October, 2009

  • October 2009 Bulletin Release Advance Notification

    Advance Notification for the October 2009 Security Bulletin Release For October we are releasing 13 bulletins (eight critical and five important), addressing 34 vulnerabilities, affecting Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server. Most of these updates require a restart so please factor that into your deployment planning. Among the updates this month, we are closing out two current security advisories: · Vulnerabilities in SMB Could Allow...
  • October 2009 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for October 2009 This month, we released 13 new bulletins which address 33 vulnerabilities in Windows, Internet Explorer and Microsoft Office. Since we published this information in our advance notification (ANS) last Thursday, we have been asked “is this the most bulletins Microsoft has ever released”? The short answer to that question is yes. However, we have, on several occasions, released between 10 and 12 bulletins so this is business as usual...
  • Monthly Security Bulletin Webcast Q&A - October 2009

    Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: October 2009 Security Bulletin Date: Wednesday, October 14, 2009 Q: In reference to MS09-053 , are all Internet Information Services (IIS) servers affected or only IIS servers running File Transfer Protocol (FTP)? A: This bulletin only affects IIS servers running FTP. If you are not running the optional FTP service in IIS you are not...
  • October 2009 Security Bulletin Webcast Questions and Answers

    Hi everyone. We have posted the questions and answers from the security bulletin webcast we conducted on October 14 at this link . It was clear from all of the questions concerning MS09-062 (the GDI+ update) that there is some confusion on how to apply the update when you have a combination of SQL Server and Windows 2000 clients. To clarify what the bulletin states, if you do not have any Windows 2000 SP4 clients on your network then you do not need to apply the SQL Server update that corresponds...