Added support for March 2009 Microsoft security updates

The information in this article applies to:

  • GFI LANguard 9.0
  • GFI LANguard Network Security Scanner 7
  • GFI LANguard Network Security Scanner 8

Article ID: KBID003505

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

  • MS09-008 - Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)
  • MS09-007 - Vulnerability in SChannel Could Allow Spoofing (960225)
  • MS09-006 - Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)

More Information:

MS09-008
Severity Rating: Important
Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)

Description:

This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. This security update is rated Important for all supported editions of Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008.

Included Updates:

  • Security Update for Windows Server 2003 x64 Edition (KB961064)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB961064)
  • Security Update for Windows Server 2003 (KB961064)
  • Security Update for Windows Server 2008 x64 Edition (KB961063)
  • Security Update for Windows Server 2008 (KB961063)
  • Security Update for Windows Server 2003 x64 Edition (KB961063)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB961063)
  • Security Update for Windows Server 2003 (KB961063)
  • Security Update for Windows 2000 (KB961064)
  • Security Update for Windows 2000 (KB961063)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-008.mspx

MS09-007
Severity Rating: Important
Vulnerability in SChannel Could Allow Spoofing (960225)

Description:

This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

  • Security Update for Windows XP x64 Edition (KB960225)
  • Security Update for Windows XP (KB960225)
  • Security Update for Windows Server 2003 x64 Edition (KB960225)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB960225)
  • Security Update for Windows Server 2003 (KB960225)
  • Security Update for Windows 2000 (KB960225)
  • Security Update for Windows Vista (KB960225)
  • Security Update for Windows Server 2008 (KB960225)
  • Security Update for Windows Server 2008 x64 Edition (KB960225)
  • Security Update for Windows Server 2008 for Itanium-based Systems (KB960225)
  • Security Update for Windows Vista for x64-based Systems (KB960225)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-007.mspx

MS09-006
Severity Rating: Critical
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)

Description:

This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

  • Security Update for Windows Server 2008 Service Pack 2 Release Candidate x64 Edition (KB958690)
  • Security Update for Windows Server 2008 Service Pack 2 Release Candidate for Itanium-based Systems (KB958690)
  • Security Update for Windows Vista Service Pack 2 Release Candidate (KB958690)
  • Security Update for Windows Server 2008 Service Pack 2 Release Candidate (KB958690)
  • Security Update for Windows Vista Service Pack 2 Release Candidate for x64-based Systems (KB958690)
  • Security Update for Windows XP x64 Edition (KB958690)
  • Security Update for Windows XP (KB958690)
  • Security Update for Windows Server 2003 x64 Edition (KB958690)
  • Security Update for Windows Server 2003 for Itanium-based Systems (KB958690)
  • Security Update for Windows Server 2003 (KB958690)
  • Security Update for Windows 2000 (KB958690)
  • Security Update for Windows Vista Service Pack 2 Beta (KB958690)
  • Security Update for Windows 7 Beta for x64-based Systems (KB958690)
  • Security Update for Windows Server 2008 (KB958690)
  • Security Update for Windows 7 Beta (KB958690)
  • Security Update for Windows Server 2008 R2 Beta for Itanium-based Systems (KB958690)
  • Security Update for Windows Server 2008 Service Pack 2 Beta for Itanium-based Systems (KB958690)
  • Security Update for Windows Vista (KB958690)
  • Security Update for Windows Server 2008 for Itanium-based Systems (KB958690)
  • Security Update for Windows Server 2008 R2 Beta x64 Edition (KB958690)
  • Security Update for Windows Vista Service Pack 2 Beta for x64-based Systems (KB958690)
  • Security Update for Windows Server 2008 Service Pack 2 Beta x64 Edition (KB958690)
  • Security Update for Windows Server 2008 Service Pack 2 Beta (KB958690)
  • Security Update for Windows Vista for x64-based Systems (KB958690)
  • Security Update for Windows Server 2008 x64 Edition (KB958690)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-006.mspx

Notes