-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-286A Microsoft Updates for Multiple Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows and Windows Server * Microsoft Internet Explorer * Microsoft Office * Microsoft .NET Framework * Microsoft Silverlight * Microsoft SQL Server * Microsoft Developer Tools * Microsoft Forefront Overview Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront. I. Description Microsoft has released multiple security bulletins for critical vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront. These bulletins are described in the Microsoft Security Bulletin Summary for October 2009. II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for October 2009 - <http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA09-286A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@xxxxxxxx> with "TA09-286A Feedback VU#788021" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2009 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History October 13, 2009: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBStTKrtucaIvSvh1ZAQL82wf+PgEKeQvhJ5HQGJ3S0/VzCP7/PzauiWrW Zm/l1mlzOpp6F81G35xHfnOXJ9pY5/rv5Ez80ME8mQrYi8K0IHiA24mHBXu9vFSk crtGkpGGqvrPRxJbuC+otsy8wtYzAu6fa6np3FF+fGFCvhAuf5kzfEMHR79BNC4A 04Lz7zJvO+7w+y4mt4lbfc7FJnoPm5kIFu3hQV2KmsnATipYUB8gVVqb6mpkCsbR aIbgKdyXFWeLiQVPN3bwUt4yE0FnpWT89eZCANdFtOSHVl2ff3cumR9YB1mHDUbQ 8qomBgx1goC2DlRRcX0EpyJp1+4fLl1pnuHD1Qtt1LTYyZ+sTq566g== =sbjN -----END PGP SIGNATURE-----