clip_image002
It’s that time again.  Time to patch those systems and get up to date.  This month we have 13 security updates.  Please make sure you check out the details below and apply them to you environments where appropriate.

Bulletin ID Bulletin Title Maximum Severity Vulnerability Impact Restart Requirement Affected Software
MS09-050 Vulnerabilities in SMBv2 Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Microsoft Windows Vista and Windows Server 2008
MS09-051 Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-052 Vulnerability in Windows Media Player Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Windows 2000, Windows XP, and Windows Server 2003
MS09-053 Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution Important Remote Code Execution May Require Restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-054 Cumulative Security Update for Internet Explorer Critical Remote Code Execution Requires Restart Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
MS09-055 Cumulative Security Update of ActiveX Kill Bits Critical Remote Code Execution May Require Restart Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
MS09-056 Vulnerabilities in Windows CryptoAPI Could Allow Spoofing Important Spoofing Requires Restart Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
MS09-057 Vulnerability in Indexing Service Could Allow Remote Code Execution Important Remote Code Execution Requires Restart Microsoft Windows 2000, Windows XP, and Windows Server 2003
MS09-058 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege Important Elevation of Privilege Requires Restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-059 Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service Important Denial of Service Requires Restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
MS09-060 Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Office Outlook 2002, Outlook 2003, Outlook 2007, Visio Viewer 2002, Visio Viewer 2003, and Visio Viewer 2007
MS09-061 Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, and Microsoft Silverlight 2
MS09-062 Vulnerabilities in GDI+ Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Microsoft Windows, Microsoft Office, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront

If you would like a summary of all these bulletins you can get them at: http://www.microsoft.com/technet/security/bulletin/MS09-oct.mspx

Microsoft Windows Malicious Software Removal Tool

We are also releasing an updated version of the Windows Malicious Software Removal tool on Windows Server Update Services and Windows Update.  You can get more information about this tool at: http://support.microsoft.com/?kbid=890830

It’s quite a big update this month so I recommend you look at these updates closely and apply them where needed.  And as always make sure you keep up to date with the Microsoft Security Response Center Blog as they have heaps of good information.

Jeffa