Post By Martin 0 Comments
March 2009 11

Microsoft patches for March

http://www.microsoft.com/technet/security/bulletin/ms09-mar.mspx

This bulletin summary lists security bulletins released for March 2009.

With the release of the bulletins for March 2009, this bulletin summary replaces the bulletin advance notification originally issued March 5, 2009. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Bulletin ID Bulletin Title and Executive Summary Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
MS09-006
 Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)

This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system.
 Critical
Remote Code Execution
 Requires restart
 Microsoft Windows
 
MS09-007
 Vulnerability in SChannel Could Allow Spoofing (960225)

This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means.
 Important
Spoofing
 Requires restart
 Microsoft Windows
 
MS09-008
 Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)

This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.
 Important
Spoofing
 Requires restart
 Microsoft Windows
 
Time to download those updates for your Microsoft Windows servers/pcs. As ever run the patches on a test server/pc first to check it doesn’t affect your applications and remember to organize the list of systems in scope to apply the patches.

Related posts:

  1. Microsoft Patches for March A quick reminder about security patching your estate whether it’s...
  2. Microsoft Patches for September http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx This bulletin summary lists security bulletins released for September...
  3. Microsoft Security patches for December to be announced http://www.microsoft.com/technet/security/bulletin/ms09-dec.mspx Microsoft Security Bulletin Advance Notification issued: December 3, 2009...
  4. Microsoft Security Patches for July Microsoft This advance notification provides the software subject (and possibly...
  5. Microsoft Patches for June 2009 Microsoft Published: June 9, 2009 | Updated: June 10, 2009...

Related posts brought to you by Yet Another Related Posts Plugin.

Bookmark and Share

Leave a Reply