Added support for June 2009 Microsoft security updates

The information in this article applies to:

• GFI LANguard 9.0
• GFI LANguard Network Security Scanner 8

Article ID: KBID003566

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

• MS09-027 - Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)
• MS09-026 - Vulnerability in RPC Could Allow Elevation of Privilege (970238)
• MS09-025 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)
• MS09-024 - Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)
• MS09-023 - Vulnerability in Windows Search Could Allow Information Disclosure (963093)
• MS09-022 - Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
• MS09-021 - Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
• MS09-020 - Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
• MS09-019 - Cumulative Security Update for Internet Explorer (969897)
• MS09-018 - Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)

More Information:

MS09-027
Severity Rating: Critical
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)

Description:

This security update resolves two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited either vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Critical for all supported editions of Microsoft Office Word 2000. For all supported editions of Microsoft Office Word 2002, Microsoft Office Word 2003, Microsoft Office Word 2007, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for Mac, and all supported versions of Open XML File Format Converter for Mac, Microsoft Office Compatibility Pack, and Microsoft Office Word Viewers, this security update is rated Important.

Included Updates:

• Security Update for Microsoft Word Viewer 2003 (KB969614)
• Security Update for the 2007 Microsoft Office System (KB969613)
• Security Update for Microsoft Office Word 2007 (KB969604)
• Security Update for Microsoft Office Word 2003 (KB969603)
• Security Update for Microsoft Word 2002 (KB969602)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-027.mspx

MS09-026
Severity Rating: Important
Vulnerability in RPC Could Allow Elevation of Privilege (970238)

Description:

This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately. The vulnerability could allow an attacker to execute arbitrary code and take complete control of an affected system. Supported editions of Microsoft Windows are not delivered with any RPC servers or clients that are subject to exploitation of this vulnerability. In a default configuration, users could not be attacked by exploitation of this vulnerability. However, the vulnerability is present in the Microsoft Windows RPC runtime and could affect third-party RPC applications. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB970238)
• Security Update for Windows XP (KB970238)
• Security Update for Windows Server 2003 x64 Edition (KB970238)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB970238)
• Security Update for Windows Server 2003 (KB970238)
• Security Update for Windows 2000 (KB970238)
• Security Update for Windows Server 2008 x64 Edition (KB970238)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB970238)
• Security Update for Windows Vista for x64-based Systems (KB970238)
• Security Update for Windows Server 2008 (KB970238)
• Security Update for Windows Vista (KB970238)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-026.mspx

MS09-025
Severity Rating: Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)

Description:

This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege. An attacker who successfully exploited any of these vulnerabilities could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB968537)
• Security Update for Windows XP (KB968537)
• Security Update for Windows Server 2003 x64 Edition (KB968537)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB968537)
• Security Update for Windows Server 2003 (KB968537)
• Security Update for Windows 2000 (KB968537)
• Security Update for Windows Server 2008 (KB968537)
• Security Update for Windows Vista (KB968537)
• Security Update for Windows Vista for x64-based Systems (KB968537)
• Security Update for Windows Server 2008 x64 Edition (KB968537)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB968537)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-025.mspx

MS09-024
Severity Rating: Critical
Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)

Description:

This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for supported editions of Microsoft Office Word 2000. This security update is also rated important for supported editions of Microsoft Office Word 2002, Microsoft Office Word 2003 with the Microsoft Works 6–9 File Converter, and Microsoft Office Word 2007 Service Pack 1; and Microsoft Works 8.5 and Microsoft Works 9.

Included Updates:

• Security Update for the 2007 Microsoft Office System (KB969559)
• Security Update for Microsoft Office XP (KB957646)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-024.mspx

MS09-023
Severity Rating: Moderate
Vulnerability in Windows Search Could Allow Information Disclosure (963093)

Description:

This security update resolves a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results. By default, the Windows Search component is not preinstalled on Microsoft Windows XP and Windows Server 2003. It is an optional component available for download. Windows Search installed on supported editions of Windows Vista and Windows Server 2008 is not affected by this vulnerability. This security update is rated Moderate for Windows Search installed on all supported editions of Windows XP and Windows Server 2003.

Included Updates:

• Security Update for Windows XP (KB963093)
• Security Update for Windows Server 2003 (KB963093)
• Security Update for Windows Server 2003 x64 Edition (KB963093)
• Security Update for Windows XP x64 Edition (KB963093)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-023.mspx

MS09-022
Severity Rating: Critical
Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

Description:

This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. This security update is rated Critical for all supported editions of Microsoft Windows 2000; Moderate for all supported editions of Windows XP and Windows Server 2003; and Important for all supported editions of Windows Vista and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB961501)
• Security Update for Windows XP (KB961501)
• Security Update for Windows Server 2003 x64 Edition (KB961501)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB961501)
• Security Update for Windows Server 2003 (KB961501)
• Security Update for Windows 2000 (KB961501)
• Security Update for Windows Server 2008 x64 Edition (KB961501)
• Security Update for Windows Server 2008 (KB961501)
• Security Update for Windows Vista for x64-based Systems (KB961501)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB961501)
• Security Update for Windows Vista (KB961501)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-022.mspx

MS09-021
Severity Rating: Critical
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)

Description:

This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Critical for all supported editions of Microsoft Office Excel 2000. For all supported editions of Microsoft Office Excel 2002, Microsoft Office Excel 2003, Microsoft Office Excel 2007, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for Mac; Open XML File Format Converter for Mac; and all supported versions of Microsoft Office Excel Viewer and Microsoft Office Compatibility Pack, this security update is rated Important. The update addresses the vulnerabilities by modifying the way that Excel parses Excel files.

Included Updates:

• Security Update for Microsoft Office Excel Viewer (KB969686)
• Security Update for Microsoft Office Excel Viewer 2003 (KB969685)
• Security Update for Excel Services for Microsoft Office SharePoint Server 2007 (KB969737), 64-bit Edition
• Security Update for Excel Services for Microsoft Office SharePoint Server 2007 (KB969737), 32-bit Edition
• Security Update for the 2007 Microsoft Office System (KB969679)
• Security Update for Microsoft Office Excel 2007 (KB969682)
• Security Update for Microsoft Office Excel 2003 (KB969681)
• Security Update for Microsoft Excel 2002 (KB969680)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-021.mspx

MS09-020
Severity Rating: Important
Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)

Description:

This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs. This security update is rated Important for Microsoft Internet Information Services on all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

Included Updates:

• Security Update for Windows XP x64 Edition (KB970483)
• Security Update for Windows XP (KB970483)
• Security Update for Windows Server 2003 x64 Edition (KB970483)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB970483)
• Security Update for Windows Server 2003 (KB970483)
• Security Update for Windows 2000 (KB970483)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-020.mspx

MS09-019
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (969897)

Description:

This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 5.01 and Important for Internet Explorer 6 Service Pack 1, running on supported editions of Microsoft Windows 2000; Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 running on supported editions of Windows XP and Windows Vista; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 running on supported editions of Windows Server 2003 and Windows Server 2008.

Included Updates:

• Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 (KB969897)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB969897)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista for x64-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows XP (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows XP (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB969897)
• Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB969897)
• Cumulative Security Update for Internet Explorer 6 for Windows XP (KB969897)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB969897)
• Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Vista x64-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB969897)
• Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB969897)
• Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB969897)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-019.mspx

MS09-018
Severity Rating: Critical
Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)

Description:

This security update resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. This security update is rated Critical for all supported editions of Microsoft Windows 2000 Server, and rated Important for supported versions of Windows XP Professional and Windows Server 2003.

Included Updates:

• Security Update for Windows XP x64 Edition (KB970437)
• Security Update for Windows XP (KB970437)
• Security Update for Windows Server 2003 x64 Edition (KB970437)
• Security Update for Windows Server 2003 (KB970437)
• Security Update for Windows Server 2003 x64 Edition (KB969805)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB969805)
• Security Update for Windows Server 2003 (KB969805)
• Security Update for Windows 2000 (KB969805)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-018.mspx

Note

• The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
  
  
• A list of bulletins supported by GFI LANguard can be found in the following page:
  http://www.gfi.com/lannetscan/msfullreport.htm