Server 2003 and 2008, Windows 2000 but not Windows 7. Downloads are available from the usual locations including automatic updates, Windows Update, Microsoft Update or by following the links in the security bulletins below.

• MS09-043 Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)

  This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• MS09-044 Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

  This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• MS09-039 Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

  This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue.

• MS09-038 – Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

  This security update resolves two privately reported vulnerabilities in Windows Media file processing. Either vulnerability could allow remote code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• MS09-037 Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

  This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• MS09-041 Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)

  This security update resolves a privately reported vulnerability in the Windows Workstation Service. The vulnerability could allow elevation of privilege if an attacker created a specially crafted RPC message and sent the message to an affected system. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to a vulnerable system in order to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

• MS09-040 Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)

  This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue.

• MS09-036 Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

  This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.NET is configured to use integrated mode on affected versions of Microsoft Windows. An attacker could create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted. Customers who are running IIS 7.0 application pools in classic mode are not affected by this vulnerability.

• MS09-042 Vulnerability in Telnet Could Allow Remote Code Execution (960859)

  This security update resolves a publicly disclosed vulnerability in the Microsoft Telnet service. The vulnerability could allow an attacker to obtain credentials and then use them to log back into affected systems. The attacker would then acquire user rights on a system identical to the user rights of the logged-on user. This scenario could ultimately result in remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with

Related posts

• Stop Restart Now Restart Later Dialog After Windows Updates (8)
• Microsoft Security Updates October 2009 Online (3)
• Microsoft Security Updates April 2009 (2)
• Microsoft Patch Day March 2009 (4)
• Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities (0)

One security vulnerability has a critical rating for all affected operating systems while the other two are rated important by Microsoft’s security research team.

Details about the Security Bulletins can be found by following these links: Microsoft Security Bulletin MS09-006, MS09-007 or MS09-008. Another possibility is to access the Security Bulletin Summary at Microsoft Technet.

The vulnerabilities fix one remote code execution vulnerability and two spoofing vulnerabilities on the affected Windows operating systems:

• Vulnerabilities in Windows Kernel Could Allow Remote Code Execution
• Vulnerability in SChannel Could Allow Spoofing
• Vulnerabilities in DNS and WINS Server Could Allow Spoofing

Related posts

• New Security Vulnerability Affects Windows Operating Systems (2)
• Microsoft Security Updates August 2009 (2)
• Microsoft Security Updates April 2009 (2)
• Microsoft Security Patches July 2009 (5)
• Microsoft Security Patches for June 2009 (12)

The security bulletin resolves three vulnerabilities in Microsoft Server Message Block (SMB) Protocol which could allow remote code execution on affected systems. An attacker could run programs, create new user accounts and view, change or delete data on the computer system. It is interesting to note that Windows 7 is affected as well even though it is not mentioned in the security bulletin.

The security vulnerability would be rated as moderate for the upcoming operating system which is why Microsoft will not provide a patch at the current time (They chose to only patch critical security vulnerabilities immediately). A patch will be released with the next public release of Windows 7.

Patches can be applied as usual through the various official update channels.

Related posts

• Offline Update 6 Adds Linux Support (3)
• Microsoft Security Updates April 2009 (2)
• Windows Update Fix (3)
• Microsoft Patch Day March 2009 (4)
• Windows XP Service Pack 3 Uxtheme.dll patch (41)

The vulnerability rated as critical could allow remote code execution in the in Microsoft XML Core Services while the vulnerability rated important could allow remote code execution in Microsoft Server Message Block (SMB) Protocol.

Both security vulnerabilities can be fixed by using Windows Update or by downloading the security updates directly from the Microsoft Download website by following the two links given above in this article.

Related posts

• Microsoft Security Patches April 2008 (0)
• Microsoft Security Patches July 2009 (5)
• Microsoft Security Patches for June 2009 (12)
• Microsoft Patch Tuesday December 08 (3)
• Microsoft releases two security patches for Windows (1)