Added support for August 2009 Microsoft security updates

The information in this article applies to:

• GFI LANguard 9.0
• GFI LANguard Network Security Scanner 8

Article ID: KBID003612

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

• MS09-044 - Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)
• MS09-043 - Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)
• MS09-042 - Vulnerability in Telnet Could Allow Remote Code Execution (960859)
• MS09-041 - Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
• MS09-040 - Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)
• MS09-039 - Vulnerabilities in WINS Could Allow Remote Code Execution (969883)
• MS09-038 - Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)
• MS09-037 - Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
• MS09-036 - Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

More Information:

MS09-044
Severity Rating: Critical
Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

Description:

This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for default versions of RDP on affected editions of Windows Vista, Windows Vista for x64-based Systems, and Remote Desktop Connection Client for Mac 2.0 and is rated Critical for all default versions of RDP on all other affected Windows editions. This security update is rated Important for RDP Version 6.0 that administrators can manually install on Windows Server 2003 Service Pack 2 and Windows Server 2003 x64 Edition Service Pack 2 and is rated Critical for all other versions of RDP that administrators can manually install on affected Windows editions.

Included Updates:

• Security Update for Windows 2000 (KB958471)
• Security Update for Windows XP (KB958470)
• Security Update for Windows 2000 (KB958470)
• Security Update for Windows XP x64 Edition (KB958469)
• Security Update for Windows XP (KB958469)
• Security Update for Windows Server 2003 x64 Edition (KB958469)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB958469)
• Security Update for Windows Server 2003 (KB958469)
• Security Update for Windows XP x64 Edition (KB956744)
• Security Update for Windows XP (KB956744)
• Security Update for Windows Server 2003 x64 Edition (KB956744)
• Security Update for Windows Server 2003 (KB956744)
• Security Update for Windows Vista for x64-based Systems (KB956744)
• Security Update for Windows Vista (KB956744)
• Security Update for Windows Server 2008 (KB956744)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB956744)
• Security Update for Windows Server 2008 x64 Edition (KB956744)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-044.mspx

MS09-043
Severity Rating: Critical
Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)

Description:

This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Office XP, Microsoft Office 2003, Microsoft Office 2000 Web Components, Microsoft Office XP Web Components, Microsoft Office 2003 Web Components, Microsoft Office 2003 Web Components for the 2007 Microsoft Office system, Microsoft Internet Security and Acceleration Server 2004 Standard Edition, Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition, Microsoft Internet Security and Acceleration Server 2006, Microsoft BizTalk Server 2002, Microsoft Visual Studio .NET 2003, and Microsoft Office Small Business Accounting 2006.

Included Updates:

• Security Update for Microsoft Office Web Components (KB947319)
• Security Update for Microsoft Office 2003 Web Components for the 2007 Microsoft Office System (KB947318)
• Security Update for Microsoft Office XP Web Components (KB947320)
• Security Update for Microsoft Small Business Accounting 2006 Office Web Components (KB968377)
• Security Update for Microsoft Office 2003 Web Components used in ISA Server 2006 Service Pack 1 Reporting
• Security Update for Microsoft Office 2003 Web Components used in ISA Server 2004 SP3 Standard Edition Reporting
• Security Update for Microsoft Office 2003 Web Components used in ISA Server 2004 SP3 Enterprise Edition Reporting
• Security Update for Microsoft BizTalk Server 2002 (KB971388)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx

MS09-042
Severity Rating: Important
Vulnerability in Telnet Could Allow Remote Code Execution (960859)

Description:

This security update resolves a publicly disclosed vulnerability in the Microsoft Telnet service. The vulnerability could allow an attacker to obtain credentials and then use them to log back into affected systems. The attacker would then acquire user rights on a system identical to the user rights of the logged-on user. This scenario could ultimately result in remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008.

Included Updates:

• Security Update for Windows 2000 (KB960859)
• Security Update for Windows Vista for x64-based Systems (KB960859)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB960859)
• Security Update for Windows Server 2008 x64 Edition (KB960859)
• Security Update for Windows Vista (KB960859)
• Security Update for Windows Server 2008 (KB960859)
• Security Update for Windows XP (KB960859)
• Security Update for Windows XP x64 Edition (KB960859)
• Security Update for Windows Server 2003 (KB960859)
• Security Update for Windows Server 2003 x64 Edition (KB960859)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB960859)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-042.mspx

MS09-041
Severity Rating: Important
Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)

Description:

This security update resolves a privately reported vulnerability in the Windows Workstation Service. The vulnerability could allow elevation of privilege if an attacker created a specially crafted RPC message and sent the message to an affected system. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to a vulnerable system in order to exploit this vulnerability. The vulnerability could not be exploited by anonymous users. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008.

Included Updates:

• Security Update for Windows XP (KB971657)
• Security Update for Windows XP x64 Edition (KB971657)
• Security Update for Windows Server 2008 (KB971657)
• Security Update for Windows Server 2008 x64 Edition (KB971657)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB971657)
• Security Update for Windows Server 2003 (KB971657)
• Security Update for Windows Server 2003 x64 Edition (KB971657)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB971657)
• Security Update for Windows Vista (KB971657)
• Security Update for Windows Vista for x64-based Systems (KB971657)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-041.mspx

MS09-040
Severity Rating: Important
Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)

Description:

This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue. This security update is rated Important for Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 and Windows XP Professional x64 Edition Service Pack 2; all supported editions of Windows Server 2003; and Windows Vista and Windows Vista x64 Edition.

Included Updates:

• Security Update for Windows XP x64 Edition (KB971032)
• Security Update for Windows XP (KB971032)
• Security Update for Windows Server 2003 x64 Edition (KB971032)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB971032)
• Security Update for Windows Server 2003 (KB971032)
• Security Update for Windows 2000 (KB971032)
• Security Update for Windows Vista (KB971032)
• Security Update for Windows Vista for x64-based Systems (KB971032)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-040.mspx

MS09-039
Severity Rating: Critical
Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

Description:

This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue. This security update is rated Critical for all supported editions of Microsoft Windows 2000 Server Service Pack 4 and Windows Server 2003.

Included Updates:

• Security Update for Windows Server 2003 x64 Edition (KB969883)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB969883)
• Security Update for Windows Server 2003 (KB969883)
• Security Update for Windows 2000 (KB969883)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-039.mspx

MS09-038
Severity Rating: Critical
Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

Description:

This security update resolves two privately reported vulnerabilities in Windows Media file processing. Either vulnerability could allow remote code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB971557)
• Security Update for Windows XP (KB971557)
• Security Update for Windows Server 2003 x64 Edition (KB971557)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB971557)
• Security Update for Windows Server 2003 (KB971557)
• Security Update for Windows 2000 (KB971557)
• Security Update for Windows Vista for x64-based Systems (KB971557)
• Security Update for Windows Vista (KB971557)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB971557)
• Security Update for Windows Server 2008 x64 Edition (KB971557)
• Security Update for Windows Server 2008 (KB971557)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-038.mspx

MS09-037
Severity Rating: Critical
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

Description:

This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Windows 2000 Service Pack 4, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Included Updates:

• Security Update for Outlook Express 6.0 for Windows 2000 (KB973354)
• Security Update for Outlook Express 5.5 for Windows 2000 (KB973354)
• Security Update for Windows XP (KB973815)
• Security Update for Windows XP x64 Edition (KB973815)
• Security Update for Windows Server 2003 (KB973815)
• Security Update for Windows Server 2003 x64 Edition (KB973815)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB973815)
• Security Update for Windows XP x64 Edition (KB973507)
• Security Update for Windows XP (KB973507)
• Security Update for Windows Server 2003 x64 Edition (KB973507)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB973507)
• Security Update for Windows Server 2003 (KB973507)
• Security Update for Windows 2000 (KB973507)
• Security Update for Windows Vista (KB973507)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB973507)
• Security Update for Windows Vista for x64-based Systems (KB973507)
• Security Update for Windows Server 2008 x64 Edition (KB973507)
• Security Update for Windows Server 2008 (KB973507)
• Security Update for Windows XP x64 Edition (KB973354)
• Security Update for Windows XP (KB973354)
• Security Update for Windows Server 2003 x64 Edition (KB973354)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB973354)
• Security Update for Windows Server 2003 (KB973354)
• Security Update for Windows XP x64 Edition (KB973869)
• Security Update for Windows XP (KB973869)
• Security Update for Windows Server 2003 x64 Edition (KB973869)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB973869)
• Security Update for Windows Server 2003 (KB973869)
• Security Update for Windows 2000 (KB973869)
• Security Update for Windows XP x64 Edition (KB973540)
• Security Update for Windows XP Service Pack 3 (KB973540)
• Security Update for Windows XP Service Pack 2 (KB973540)
• Security Update for Windows Server 2003 x64 Edition (KB973540)
• Security Update for Windows Server 2003 (KB973540)
• Security Update for Windows Media Player 9 for Windows 2000 (KB973540)
• Security Update for Windows Media Player 11 for Windows XP X64 Edition (KB973540)
• Security Update for Windows Server 2008 (KB973540)
• Security Update for Windows Server 2008 x64 Edition (KB973540)
• Security Update for Windows Vista for x64-based Systems (KB973540)
• Security Update for Windows Vista (KB973540)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-037.mspx

MS09-036
Severity Rating: Important
Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

Description:

This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.NET is configured to use integrated mode on affected versions of Microsoft Windows. An attacker could create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted. Customers who are running IIS 7.0 application pools in classic mode are not affected by this vulnerability. This security update is rated Important for all affected versions of Microsoft Windows.

Included Updates:

• Security Update for Microsoft .NET Framework 2.0 Service Pack 2 (KB972594)
• Security Update for Microsoft .NET Framework 2.0 Service Pack 2 (KB972592)
• Security Update for Microsoft .NET Framework 2.0 Service Pack 1 (KB972593)
• Security Update for Microsoft .NET Framework 2.0 Service Pack 1 (KB972591)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-036.mspx

Note

• The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
  
  
• A list of bulletins supported by GFI LANguard can be found in the following page:
  http://www.gfi.com/lannetscan/msfullreport.htm