TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
November 2009 - Microsoft Releases 6 Security Advisories
Risk: Critical
Description:

Microsoft addressed the following vulnerabilities in its November batch of patches:

  • (MS09-063) Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)

    Risk Rating: Critical

    This update resolves a vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI). The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Read more here.

  • (MS09-064) Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)

    Risk Rating: Critical

    This update resolves a vulnerability in the License Logging Server, a feature used to manage licenses for the Microsoft server products that are licensed in the Server Client Access License (CAL) model. Read more here.

  • (MS09-065) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)

    Risk Rating: Critical

    This update resolves several vulnerabilities in the Windows kernel. These vulnerabilities allow remote code execution if a user views content rendered in a specially crafted Embedded OpenType (EOT) font. Read more here.

  • (MS09-066) Vulnerability in Active Directory Could Allow Denial of Service (973309)

    Risk Rating: Important

    This update resolves a vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Read more here.

  • (MS09-067) Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

    Risk Rating: Important

    This update resolves several privately reported vulnerabilities in Microsoft Excel. These vulnerabilities could allow remote code execution if users open a specially crafted Excel file. Read more here.

  • (MS09-068) Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)

    Risk Rating: Important

    This update resolves several privately reported vulnerabilities in Microsoft Word. These vulnerabilities could allow remote code execution if users open a specially crafted Word file. Read more here.


Patch Information:

Trend Micro clients using OfficeScan with Intrusion Defense Firewall (IDF) may refer to the table below for the pattern filter identifier(s):
 
Search for another Security Advisory
Keyword: