Published: 2009-04-16T17:22+00:00    Last Updated: 2009-07-26T03:06+00:00

Microsoft Updates for Multiple Vulnerabilities (TA09-104A)


Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Windows Server, and ISA Server.

Event Information

Date (UTC)Description
2009-04-17 18:29 Symantec
ThreatCON (2) => (1)
On April 14, 2009, Microsoft released eight security bulletins to address a number of vulnerabilities. No widespread malicious activity targeting these issues has been identified.
2009-04-15 01:30 Fortinet, Inc.
FGA-2009-16: Microsoft Office Excel Memory Corruption Vulnerability
Memory Corruption Vulnerability (CVE-2009-0100)
The vulnerability lies in "excel.exe", which is used when processing an Excel file. A maliciously crafted document will cause Excel to crash when processing. The crash occurs while calculating memory using an offset and a two-byte value contained in the document. If the two-byte value is set to a high value, an overflow condition will occur during memory calculation.
2009-04-15 00:59 JPCERT/CC
JPCERT-AT-2009-0007: March 2009 Microsoft Security Bulletin (including one critical patche)
2009-04-14 22:34 Microsoft
Microsoft Security Advisory (968272): Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
Memory Corruption Vulnerability (MS09-009, CVE-2009-0238)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-009 to address this issue.
2009-04-14 22:34 Microsoft
Microsoft Security Advisory (953818): Blended Threat from Combined Attack Using Apple