CERT-In Advisory CIAD-2009-48
Multiple Vulnerabilities in Microsoft SMBv2, Windows Media Runtime, Windows Media Player, Internet Explorer, Microsoft Active Template Library (ATL) ActiveX Controls,Microsoft .NET Common Language Runtime, Graphic Device Interchange (GDI+), IIS FTP Service, Windows CryptoAPI, Indexing Service, Windows Kernel, Windows Local Security Authority Subsystem Service (LSASS)
Original issue date:
October 15, 2009
Systems Affected
- Windows 2000 SP4
- Microsoft Windows XP
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 x64 Edition
- Windows Server 2003 for Itanium-based Systems
- Windows Vista
- Windows Vista x64 Edition
- Windows Server 2008
- Windows Server 2008 x64-based Systems
- Windows Server 2008 for Itanium-based Systems
- Windows 7
- Windows 7 x64 Edition
- Windows Server 2008 R2 x64 Edition
- Windows Server 2008 R2 for Itanium-based Systems
Components affected
- Internet Explorer
- Microsoft Office
- Microsoft Outlook
- Microsoft Office Visio Viewer
- Microsoft .NET Framework
- Microsoft Internet Information Services
Overview
Multiple vulnerabilities have been reported in various
Microsoft SMBv2, Windows Media Runtime, Windows Media Player, Internet Explorer, Microsoft Active Template Library (ATL) ActiveX Controls,Microsoft .NET Common Language Runtime, Graphic Device Interchange (GDI+), IIS FTP Service, Windows CryptoAPI, Indexing Service, Windows Kernel, Windows Local Security Authority Subsystem Service (LSASS) .
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS09-050: Vulnerabilities in SMBv2 Could Allow Remote Code Execution |
High |
CIVN-2009-120:
Multiple Vulnerabilities in Microsoft SMBv2 could allow Remote Code Execution
|
| MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution |
High |
CIVN-2009-121:
Multiple Remote Code Execution vulnerabilities in Windows Media Runtime |
| MS09-052: Vulnerability in Windows Media Player Could Allow Remote Code Execution |
High |
CIVN-2009-111:
(Updated: October
15, 2009)
Microsoft Windows Media Player 6.4 Heap Overflow Vulnerability |
| MS09-053: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution |
Medium |
CIVN-2009-107:
(Updated: October
15, 2009)
Multiple Vulnerabilities in Microsoft IIS FTP Service |
| MS09-054: Cumulative Security Update for Internet Explorer |
High |
CIVN-2009-122:
Microsoft Internet Explorer Remote Code Execution Vulnerabilities |
| MS09-055: Cumulative Security Update of ActiveX Kill Bits |
High |
CIVN-2009-123:
Microsoft Windows Active X Control ATL " OleLoadFromStream ()" Vulnerability |
| MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing |
Medium |
CIVN-2009-124:
Microsoft Windows CryptoAPI Integer Overflow Spoofing Vulnerabilities |
| MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution |
High |
CIVN-2009-125:
Microsoft Indexing Service ActiveX Control Memory Corruption Vulnerability |
| MS09-058: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege |
Medium |
CIVN-2009-126:
MultiMultiple Vulnerabilities in Microsoft Windows Kernel |
| MS09-059: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service |
Medium |
CIVN-2009-127:
Microsoft Windows Local Security Authority Subsystem Service (LSASS) Integer Underflow Denial of Service Vulnerability |
| MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution |
High |
CIVN-2009-128:
Multiple Vulnerabilities in Microsoft Office Active Template Library |
| MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution |
High |
CIVN-2009-129:
Multiple Vulnerabilities in Microsoft .NET Common Language Runtime |
| MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution |
High |
CIVN-2009-130:
Multiple Remote Code Execution Vulnerabilities in Microsoft Graphic Device Interchange (GDI+) |
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin October 2009
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
