-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-342A
Microsoft Updates for Multiple Vulnerabilities
Original release date:
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows and Windows Server
* Microsoft Internet Explorer
* Microsoft Office Word, Works, and Project
Overview
Microsoft has released updates to address vulnerabilities in
Microsoft Windows, Windows Server, Internet Explorer, and Microsoft
Office.
I. Description
Microsoft has released multiple security bulletins for critical
vulnerabilities in Microsoft Windows, Windows Server, Internet
Explorer, and Microsoft Office. These bulletins are described in
the Microsoft Security Bulletin Summary for December 2009.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code,
gain elevated privileges, or cause a vulnerable application to
crash.
III. Solution
Apply updates from Microsoft
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for December 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for December 2009 -
<http://www.microsoft.com/technet/security/bulletin/MS09-dec.mspx>
* Windows Server Update Services (WSUS) -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-342A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@xxxxxxxx> with "TA09-342A Feedback VU#115525" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
December 08, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSx7FNducaIvSvh1ZAQKrSAf8D8VDLEKQBRKIS4HDvfXLQfvtmmhvZTZ5
cO31zoBN7dJ6XlYriGWrRfcNYOgI0p/0U4JHwNpejTp7EbzQn/hfsrlGidPl+1fo
RP7vfE1SFeQkPi4XXmmvn7wY+Nwe7N/7hq1WSyjB+DMyyq+9zLs5d5AgoK9FuLsi
2N8Nt3T0SvYtnf2JMKDV3ktMqac0eTcZaxKu27111U3Vfl2ztBbIvugiq6546+XN
DyA6GXntz974ucGb6HE/bWYQv3ylwZuG6FEUsP/bapS0tGVbyrkWezfK7TTAjIdj
YnAUTiQVTmVAoq47jfGDC9jLzUTqK1E+3DAg7rX+Rbqx4weKfq4KyQ==
=4OZK
-----END PGP SIGNATURE-----
