Microsoft Updates for Multiple Vulnerabilities (TA09-104A)
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/JVNTR-2009-10.html
JVNRSS based Status Tracking Notes: Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Windows Server, and ISA Server.JVNRSS Feasibility Study Teamjvn@jvn.jpJVNTR-2009-102009-07-26T03:06+00:002009-04-16T17:22+00:002009-07-26T03:06+00:00ThreatCON (2) => (1)
https://tms.symantec.com/
On April 14, 2009, Microsoft released eight security bulletins to address a number of vulnerabilities. No widespread malicious activity targeting these issues has been identified.
Symantechttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-17T18:29+00:002009-04-17T18:29+00:002009-04-17T18:29+00:00Microsoft Office Excel Memory Corruption Vulnerability
http://www.fortiguardcenter.com/advisory/FGA-2009-16.html
Memory Corruption Vulnerability (CVE-2009-0100)
The vulnerability lies in "excel.exe", which is used when processing an Excel file. A maliciously crafted document will cause Excel to crash when processing. The crash occurs while calculating memory using an offset and a two-byte value contained in the document. If the two-byte value is set to a high value, an overflow condition will occur during memory calculation.
Fortinet, Inc.FGA-2009-16http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0100http://www.microsoft.com/technet/security/bulletin/MS09-009.mspx2009-04-14T17:30-08:002009-04-14T17:30-08:002009-04-14T17:30-08:00March 2009 Microsoft Security Bulletin (including one critical patche)
http://www.jpcert.or.jp/at/2009/at090007.txt
JPCERT/CCJPCERT-AT-2009-0007http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-15T00:59+00:002009-04-15T00:59+00:002009-04-15T00:59+00:00Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/968272.mspx?jvntrev=1
Memory Corruption Vulnerability (MS09-009, CVE-2009-0238)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-009 to address this issue.
MicrosoftMicrosoft Security Advisory (968272)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0238http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/MS09-009.mspx2009-04-14T15:34-07:002009-04-14T15:34-07:002009-04-14T15:34-07:00Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform
http://www.microsoft.com/technet/security/advisory/953818.mspx?jvntrev=1
Blended Threat Remote Code Execution Vulnerability (MS09-014, MS09-015, CVE-2008-2540)
Microsoft has issued MS09-014 and MS09-015 to address this issue.
MicrosoftMicrosoft Security Advisory (953818)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2540http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/MS09-014, MS09-015.mspx2009-04-14T15:34-07:002009-04-14T15:34-07:002009-04-14T15:34-07:00Vulnerability in Windows Could Allow Elevation of Privilege
http://www.microsoft.com/technet/security/advisory/951306.mspx?jvntrev=1
Windows MSDTC Service Isolation Vulnerability (MS09-012, CVE-2008-1436)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-012 to address this issue.
MicrosoftMicrosoft Security Advisory (951306)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1436http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspx2009-04-14T15:34-07:002009-04-14T15:34-07:002009-04-14T15:34-07:00Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/960906.mspx?jvntrev=1
WordPad Word 97 Text Converter Stack Overflow Vulnerability (MS09-010, CVE-2008-4841)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-010 to address this issue.
MicrosoftMicrosoft Security Advisory (960906)http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4841http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx2009-04-14T15:34-07:002009-04-14T15:34-07:002009-04-14T15:34-07:00April Black Tuesday Overview (Version: 2)
http://isc.sans.org/diary.html?storyid=6193
Overview of the April 2009 Microsoft patches and their status.
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-14T19:56+00:002009-04-14T19:56+00:002009-04-14T19:56+00:00Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA09-104A.html
Via US-CERT Mailing List
US-CERTTA09-104Ahttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-14T15:44-04:002009-04-14T15:44-04:002009-04-14T15:44-04:00ThreatCON (2) => (2)
https://tms.symantec.com/
On April 14, 2009, Microsoft released eight security bulletins to address a number of vulnerabilities. Customers are advised to review the advisories and apply the relevant updates.
Symantechttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-14T18:15+00:002009-04-14T18:15+00:002009-04-14T18:15+00:00Microsoft Releases April Security Bulletin Summary
http://www.us-cert.gov/current/archive/2009/04/14/archive.html#microsoft_releases_april_security_bulletin2
US-CERT Current Activity
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Forefront Edge Security as part of the Microsoft Security Bulletin Summary for April 2009. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with escalated privileges.
US-CERThttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-14T13:36-04:002009-04-14T13:36-04:002009-04-14T13:36-04:00Microsoft Security Bulletin Summary for April 2009
http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx
Included in this advisory are updates for newly discovered vulnerabilities.
Microsoftms09-aprhttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-14T10:28-07:002009-04-14T10:28-07:002009-04-14T10:28-07:00Microsoft DirectShow MJPEG Remote Code Execution
http://www.iss.net/threats/324.html
MJPEG Decompression Vulnerability (CVE-2009-0084)
Microsoft DirectShow, which is part of Microsoft DirectX, could allow a remote attacker to execute arbitrary code on the system by persuading a victim to open a specially-crafted MJPEG (video) file.
IBM Internet Security Systemshttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0084http://xforce.iss.net/xforce/xfdb/49559http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspx2009-04-142009-04-142009-04-14Microsoft Security Bulletin Advance Notification for April 2009
http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx?jvntrev=1
Included in this advisory are updates for newly discovered vulnerabilities.
Microsoftms09-aprhttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-009.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-010.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-011.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-013.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-015.mspxhttp://www.microsoft.com/technet/security/bulletin/ms09-016.mspx2009-04-09T10:16-07:002009-04-09T10:16-07:002009-04-09T10:16-07:00Microsoft Excel Remote Code Execution Vulnerability
http://www.iss.net/threats/320.html
Memory Corruption Vulnerability (CVE-2009-0238)
An unspecified error in Microsoft Excel could allow a remote attacker to execute arbitrary code on the system. There are confirmed reports of targeted exploitation.
IBM Internet Security Systemshttp://xforce.iss.net/xforce/xfdb/48875;http://www.microsoft.com/technet/security/advisory/968272.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-02382009-02-262009-02-262009-02-26Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/968272.mspx
Memory Corruption Vulnerability (MS09-009, CVE-2009-0238)
Advisory published.
Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.
MicrosoftMicrosoft Security Advisory (968272)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0238http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/MS09-009.mspx2009-02-24T11:23-08:002009-02-24T11:23-08:002009-02-24T11:23-08:00Microsoft Releases Security Advisory (968272)
http://www.us-cert.gov/current/archive/2009/02/24/archive.html#microsoft_releases_security_advisory_968272
US-CERT Current Activity
Microsoft has released Security Advisory 968272 to address reports of a vulnerability in Microsoft Office Excel. By convincing a user to open a specially crafted Excel document, an attacker may be able to execute arbitrary code.
US-CERT;http://www.microsoft.com/technet/security/advisory/968272.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-02382009-02-24T14:10-04:002009-02-24T14:10-04:002009-02-24T14:10-04:00Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=783
WordPad Word 97 Text Converter Stack Overflow Vulnerability (CVE-2009-0235)
Vulnerability Reported
The vulnerability occurs when parsing the content of a Word97 format file. When reading in the data, the code uses a 32-bit integer from the file to check a buffer length while using the lower 16-bit value to do the actual copy. This results in a stack buffer overflow. This stack buffer is overwritten with data from the file.
iDefensehttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0235http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx2008-12-192008-12-192008-12-19Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/960906.mspx
Advisory published.
Microsoft is investigating new reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 SP4, Windows XP SP2, Windows Server 2003 SP1, and Windows Server 2003 SP2.
MicrosoftMicrosoft Security Advisory (960906)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-48412008-12-09T12:08-08:002008-12-09T12:08-08:002008-12-09T12:08-08:00Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform
http://www.microsoft.com/technet/security/advisory/953818.mspx
Blended Threat Remote Code Execution Vulnerability (MS09-014, MS09-015, CVE-2008-2540)
Advisory published.
MicrosoftMicrosoft Security Advisory (953818)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2540http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/MS09-014.mspxhttp://www.microsoft.com/technet/security/bulletin/MS09-015.mspx2008-05-30T18:15-07:002008-05-30T18:15-07:002008-05-30T18:15-07:00Vulnerability in Windows Could Allow Elevation of Privilege
http://www.microsoft.com/technet/security/advisory/951306.mspx
Windows MSDTC Service Isolation Vulnerability (MS09-012, CVE-2008-1436)
Advisory published.
MicrosoftMicrosoft Security Advisory (951306)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1436http://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms09-012.mspx2008-04-17T21:56-07:002008-04-17T21:56-07:002008-04-17T21:56-07:00Microsoft Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782
Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability (CVE-2009-0088)
Vulnerability Reported
The vulnerability is triggered by conversion code not properly validating a counter against the allocated length of a structure before processing it. Depending on the contents of the data file, control structures on the stack may be modified as a result, potentially allowing the execution of arbitrary code.
iDefensehttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0088http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx2006-06-282006-06-282006-06-28