• See Also
• Current Updates

• Microsoft Security Resources
• Security Incidents
• Security Resources

• Juniper Networks Product Solutions for Microsoft
• Get detailed information about Juniper solutions that protect your Microsoft environment:
• SSL VPNs
• Intrusion Prevention
• Firewall / VPN Central Management34 KB
• VPN Resiliency594 KB
• Denial of Service and Attack Prevention754 KB
• Antivirus Protection55 KB

February 2009

---

Prior Updates:

---

Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

February 2009

Microsoft Security Bulletin MS09-002

Cumulative Security Update for Internet Explorer (961260)

Severity: Critical
Vulnerabilities:

• Uninitialized Memory Corruption Vulnerability - CVE-2009-0075
  A remote code execution vulnerability exists in the way Internet Explorer accesses an object that has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
• CSS Memory Corruption Vulnerability - CVE-2009-0076
  A remote code execution vulnerability exists in the way Internet Explorer handles Cascading Style Sheets (CSS). An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.

Microsoft Security Bulletin MS09-003

Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)

Severity: Critical
Vulnerabilities:

• Memory Corruption Vulnerability - CVE-2009-0098
  A remote code execution vulnerability exists in the way Microsoft Exchanger Servers decodes the Transport Neutral Encapsulation Format (TNEF) data for a message. Literal Processing Vulnerability - CVE-2009-0099 A denial of service vulnerability exists in the EMSMDB2 (Electronic Messaging System Microsoft Data Base, 32 bit build) provider because of the way it handles invalid MAPI commands. An attacker could exploit the vulnerability by sending a specially crafted MAPI command to the application using EMSMDB32 provider. An attacker successfully exploiting this vulnerability could cause the application to stop responding. The denial of service vulnerability also affects the Microsoft Exchange System Attendant since it uses the EMSMDB32 provider. It is one of the core services in Microsoft Exchange and performs a variety of functions related to the on-going maintenance of the Exchange system.

Microsoft Security Bulletin MS09-004

Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)

Severity: Important
Vulnerabilities:

• SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability - CVE-2008-5416
  A remote code execution vulnerability exists in the way that SQL Server checks parameters in the "sp_replwritetovarbin" extended stored procedure. The vulnerability could allow remote code execution if untrusted users have access to an affected system or if a SQL injection vulnerability exists on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Microsoft Security Bulletin MS09-005

Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (957634)

Severity: Critical
Vulnerabilities:

• Memory Validation Vulnerability - CVE-2009-0095
  A remote code execution vulnerability exists in the way Microsoft Visio validates object data when opening up Visio files. An attacker could exploit the vulnerability by sending a specially crafted file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
• Memory Corruption Vulnerability - CVE-2009-0096
  A remote code execution vulnerability exists in the way Microsoft Visio copies object data in memory. An attacker could exploit the vulnerability by sending a malformed file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
• Memory Corruption Vulnerability - CVE-2009-0097
  A remote code execution vulnerability exists in the way Microsoft Office Visio handles memory when opening up Visio files. An attacker could exploit the vulnerability by sending a specially crafted file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.