Friday, October 16, 2009

CERT-In Advisory CIAD-2009-48

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Multiple Vulnerabilities in Microsoft SMBv2, Windows Media Runtime, Windows
Media Player, Internet Explorer, Microsoft Active Template Library (ATL)
ActiveX Controls,Microsoft .NET Common Language Runtime, Graphic Device
Interchange (GDI+), IIS FTP Service, Windows CryptoAPI, Indexing Service,
Windows Kernel, Windows Local Security Authority Subsystem Service (LSASS)

http://www.cert-in.org.in/advisory/ciad-2009-48.htm
Original issue date: October 15, 2009

Systems Affected

* Windows 2000 SP4
* Microsoft Windows XP
* Windows XP Professional x64 Edition
* Windows Server 2003
* Windows Server 2003 x64 Edition
* Windows Server 2003 for Itanium-based Systems
* Windows Vista
* Windows Vista x64 Edition
* Windows Server 2008
* Windows Server 2008 x64-based Systems
* Windows Server 2008 for Itanium-based Systems
* Windows 7
* Windows 7 x64 Edition
* Windows Server 2008 R2 x64 Edition
* Windows Server 2008 R2 for Itanium-based Systems


Components affected

* Internet Explorer
* Microsoft Office
* Microsoft Outlook
* Microsoft Office Visio Viewer
* Microsoft .NET Framework
* Microsoft Internet Information Services

Overview

Multiple vulnerabilities have been reported in various Microsoft SMBv2,
Windows Media Runtime, Windows Media Player, Internet Explorer, Microsoft
Active Template Library (ATL) ActiveX Controls,Microsoft .NET Common
Language Runtime, Graphic Device Interchange (GDI+), IIS FTP Service,
Windows CryptoAPI, Indexing Service, Windows Kernel, Windows Local Security
Authority Subsystem Service (LSASS) .

Description

The vulnerability notes released by CERT-In with reference to Microsoft
Security Bulletins are to be checked at the URL given below:

http://www.cert-in.org.in/advisory/ciad-2009-48.htm

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin
October 2009
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx

Disclaimer

The information provided herein is on "as is" basis, without warranty of
any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Note: Please do not reply to this e-mail. For further queries contact
CERT-In Information Desk. Email: info@cert-in.org.in


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wsBVAwUBStfzm3WXeYNsoT30AQrdiAgAgEmkEPcADzooEoNtMxW4iVIFAxQYPLmp
rLz6VDGgN+a9Tx3a7KKZ36CkRGC/BXyt8GZyMMMCs7JUormc2ebXh2AdOA14s5MX
OF8lOYE1e/W6bGZLktFhOEMh3jPA+hAt6b8yi7yHz+dd5H6E+56qjKTs2zZrcDuQ
7m5mezDS57wyuKKLQ1Sz7hcecuHHjGQdMZG8YWO+mv1Hv+OU0lM2tfRwOGUGrzUq
rQZjWCa2e5zAbkJCXhpuJmrItNqcvxQQf0lugbjFEivRtUH+rAyB9kHlkNw5c8V1
hN4+yZeNyrPx/DT8Ta43inlt4PkJCKPnNa4hkzL6+P9TJ6Hd5zu82Q==
=UUk3
-----END PGP SIGNATURE-----


--
For More Security Related Stuff visit http://wiki.secureit.in.A Wiki Website dedicated to Information Security.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)