US-CERT Technical Cyber Security Alert TA09-286A -- Microsoft Updates for Multiple Vulnerabilities

[US-CERT Technical Alerts <technical-alerts@xxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA09-286A


Microsoft Updates for Multiple Vulnerabilities

   Original release date: 
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Windows and Windows Server
     * Microsoft Internet Explorer
     * Microsoft Office
     * Microsoft .NET Framework
     * Microsoft Silverlight
     * Microsoft SQL Server
     * Microsoft Developer Tools
     * Microsoft Forefront


Overview

   Microsoft has released updates to address vulnerabilities in
   Microsoft Windows and Windows Server, Internet Explorer, Office,
   .NET Framework, Silverlight, SQL Server, Developer Tools, and
   Forefront.


I. Description

   Microsoft has released multiple security bulletins for critical
   vulnerabilities in Microsoft Windows and Windows Server, Internet
   Explorer, Office, .NET Framework, Silverlight, SQL Server,
   Developer Tools, and Forefront. These bulletins are described in
   the Microsoft Security Bulletin Summary for October 2009.


II. Impact

   A remote, unauthenticated attacker could execute arbitrary code,
   gain elevated privileges, or cause a vulnerable application to
   crash.


III. Solution

   Apply updates from Microsoft
   
   Microsoft has provided updates for these vulnerabilities in the
   Microsoft Security Bulletin Summary for October 2009. The security
   bulletin describes any known issues related to the updates.
   Administrators are encouraged to note these issues and test for any
   potentially adverse effects. Administrators should consider using
   an automated update distribution system such as Windows Server
   Update Services (WSUS).


IV. References

 * Microsoft Security Bulletin Summary for October 2009 -
   <http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx>

 * Microsoft Windows Server Update Services -
   <http://technet.microsoft.com/en-us/wsus/default.aspx>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA09-286A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@xxxxxxxx> with "TA09-286A Feedback VU#788021" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2009 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
  
  October 13, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBStTKrtucaIvSvh1ZAQL82wf+PgEKeQvhJ5HQGJ3S0/VzCP7/PzauiWrW
Zm/l1mlzOpp6F81G35xHfnOXJ9pY5/rv5Ez80ME8mQrYi8K0IHiA24mHBXu9vFSk
crtGkpGGqvrPRxJbuC+otsy8wtYzAu6fa6np3FF+fGFCvhAuf5kzfEMHR79BNC4A
04Lz7zJvO+7w+y4mt4lbfc7FJnoPm5kIFu3hQV2KmsnATipYUB8gVVqb6mpkCsbR
aIbgKdyXFWeLiQVPN3bwUt4yE0FnpWT89eZCANdFtOSHVl2ff3cumR9YB1mHDUbQ
8qomBgx1goC2DlRRcX0EpyJp1+4fLl1pnuHD1Qtt1LTYyZ+sTq566g==
=sbjN
-----END PGP SIGNATURE-----