Published: 2009-10-17T12:42+00:00
Last Updated: 2009-11-17T00:09+00:00
JVNTR-2009-23
Microsoft Updates for Multiple Vulnerabilities (TA09-286A)
Overview
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront.
Event Information
Date (UTC) | Description |
2009-10-16 03:33 |
NSFOCUS NSFOCUS Security Advisory (SA2009-03): Windows Kernel Malformed PE File Remote DoS Vulnerability Windows Kernel NULL Pointer Dereference Vulnerability (CVE-2009-2516, MS09-058) Windows kernel will parse and process the accessed PE files. When traversing the chains the kernel does not correctly validate if the pointer is NULL, therefore carefully crafted PE files might trigger access to illegal memory addresses within the kernel, leading to BSOD of system restart. Locally logged in users can also gain privilege escalation by exploiting this vulnerability. |
2009-10-14 02:33 |
JPCERT/CC JPCERT-AT-2009-0020: October 2009 Microsoft Security Bulletin (eight critical patches) |
2009-10-14 00:10 |
Microsoft Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services IIS FTP Service DoS Vulnerability (CVE-2009-3023, MS09-053) IIS FTP Service RCE and DoS Vulnerability (CVE-2009-3023, MS09-053) Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-053 to address this issue. |
2009-10-14 00:10 |
Microsoft Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution SMBv2 Negotiation Vulnerability (CVE-2009-3103, MS09-050) Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-050 to address this issue. |
2009-10-13 22:09 |
Microsoft ms09-oct: Microsoft Security Bulletin Summary for October 2009 Included in this advisory are updates for newly discovered vulnerabilities. |
2009-10-13 20:29 |
SANS Internet Storm Center Microsoft October 2009 Black Tuesday Overview Overview of the October 2009 Microsoft patches and their status. |
2009-10-13 18:59 |
Symantec ThreatCON (2) => (2) Microsoft has released the scheduled security bulletins for October. Eight updates have a maximum severity rating of 'Critical'. Five updates are rated 'Important'. |
2009-10-13 18:50 |
US-CERT TA09-286A: Microsoft Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
2009-10-13 17:37 |
US-CERT Microsoft Releases October Security Bulletin US-CERT Current Activity Microsoft has released an update to address vulnerabilities in Microsoft Windows, Silverlight, Internet Explorer, .NET Framework, Office, SQL Server, Developer Tools, and Forefront as part of the Microsoft Security Bulletin Summary for October 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, cause a denial-of-service condition, or spoof an end user or website. |
2009-10-08 20:47 |
Microsoft ms09-oct: Microsoft Security Bulletin Advance Notification for October 2009 Included in this advisory are updates for newly discovered vulnerabilities. |
2009-09-16 16:45 |
Symantec ThreatCON (2) => (2) There is a vulnerability in the SMBv2 service of Windows Vista and Windows Server 2008. No patches are available. Customers are advised to follow recommended mitigating strategies. |
2009-09-09 12:20 |
US-CERT Microsoft Releases Security Advisory 975497 US-CERT Current Activity Microsoft has released security advisory 975497 to address reports of a vulnerability in Microsoft Server Message Block. The vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. |
2009-09-09 11:54 |
SANS Internet Storm Center Vista/2008/Windows 7 SMB2 BSOD 0Day (Version: 3) We have received a report from Tyler that a vulnerability affecting Microsoft SMB2 can be remotely crashed with proof-of-concept code that has been published yesterday and a Metasploit module is out. |
2009-09-09 02:14 |
Microsoft Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution Advisory published. Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation. |
2009-09-08 13:41 |
SANS Internet Storm Center Microsoft Security Advisory 975191 Revised Not surprisingly Microsoft have revised their security advisory letting us know that there have been reports of incidents where this exploit was used to compromise systems. This might seem counter intuitive as the exploit code was public prior to the advisory coming out. |
2009-09-08 01:50 |
Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. |
2009-09-07 |
[Updated]Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. |
2009-09-04 03:29 |
SANS Internet Storm Center Vulnerabilities (plural) in MS IIS FTP Service 5.0, 5.1. 6.0, 7.0 Microsoft has published an advisory on multiple vulnerabilities in the Microsoft FTP services bundled with IIS 5.0, IIS 5.1, IIS 6.0 or IIS 7.0. At this time arbitrary remote code execution only works against IIS 5.0 running on Windows 2000 fully patched. |
2009-09-03 21:53 |
Bugtraq Microsoft Internet Information Services 5.0/6.0 FTP SERVER DENIAL OF SERVICE ("Stack Exhaustion") Vulnerability Proof Of Concept (CVE-2009-2521) #Tested: cpe:/a:microsoft:iis:5.0 #Tested: cpe:/a:microsoft:iis:6.0 |
2009-09-02 16:52 |
Symantec ThreatCON (1) => (1) Reliable exploits are now available for an unpatched vulnerability affecting the Microsoft IIS FTP server. Disable write access to anonymous users to prevent exploitation. If possible, disable anonymous access entirely. |
2009-09-02 03:04 |
SANS Internet Storm Center Microsoft IIS 5/6 FTP 0Day released (Version: 2) We are aware of a new 0-day exploit that was posted on Milw0rm today. According the exploit, it was suppose to work on both IIS 5.0 and 6.0, on the FTP module. |
2009-09-02 01:59 |
Microsoft Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services Advisory published. Microsoft is investigating new public reports of a vulnerability in the FTP Service in Microsoft IIS 5.0, Microsoft IIS 5.1, and Microsoft IIS 6.0. |
2009-09-01 |
Bugtraq Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4) Vulnerability Proof Of Concept (CVE-2009-3023) #Cid: iiz5.pl #Cid: 36189-2.pl #Tested: cpe:/a:microsoft:iis:5.0 |
2009-08-31 18:27 |
US-CERT Microsoft Internet Information Services (IIS) FTP Service Vulnerability US-CERT Current Activity US-CERT is aware of a public report of a vulnerability affecting the Microsoft Internet Information Services (IIS) FTP service. This vulnerability may allow a remote attacker to execute arbitrary code. |
2009-08-31 |
Bugtraq Microsoft IIS 5.0/6.0 FTP Server Remote Stack Overflow Exploit (win2k) Vulnerability Proof Of Concept (CVE-2009-3023) #Cid: iiz5.pl #Cid: 36189.pl #Tested: cpe:/a:microsoft:iis:5.0 |
2009-06-23 |
Zero Day Initiative (ZDI) ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability Uninitialized Memory Corruption Vulnerability (CVE-2009-2531, MS09-054) Vulnerability Reported The specific flaw exists in the parsing of CSS style information. When a writing-mode style is used with a specific combination of HTML tags, memory corruption occurs. Exploitation of this vulnerability will lead to remote system compromise under the credentials of the currently logged in user. |
2009-06-23 |
Zero Day Initiative (ZDI) ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability Uninitialized Memory Corruption Vulnerability (CVE-2009-2530, MS09-054) Vulnerability Reported The specific flaw exists within the copy constructor for a specific DOM object. When duplicated, more than one reference can be made of anything assigned to it's properties. When the variable/object goes out of scope, these properties will be deallocated twice. This results in a heap corruption which can lead to code execution under the context of the current user. |
2008-04-25 |
iDefense Microsoft Office Drawing Format Shape Properties Memory Corruption Vulnerability Memory Corruption Vulnerability (CVE-2009-2528, MS09-062) Vulnerability Reported The vulnerability occurs when parsing the msofbtOPT Office Drawing record type. This record is used to provide default values for shape properties. By inserting a specially crafted property ID, it is possible to corrupt heap memory and overwrite an object pointer. |
2008-04-16 |
Zero Day Initiative (ZDI) ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability Windows Media Runtime Voice Sample Rate Vulnerability (CVE-2009-0555, MS09-051) Vulnerability Reported The specific flaw exists in the handling of Windows media audio files. When specifying a malicious sample rate for a Windows Media Voice frame, memory corruption can occur. Successful exploitation of this vulnerability can lead to remote compromise of the affected system under the credentials of the currently logged in user. |
2008-02-07 |
Zero Day Initiative (ZDI) ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability GDI+ TIFF Memory Corruption Vulnerability (CVE-2009-2503, MS09-062) Vulnerability Reported The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted TIFF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user. |
2007-12-17 15:00 |
iDefense Microsoft Windows GDI+ TIFF File Parsing Buffer Overflow Vulnerability GDI+ TIFF Buffer Overflow Vulnerability (CVE-2009-2502, MS09-062) Vulnerability Reported This vulnerability occurs when parsing a malformed TIFF file. By supplying incorrect values in a BitsPerSample tag, it is possible to trigger a heap based buffer overflow. |