Microsoft Windows and Microsoft Office users are encouraged to update their computer systems as soon as possible to protect the PCs from possible exploits that could attack the systems successfully. The usual options to download the patches are provided including automatic updates, Windows updates, Microsoft update or manually by following the links posted in the different security bulletins.

• MS09-063 Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) – This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability.
• MS09-064 – Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) – This security update resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.
• MS09-065 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) – This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker’s site.
• MS09-066 – Vulnerability in Active Directory Could Allow Denial of Service (973309) – This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS.
• MS09-067 – Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) – This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-068 – Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) – This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Detailed information are available in the security bulletins linked above or at the security bulletin summary page here.

Related posts

• Microsoft Security Updates April 2009 (2)
• Microsoft Patch Tuesday December 08 (3)
• Windows Security Updates September 2008 (0)
• Microsoft Security Patches for June 2009 (12)
• Microsoft Security Patches April 2008 (0)

• Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
• Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
• Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
• Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
• Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
• Cumulative Security Update for Internet Explorer (963027)
• Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
• Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)

The easiest way to update is by visiting Windows Update or Microsoft Update. Please read our Windows Update Fix article if Windows Update is not working properly on your computer system. Alternatives are so called offline updates like Offline Update, Autopatcher or Update Windows Without Microsoft.

It is recommended to update the computer system as soon as possible to close the vulnerabilities.

Related posts

• Microsoft Security Updates November 2009 (2)
• Windows Security Updates September 2008 (0)
• Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities (0)
• Microsoft August 2008 Security Updates (0)
• January 2009 Microsoft Security Bulletin (1)

Microsoft Office Slipstreamer looks pretty much alike and one could think that both software programs have been developed by the same person. There are however some differences that are worth to be mentioned. The latter supports Office 2000 and above while Office 2000 is not supported (yet) by Microsoft Office Integrator. That leaves Office 2000 users with no other choice but to select Microsoft Office Slipstreamer.

Both applications work the same way. The user begins by picking the setup.exe of his Office installation disk and a destination for the installation disk that will be created. He then picks Service Packs and Hotfixes for his Office product which will be integrated into Office which is the greatest benefit of slipstreamed software.

It is possible to enter the Office product key so that it is entered automatically during installation. Microsoft Office Slipstreamer can also fill out the Organization automatically. The user can also point at additional files that should be installed after Office setup has finished. That’s called Chained Installations.

Both support the creation of AIO (All In One) CD or DVDs and to create Iso images that can be burned easily. It basically comes down to Office 2000 support versus no Office 2000 support.

Related posts

• Microsoft Office Integrator (7)
• Microsoft Office Live Workspace Add-in (4)
• Remove Hidden Data tool for Office 2003 and Office XP (2)
• Office Tabs Brings Tabs To Microsoft Office (14)
• Microsoft Translator For Microsoft Office (5)

Office Integrator does the same for Office basically. It allows you to create a slipstreamed installation source for Microsoft Office that contains all the updates and patches that you add to it. All that is needed is the current version of the Office Integrator, the patches for Microsoft Office that you want to slipstream and Microsoft Office.

Several so called Office hotpacks have been created at the forum where the Office Integrator has been published that contain all official Microsoft Office patches in one download. Another possibility would be to use Autopatcher Office to download the Office updates.

Once the software program is on the computer start it. Now select the Microsoft Office setup.exe and a destination for the slipstreamed version of Office. After that pick a Service Pack if you have one and hotfixes and patches from the computer. A click on the Integrate button starts the slipstreaming process.

A beta version of Office Integrator 0.7 was published on the forum as well but a user account is needed to use it. The main homepage of the application seems to be down currently which could be problematic for the whole process.

Update: Latest version is Office Integrator 1.0. You can grab it from the forum as well.

Related posts

• Microsoft Office Slipstreamer (2)
• Microsoft Translator For Microsoft Office (5)
• Remove Hidden Data tool for Office 2003 and Office XP (2)
• Office Tabs Brings Tabs To Microsoft Office (14)
• Microsoft Office Migration Planning Manager (1)