November 2009 Security Bulletin ReleaseMicrosoft released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word). Only one of the three vulnerabilities (CVE-2009-2514) is critical. That vulnerability only affects Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 (it does not affect Windows Vista or Windows Server 2008 so if you are using either of these platforms, you can lower the deployment priority to a two). The vulnerability was publicly disclosed and could be used to create a malicious web page which could potentially exploit vulnerable systems just by visiting the website. The other two vulnerabilities are Elevation of Privilege (EoP) which would require the attacker to have valid logon credentials in order to be able to exploit. Adrian Stone from the Microsoft Security Response Center (MSRC) and I give a brief overview of this month’s bulletin release in the video, listening and viewing options: Windows Media Video (WMV) Windows Media Audio (WMA) iPod Video (MP4) MP3 Audio High Quality WMV (2.5 Mbps) Zune Video (WMV) The Microsoft Malware Protection Center (MMPC) team has added Win32/fakevimes and Win32/privacycenter to the Windows Malicious Software Removal Tool (MSRT) this month Full story at source: The Microsoft Security Response Center (MSRC) November 2009 Security Bulletin Release
Send via e-mail | Submit to Digg | Add to Live Favorites
http://feeds.bink.nu/~r/binkdotnu/~3/V1cMaLO-yOg/november-2009-security-bulletin-release.aspx
