CERT-In Advisory CIAD-2009-14
Multiple Vulnerabilities in Windows Kernel, Secure Channel Security Package and Windows DNS and WINS Server
Original issue date:
March 12, 2009
Systems Affected
- Windows Server 2008
- Windows Vista
- Windows Server 2003
- Windows XP
- Windows 2000
- DNS Server Running on
- Windows 2000
- Windows Server 2003
- Windows Server 2008
Overview
Multiple vulnerabilities have been reported in various Microsoft products and components such as Windows Kernel, SChannel Security Package and Windows DNS and WINS Server.
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS09-006: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution |
High |
CIVN-2009-32:
Microsoft Windows Kernel Code Execution and Privilege Escalation Vulnerabilities
|
| MS09-007: Vulnerability in SChannel Could Allow Spoofing |
High |
CIVN-2009-33:
Microsoft Windows Secure Channel Security Package Authentication Bypass Vulnerability
|
| MS09-008: Vulnerabilities in DNS and WINS Server Could Allow Spoofing |
High |
CIVN-2009-34:
Multiple Vulnerabilities in Microsoft Windows DNS Server and WINS Server
|
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin March 2009
http://www.microsoft.com/technet/security/bulletin/ms09-mar.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms09-mar.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
