US-CERT Technical Cyber Security Alert TA09-104A -- Microsoft Updates for Multiple Vulnerabilities




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA09-104A


Microsoft Updates for Multiple Vulnerabilities

Original release date: April 14, 2009
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Office
* Microsoft Windows Server
* Microsoft ISA Server


Overview

Microsoft has released updates that address vulnerabilities in
Microsoft Windows, Office, Windows Server, and ISA Server.


I. Description

As part of the Microsoft Security Bulletin Summary for April 2009,
Microsoft released updates to address vulnerabilities that affect
Microsoft Windows, Office, Windows Server, and ISA Server.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code,
gain elevated privileges, or cause a vulnerable application to
crash.


III. Solution

Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for April 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).


IV. References

* Microsoft Security Bulletin Summary for April 2009 -
<http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx>

* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA09-104A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@xxxxxxxx> with "TA09-104A Feedback VU#999892" in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2009 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

April 14, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2
rM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3
T98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu
H+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT
1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK
Vaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ==
=q59/
-----END PGP SIGNATURE-----



Relevant Pages