National Cyber Alert System
Technical Cyber Security Alert TA09-314A
Microsoft Updates for Multiple Vulnerabilities
Original release date: Last revised: — Source: US-CERT
Systems Affected
* Microsoft Windows and Windows Server * Microsoft Office Word and Excel
Overview
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server and Office Word and Excel.
I. Description
Microsoft has released multiple security bulletins for critical vulnerabilities in Microsoft Windows and Windows Server and Office Word and Excel. These bulletins are described in the Microsoft Security Bulletin Summary for November 2009.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash.
III. Solution
Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for November 2009 -
* Microsoft Windows Server Update Services -
____________________________________________________________________
The most recent version of this document can be found at:
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send email to with “TA09-314A Feedback VU#825685″ in the subject. ____________________________________________________________________
For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
____________________________________________________________________
Revision History November 10, 2009: Initial release
—–BEGIN PGP SIGNATURE—– Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSvnpitucaIvSvh1ZAQLgdggAhWgMY33A80XxEvDBnudIxLPxxaWghAa0 x93joYG1l4JOoBQIyMhR+dlbGI2NL/Sxabsg2/Mh/5lO4h2wbKNkd2mdXdeWXvsP CpJqM6AhZ/88dfCtpXWNoV362sRJJvSjXuyatDvLjzGJUb9PBk8jiOki806X+MVO VL72ytlODYIPU2bDAl2YhTq6qWX0wjXn100Y8BDX+a+hvrz+0gFF37i7ImO8fLCC PPrPpFRHN7pjcARmFMACCDk99wWUu7EwymjgXQGB+E0Hs2rJOigokEcNm1JguQvI kFE05iDOXVdSOldf2WTx/CFViTIif/f2IRz1Z+59RTZ0oLoeCj6HdA== =06SV —–END PGP SIGNATURE—–
