Fixlet Site - EnterpriseSecurity
Current Version: 1207	Published: Wed, 15 Jul 2009 02:19:44  GMT

New Fixlets:
============

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 7.0 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 902801
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 7.0 - Windows 2000 SP4 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902802
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 8.1 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 902803
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 8.1 - Windows 2000 SP4 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902804
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 902805
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows 2000 SP4 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902806
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows XP SP2/SP3
Severity: Critical
Fixlet ID: 902807
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows XP SP2/SP3 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902808
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows XP SP2 (x64)
Severity: Critical
Fixlet ID: 902809
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows XP SP2 (x64) - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902810
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows Server 2003 SP2
Severity: Critical
Fixlet ID: 902811
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows Server 2003 SP2 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902812
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows Server 2003 SP2 (x64)
Severity: Critical
Fixlet ID: 902813
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

Fixlet Description: Microsoft has released a security update that resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution - DirectX 9.0 - Windows Server 2003 SP2 (x64) - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902814
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-028.mspx

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows 2000 SP4
Severity: Critical
Fixlet ID: 902901
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows 2000 SP4 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902902
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows XP SP2/SP3
Severity: Critical
Fixlet ID: 902903
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows XP SP2/SP3 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902904
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows XP SP2 (x64)
Severity: Critical
Fixlet ID: 902905
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows XP SP2 (x64) - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902906
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Server 2003 SP2
Severity: Critical
Fixlet ID: 902907
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Server 2003 SP2 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902908
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64)
Severity: Critical
Fixlet ID: 902909
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) - CORRUPT PATCH
Severity: Critical
Fixlet ID: 902910
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Vista Gold/SP1/SP2
Severity: Critical
Fixlet ID: 902911
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Vista Gold/SP1/SP2 (x64)
Severity: Critical
Fixlet ID: 902913
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Server 2008 Gold/SP2
Severity: Critical
Fixlet ID: 902915
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows Server 2008 Gold/SP2 (x64)
Severity: Critical
Fixlet ID: 902917
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx

Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS09-030: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution - Publisher 2007 SP1
Severity: Important
Fixlet ID: 903001
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-030.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege - ISA Server 2006
Severity: Important
Fixlet ID: 903101
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2006. The vulnerability could allow elevation of privilege if an attacker successfully impersonates an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege - ISA Server 2006 - CORRUPT PATCH
Severity: Important
Fixlet ID: 903102
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

***************************************************************
Title: MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege - ISA Server 2006 w/Supportability Update
Severity: Important
Fixlet ID: 903103
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2006. The vulnerability could allow elevation of privilege if an attacker successfully impersonates an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege - ISA Server 2006 w/Supportability Update - CORRUPT PATCH
Severity: Important
Fixlet ID: 903104
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

***************************************************************
Title: MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege - ISA Server 2006 SP1
Severity: Important
Fixlet ID: 903105
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2006. The vulnerability could allow elevation of privilege if an attacker successfully impersonates an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege - ISA Server 2006 SP1 - CORRUPT PATCH
Severity: Important
Fixlet ID: 903106
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows 2000 SP4
Severity: N/A
Fixlet ID: 903201
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows 2000 SP4 - CORRUPT PATCH
Severity: N/A
Fixlet ID: 903202
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows XP SP2/SP3
Severity: Critical
Fixlet ID: 903203
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows XP SP2/SP3 - CORRUPT PATCH
Severity: Critical
Fixlet ID: 903204
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows XP SP2 (x64)
Severity: Critical
Fixlet ID: 903205
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows XP SP2 (x64) - CORRUPT PATCH
Severity: Critical
Fixlet ID: 903206
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Server 2003 SP2
Severity: Moderate
Fixlet ID: 903207
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Server 2003 SP2 - CORRUPT PATCH
Severity: Moderate
Fixlet ID: 903208
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Server 2003 SP2 (x64)
Severity: Moderate
Fixlet ID: 903209
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Server 2003 SP2 (x64) - CORRUPT PATCH
Severity: Moderate
Fixlet ID: 903210
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Vista Gold/SP1/SP2
Severity: N/A
Fixlet ID: 903211
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Vista Gold/SP1/SP2 (x64)
Severity: N/A
Fixlet ID: 903213
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Server 2008 Gold/SP2
Severity: N/A
Fixlet ID: 903215
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-032: Cumulative Security Update of ActiveX Kill Bits - Windows Server 2008 Gold/SP2 (x64)
Severity: N/A
Fixlet ID: 903217
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability that is currently being exploited. The vulnerability in Microsoft Video ActiveX Control could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. This ActiveX control was never intended to be instantiated in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2004 SP1
Severity: Important
Fixlet ID: 903301
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2004 SP1 - CORRUPT PATCH
Severity: Important
Fixlet ID: 903302
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 (x64)
Severity: Important
Fixlet ID: 903303
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 (x64) - CORRUPT PATCH
Severity: Important
Fixlet ID: 903304
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 SP1 (x64)
Severity: Important
Fixlet ID: 903305
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 SP1 (x64) - CORRUPT PATCH
Severity: Important
Fixlet ID: 903306
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual Server 2005 R2 SP1 (x64)
Severity: Important
Fixlet ID: 903307
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual Server 2005 R2 SP1 (x64) - CORRUPT PATCH
Severity: Important
Fixlet ID: 903308
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007
Severity: Important
Fixlet ID: 903309
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 - CORRUPT PATCH
Severity: Important
Fixlet ID: 903310
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 SP1
Severity: Important
Fixlet ID: 903311
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual PC 2007 SP1 - CORRUPT PATCH
Severity: Important
Fixlet ID: 903312
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual Server 2005 R2 SP1
Severity: Important
Fixlet ID: 903313
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege - Virtual Server 2005 R2 SP1 - CORRUPT PATCH
Severity: Important
Fixlet ID: 903314
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx