Friday, April 28, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Microsoft Cloud Strength Highlights Third Quarter Results
Alphabet Posts 1Q Profit
Intel Reports Quarterly Profit On Strong Data Center Business
Acer Rolls Out New Ultrathin Gaming Notebooks, Detachables, and All-in-One PCs
Samsung And Apple Maintain Top Spots in Smartphone Market
Noctua Offers Free Mounting Upgrade for Intel's New LGA2066 platform and Skylake-X CPUs
Razer Unveils the Razer Lancehead Wireless Gaming Mouse
BlackBerry KeyOne KEYone Android Smartphone Launching Next Month
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, December 10, 2009
Microsoft Details Security December Security Patches


Microsoft released a summary of security bulletins for December 2009.

The company released 6 updates. Three of them are marked as "Critical". Here is Microsoft's information related to each security patch:

MS09-071 - Critical
Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if messages received by the Internet Authentication Service server are copied incorrectly into memory when handling PEAP authentication attempts. On Windows Server 2008, the Internet Authentication Service is replaced by Network Policy Server (NPS). An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. Servers using Internet Authentication Service or Network Policy Server are only affected when using PEAP with MS-CHAP v2 authentication.

MS09-074 - Critical
Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)

This security update resolves a privately reported vulnerability in Microsoft Office Project. The vulnerability could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS09-072 - Critical
Cumulative Security Update for Internet Explorer (976325)

This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. An ActiveX control built with Microsoft Active Template Library (ATL) headers could also allow remote code execution;

MS09-069 - Important
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a remote, authenticated attacker, while communicating through Internet Protocol security (IPsec), sends a specially crafted ISAKMP message to the Local Security Authority Subsystem Service (LSASS) on an affected system.

MS09-070 - Important
Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server. An attacker would need to be an authenticated user in order to exploit either of these vulnerabilities.

MS09-073 - Important
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)

This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office Word. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.

For more information visit http://www.microsoft.com/technet/security/bulletin/ms09-dec.mspx


Previous
Next
Apple Rumored to Prepare For Tablet Spring Launch        All News        Windows 7 USB/DVD Download Tool Released
Panasonic Takes Control of Sanyo     General Computing News      Windows 7 USB/DVD Download Tool Released

Get RSS feed Easy Print E-Mail this Message

Related News
Microsoft Cloud Strength Highlights Third Quarter Results
Microsoft Says U.S. Foreign Intelligence Surveillance Requests Doubled
Microsoft Announces Patent License Agreement with Toyota
Adobe, Microsoft To Offer Solutions That Share Sales Data
Microsoft and Steelcase Present Concepts For The Future Workplace
Microsoft's Outlook.com Premium Emal Service Now Available
Microsoft To Give A Face Lifting To Windows 10 With 'Project NEON'
Microsoft Edge Will Soon Get New Features
Cloud Services Boost Microsoft's Sales And Profit
Microsoft Announces Intune for Education And New Windows 10 PCs for School
Microsoft, NXP Semiconductors, IAV and Auto Mobility Partners showcase Technologies For Safe And Personalized Automated Friving at CES 2017
Microsoft Partners with TomTom Mapping Company On Azure

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .