[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: EnterpriseSecurity

autonotify at bigfix.com autonotify at bigfix.com
Thu Dec 24 02:00:39 PST 2009 

Fixlet Site - EnterpriseSecurity
Current Version: 1309	Published: Thu, 24 Dec 2009 01:49:32  GMT

New Fixlets:
============

***************************************************************
Title: MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution - Visual Studio 2008 - CORRUPT PATCH
Severity: Moderate
Fixlet ID: 903508
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-035.mspx

***************************************************************
Title: MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution - Visual Studio 2008 SP1 - CORRUPT PATCH
Severity: Moderate
Fixlet ID: 903510
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-035.mspx

***************************************************************
Title: MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution - Visual Studio 2008 (Mobile Applications Using ATL for Smart Devices) - CORRUPT PATCH
Severity: Moderate
Fixlet ID: 903538
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-035.mspx

***************************************************************
Title: MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution - Visual Studio 2008 SP1 (Mobile Applications Using ATL for Smart Devices) - CORRUPT PATCH
Severity: Moderate
Fixlet ID: 903540
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-035.mspx

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows 2000 SP4
Severity: <Unspecified>
Fixlet ID: 95575901
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7.

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows 2000 SP4 - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 95575902
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows Server XP SP2/SP3
Severity: <Unspecified>
Fixlet ID: 95575903
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7.

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows Server XP SP2/SP3 - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 95575904
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows Server 2003 SP2
Severity: <Unspecified>
Fixlet ID: 95575905
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7.

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows Server 2003 SP2 - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 95575906
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows XP SP2 (x64)
Severity: <Unspecified>
Fixlet ID: 95575907
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7.

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows XP SP2 (x64) - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 95575908
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows Server 2003 SP2 (x64)
Severity: <Unspecified>
Fixlet ID: 95575909
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7.

***************************************************************
Title: Security Advisory 955759: AppCompat Update for Indeo Codec - Windows Server 2003 SP2 (x64) - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 95575910
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

***************************************************************
Title: Security Advisory 976138: Quartz update for the Indeo Codec - DirectX 9 - Windows 2000 SP4
Severity: <Unspecified>
Fixlet ID: 97613801
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: Security Advisory 976138: Quartz update for the Indeo Codec - DirectX 9 - Windows 2000 SP4 - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 97613802
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

***************************************************************
Title: Security Advisory 976138: Quartz update for the Indeo Codec - DirectX 7 - Windows 2000 SP4
Severity: <Unspecified>
Fixlet ID: 97613803
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

Fixlet Description: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code remote code execution when opening specially crafted media content. The update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player. The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Microsoft encourages customers running supported editions of Microsoft Windows 2000, Windows XP, and Windows 2003 to review and install this update. By installing this update and deregistering the codec on these older operating systems, customers will have the same mitigations included in Windows Vista and Windows 7. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: Security Advisory 976138: Quartz update for the Indeo Codec - DirectX 7 - Windows 2000 SP4 - CORRUPT PATCH
Severity: <Unspecified>
Fixlet ID: 97613804
Fixlet Link: http://www.microsoft.com/technet/security/advisory/954157.mspx

More information about the BigFix-Announcements mailing list