Fixlet Site - EnterpriseSecurity
Current Version: 1177	Published: Tue, 12 May 2009 22:41:59  GMT

New Fixlets:
============

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office 2000 SP3 (Local Install)
Severity: Critical
Fixlet ID: 901701
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office 2000 SP3 (Network Install)
Severity: Critical
Fixlet ID: 901702
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office 2000 SP3 (Administrative Install)
Severity: Critical
Fixlet ID: 901703
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install)
Severity: Important
Fixlet ID: 901706
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office XP SP3 (Administrative Install)
Severity: Important
Fixlet ID: 901708
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office 2003 SP3 (Local/Network Install)
Severity: Important
Fixlet ID: 901711
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office 2003 SP3 (Administrative Install)
Severity: Important
Fixlet ID: 901713
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office 2007 SP1/SP2
Severity: Important
Fixlet ID: 901716
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - PowerPoint Viewer 2003
Severity: Important
Fixlet ID: 901726
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - PowerPoint Viewer 2007 SP1/SP2
Severity: Important
Fixlet ID: 901731
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }

***************************************************************
Title: MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution - Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1/SP2
Severity: Important
Fixlet ID: 901736
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx

Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

document.body.onload = SetOfficeOverviewLink; function SetOfficeOverviewLink() { try { dashboardLink.innerHTML = EvaluateRelevance('"Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the " & link "Microsoft Office Overview Dashboard" of bes wizard whose (dashboard id of it = "office_overview.ojo" AND id of site of it = 2) as string & "."'); } catch (e) { dashboardLink.innerHTML = 'Note: For configuration controls and an overview of your Microsoft Office deployment(s), please see the Microsoft Office Overview Dashboard.'; } }