JPCERT-AT-2009-0011
JPCERT/CC
2009-06-10
<<< JPCERT/CC Alert 2009-06-10 >>>
June 2009 Microsoft Security Bulletin
(including six critical patches)
https://www.jpcert.or.jp/at/2009/at090011.txt
I. Overview
Microsoft has released its security bulletin summary for June 2009,
which contains six security updates with severity rating "Critical".
A remote attacker could use this vulnerability to execute
arbitrary code.
For further information about this vulnerability, refer to the
following URLs.
Microsoft Security Bulletin Summary for June 2009
http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx
[Critical Security Update]
MS09-018
Vulnerabilities in Active Directory Could Allow Remote Code
Execution (971055)
https://www.microsoft.com/technet/security/bulletin/ms09-018.mspx
MS09-019
Cumulative Security Update for Internet Explorer (969897)
https://www.microsoft.com/technet/security/bulletin/ms09-019.mspx
MS09-021
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code
Execution (969462)
https://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
MS09-022
Vulnerabilities in Windows Print Spooler Could Allow Remote Code
Execution (961501)
https://www.microsoft.com/technet/security/bulletin/ms09-022.mspx
MS09-024
Vulnerability in Microsoft Works Converters Could Allow Remote
Code Execution (957632)
https://www.microsoft.com/technet/security/bulletin/ms09-024.mspx
MS09-027
Vulnerabilities in Microsoft Office Word Could Allow Remote Code
Execution (969514)
https://www.microsoft.com/technet/security/bulletin/ms09-027.mspx
A vulnerability in Microsoft DirectShow is yet to be resolved.
Please take special precautions until mitigations are released.
Microsoft Security Advisory (971778)
Vulnerability in Microsoft DirectShow Could Allow Remote Code
Execution
https://www.microsoft.com/technet/security/advisory/971778.mspx
Additionally, resolutions are now available for the following
products which were listed in Microsoft's May 2009 security bulletins
but were unresolved at the time: Microsoft Office 2004 for Mac,
Microsoft Office 2008 for Mac, Open XML File Format Converter for Mac,
Microsoft Works 8.5 and Microsoft Works 9.
MS09-017
Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote
Code Execution (967340)
https://www.microsoft.com/japan/technet/security/bulletin/MS09-017.mspx
II. Solution
Use means such as Microsoft Update or Windows Update to apply the
security update immediately.
Microsoft Update
https://update.microsoft.com/
Windows Update
https://windowsupdate.microsoft.com/
Office Update
http://office.microsoft.com/officeupdate/
IV. References
Microsoft Security Bulletin Summary for May 2009
https://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx
US-CERT Technical Cyber Security Alert TA09-160A
Microsoft Updates for Multiple Vulnerabilities
https://www.us-cert.gov/cas/techalerts/TA09-160A.html
If you have any information you could provide regarding this alert,
please contact us.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600 FAX: 03-3518-4602
https://www.jpcert.or.jp/
Top