Tuesday, September 8, 2009

Microsoft Tuesday Coverage for September 2009

Microsoft Security Advisory (MS09-045):
The Microsoft JScript scripting engine contains a programming error that may allow a remote attacker to execute code on an affected host.

Microsoft Security Advisory (MS09-046):
The Microsoft DHTML Editing Component ActiveX control contains a programming error that may allow a remote attacker to execute code on an affected system.

Microsoft Security Advisory (MS09-047):
A programming error in the way that Microsoft Windows systems parse certain types of Windows media files, may allow a remote attacker to execute code on an affected system.

Microsoft Security Advisory (MS09-048):
A vulnerability exists in the Microsoft Windows TCP/IP stack that may allow a remote attacker to execute code on an affected system.

Microsoft SMB2 Denial of Service (DoS):
A vulnerability in the way that Microsoft Windows systems process SMB2.0 transactions may allow a remote attacker to cause a Denial of Service (DoS) against a vulnerable machine.

More information is available here.
Add to Technorati Favorites Digg! This

2 comments:

Muad'Dib said...

The SMB2 vulnerability may turn out to be RCE. You may want to edit :)

Nigel Houghton said...

Yes, we are aware of the possibility of RCE with that particular vulnerability. Should that become evident, we will most likely write another post to address that issue as opposed to editing what has already been said.