Original release date: October 13, 2009
Last revised: --
Source: US-CERT

Systems Affected

• Microsoft Windows and Windows Server
• Microsoft Internet Explorer
• Microsoft Office
• Microsoft .NET Framework
• Microsoft Silverlight
• Microsoft SQL Server
• Microsoft Developer Tools
• Microsoft Forefront

Overview

Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront.

I. Description

Microsoft has released multiple security bulletins for critical vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront. These bulletins are described in the Microsoft Security Bulletin Summary for October 2009.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

IV. References

• Microsoft Security Bulletin Summary for October 2009 - <http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx>
• Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx>

Feedback can be directed to US-CERT.

Produced 2009 by US-CERT, a government organization. Terms of use