Thursday, June 11, 2009

Microsoft Patch Release Fixes 31 Security Vulnerabilities



Microsoft made available no less than 10 security bulletins resolving 31 Security vulnerabilities across a range of products. Out of the 10 patch packages no less than six impact releases of Windows client and server operating systems. Microsoft also issued a cumulative security bulletin for Internet Explorer, and updates for Office Word, Office Excel
and Works Converters. Two of the bulletins for Windows are rated as Critical, three have been deemed Important and the remaining one just Moderate. The rest of security update packages all received the maximum severity rating of Critical.

Here is a List Of 10 Security Bulletins:

  1. MS09-018 (Maximum severity of Critical): This update resolves two newly discovered and privately reported vulnerabilities in Windows, which could allow remote code execution. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.
  2. MS09-019 (Maximum severity of Critical): This update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer, which could allow remote code execution. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.
  3. MS09-020 (Maximum severity of Important): This update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS), which could allow an elevation of privilege. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.
  4. MS09-021 (Maximum severity of Critical): This update resolves seven privately reported vulnerabilities in Microsoft Office Excel, which could allow remote code execution. This bulletin is rated Critical for Microsoft Office 2000 only and Important for all subsequent versions. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.
  5. MS09-022 (Maximum severity of Critical): This update resolves three privately reported vulnerabilities in Windows Print Spooler, which could allow remote code execution. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.
  6. MS09-023 (Maximum severity of Moderate): This update resolves a privately reported vulnerability in Windows Search, which could allow information disclosure. This update received a rating of 3 from Microsoft’s Exploitability Index.
  7. MS09-024 (Maximum severity of Critical): This update resolves a privately reported vulnerability in the Microsoft Works converters, which could allow remote code execution. This bulletin is rated Criticalfor Microsoft Office 2000 only and Important for all subsequent versions. This update received a rating of 1 from Microsoft’s Exploitability Index.
  8. MS09-025 (Maximum severity of Important): This update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel, which could allow remote code execution. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.
  9. MS09-026 (Maximum severity of Important): This update resolves a publicly disclosed vulnerability in remote procedure call (RPC) facility, which could allow an attacker to execute arbitrary code and take complete control of an affected system. This update received a rating of 2 from Microsoft’s Exploitability Index.
  10. MS09-027 (Maximum severity of Critical): This update resolves two privately reported vulnerabilities in Microsoft Office Word, which could allow remote code execution. This bulletin is rated Critical forMicrosoft Office 2000 only and Important for all subsequent versions. This update received an aggregated rating of 1 from Microsoft’s Exploitability Index.

0 Responses to “Microsoft Patch Release Fixes 31 Security Vulnerabilities”