[BigFix-Announcements-Japan] BES Auto Notification: New Fixlets Published in Fixlet Site: PatchesforWindows(Japanese)
autonotify at bigfix.com
autonotify at bigfix.com
Thu Nov 12 02:30:22 PST 2009
Fixlet Site - PatchesforWindows(Japanese)
Current Version: 320 Published: Thu, 12 Nov 2009 00:06:43 GMT
New Fixlets:
============
***************************************************************
Title: MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution - JScript 5.7 - Windows 2000 SP4 (Japanese)
Severity: Critical
Fixlet ID: 904561
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-045.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in the JScript scripting engine that could allow remote code execution if a user opened a specially crafted file or visited a specially crafted Web site and invoked a malformed script. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution - JScript 5.7 - Windows 2000 SP4 - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 904562
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-045.mspx
***************************************************************
Title: MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - Audio Compression Manager - Microsoft Windows 2000 SP4 (v2, re-released 11/10/2009) (Japanese)
Severity: Critical
Fixlet ID: 905161
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-051.mspx
Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: This patch was re-released on November 10, 2009 to address detection issues with the original patch. The action below deploys the revised version of the patch. This Fixlet message will not become relevant if the original version of the patch is installed. See the FAQ section of the security bulletin for more information.
***************************************************************
Title: MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - Audio Compression Manager - Microsoft Windows 2000 SP4 (v2, re-released 11/10/2009) - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 905162
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-051.mspx
***************************************************************
Title: MS09-063: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution - Windows Vista Gold/SP1/SP2 (Japanese)
Severity: Critical
Fixlet ID: 906301
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-063.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-063: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution - Windows Vista Gold/SP1/SP2 (x64) (Japanese)
Severity: Critical
Fixlet ID: 906303
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-063.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-063: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution - Windows Server 2008 Gold/SP2 (Japanese)
Severity: Critical
Fixlet ID: 906305
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-063.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-063: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution - Windows Server 2008 Gold/SP2 (x64) (Japanese)
Severity: Critical
Fixlet ID: 906307
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-063.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-064: Vulnerability in License Logging Server Could Allow Remote Code Execution - Windows 2000 SP4 (Japanese)
Severity: Critical
Fixlet ID: 906401
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-064.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-064: Vulnerability in License Logging Server Could Allow Remote Code Execution - Windows 2000 SP4 - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 906402
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-064.mspx
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows 2000 SP4 (Japanese)
Severity: Critical
Fixlet ID: 906501
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows 2000 SP4 - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 906502
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows XP SP2/SP3 (Japanese)
Severity: Critical
Fixlet ID: 906503
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows XP SP2/SP3 - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 906504
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows XP SP2 (x64) (Japanese)
Severity: Critical
Fixlet ID: 906505
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows XP SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 906506
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2003 SP2 (Japanese)
Severity: Critical
Fixlet ID: 906507
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 906508
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) (Japanese)
Severity: Critical
Fixlet ID: 906509
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Critical
Fixlet ID: 906510
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Vista Gold/SP1/SP2 (Japanese)
Severity: Important
Fixlet ID: 906511
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Vista Gold/SP1/SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 906513
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2008 Gold/SP2 (Japanese)
Severity: Important
Fixlet ID: 906515
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2008 Gold/SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 906517
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - Active Directory - Windows 2000 SP4 (Japanese)
Severity: Important
Fixlet ID: 906601
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - Active Directory - Windows 2000 SP4 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906602
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows XP SP2/SP3 (Japanese)
Severity: Important
Fixlet ID: 906603
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows XP SP2/SP3 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906604
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows XP SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 906605
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows XP SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906606
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - Active Directory - Windows Server 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 906607
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - Active Directory - Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906608
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows Server 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 906609
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906610
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - AD - Windows Server 2003 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 906611
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - AD - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906612
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows Server 2003 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 906613
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - ADAM - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 906614
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - AD/ AD LDS - Windows Server 2008 Gold/SP2 (Japanese)
Severity: Important
Fixlet ID: 906615
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-066: Vulnerability in Active Directory Could Allow Denial of Service - AD / AD LDS - Windows Server 2008 Gold/SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 906617
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) (Japanese)
Severity: Important
Fixlet ID: 906701
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Office XP SP3 (Administrative Install) (Japanese)
Severity: Important
Fixlet ID: 906703
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Office 2003 SP3 (Local/Network Install) (Japanese)
Severity: Important
Fixlet ID: 906706
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Office 2003 SP3 (Administrative Install) (Japanese)
Severity: Important
Fixlet ID: 906708
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Office 2007 SP1/SP2 (Japanese)
Severity: Important
Fixlet ID: 906711
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Excel Viewer 2003 SP3 (Japanese)
Severity: Important
Fixlet ID: 906731
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Excel Viewer 2007 SP1/SP2 (Japanese)
Severity: Important
Fixlet ID: 906736
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution - Compatibility Pack for Word, Excel, and PowerPoint 2007 SP1/SP2 (Japanese)
Severity: Important
Fixlet ID: 906761
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-067.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS09-068: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution - Office 2003 SP3 (Local/Network Install) (Japanese)
Severity: Important
Fixlet ID: 906811
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-068.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-068: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution - Office 2003 SP3(Administrative Install) (Japanese)
Severity: Important
Fixlet ID: 906813
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-068.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS09-068: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) (Japanese)
Severity: Important
Fixlet ID: 906816
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-068.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-068: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution - Office XP SP3 (Administrative Install) (Japanese)
Severity: Important
Fixlet ID: 906818
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-068.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
***************************************************************
Title: MS09-068: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution - Office Word Viewer 2003 SP3 / 2007 (Japanese)
Severity: Important
Fixlet ID: 906836
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-068.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }
More information about the BigFix-Announcements-Japan
mailing list