34 KBMicrosoft Security Bulletins
December 2009
Prior Updates:
2009
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2008
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2007
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2006
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2005
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2004
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)
December 2009
Microsoft Security Bulletin MS09-069
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
Severity: ImportantVulnerabilities:
- Local Security Authority Subsystem Service Resource Exhaustion Vulnerability - CVE-2009-3675
A denial of service vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles specially crafted ISAKMP messages communicated through IPsec.
Microsoft Security Bulletin MS09-070
Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
Severity: ImportantVulnerabilities:
- Single Sign On Spoofing in ADFS Vulnerability - CVE-2009-2508
A spoofing vulnerability in Active Directory Federation Services could allow an attacker to impersonate an authenticated user if the attacker has access to a workstation and Web browser recently used by the targeted user to access a Web site that offers single sign on. - Remote Code Execution in ADFS Vulnerability - CVE-2009-2509
A remote code execution vulnerability exists in implementations of Active Directory Federation Services (ADFS). The vulnerability is due to incorrect validation of request headers when an authenticated user connects to an ADFS enabled Web server. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Microsoft Security Bulletin MS09-071
Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)
Severity: CriticalVulnerabilities:
- Internet Authentication Service Memory Corruption Vulnerability - CVE-2009-2505
A remote code execution vulnerability exists in implementations of Protected Extensible Authentication Protocol (PEAP) on the Internet Authentication Service. The vulnerability is due to incorrect copying into memory of messages received by the server when handling PEAP authentication attempts. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - MS-CHAP Authentication Bypass Vulnerability - CVE-2009-3677
An elevation of privilege vulnerability exists in the Internet Authentication Service. An attacker could send a specially crafted Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) authentication request that could obtain access to network resources under the privileges of a specific, authorized user.
Microsoft Security Bulletin MS09-072
Cumulative Security Update for Internet Explorer (976325)
Severity: CriticalVulnerabilities:
- ATL COM Initialization Vulnerability - CVE-2009-2493
A remote code execution vulnerability exists in an ActiveX control built with vulnerable Microsoft Active Template Library (ATL) headers. This vulnerability only directly affects systems with components and controls installed that were built using Visual Studio ATL. Components and controls built using ATL could allow the instantiation of arbitrary objects that can bypass related security policy, such as kill bits within Internet Explorer. Therefore, this vulnerability could allow a remote, unauthenticated user to perform remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. - Uninitialized Memory Corruption Vulnerability - CVE-2009-3671
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. - HTML Object Memory Corruption Vulnerability - CVE-2009-3672
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. - Uninitialized Memory Corruption Vulnerability - CVE-2009-3673
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. - Uninitialized Memory Corruption Vulnerability - CVE-2009-3674
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Security Bulletin MS09-073
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
Severity: ImportantVulnerabilities:
- WordPad and Office Text converter Memory Corruption Vulnerability - CVE-2009-2506
A remote code execution vulnerability exists in the way that text converters in Microsoft WordPad and Microsoft Office Word process memory when a user opens a specially crafted Word 97 file.
Microsoft Security Bulletin MS09-074
Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)
Severity: CriticalVulnerabilities:
- Project Memory Validation Vulnerability - CVE-2009-0102
A remote code execution vulnerability exists in the way that Microsoft Office Project handles specially crafted Project files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
