Added support for October 2009 Microsoft security updates

The information in this article applies to:

GFI LANguard 9.0
GFI LANguard Network Security Scanner 8

Article ID: KBID003655

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)
MS09-061 - Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)
MS09-060 - Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
MS09-059 - Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)
MS09-058 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
MS09-057 - Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
MS09-056 - Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
MS09-055 - Cumulative Security Update of ActiveX Kill Bits (973525)
MS09-054 - Cumulative Security Update for Internet Explorer (974455)
MS09-053 - Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
MS09-052 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
MS09-051 - Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
MS09-050 - Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)

More Information:

MS09-062
Severity Rating: Critical
Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Description:

This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Windows XP and Windows Server 2003; Windows Vista and Windows Vista Service Pack 1; Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1; Windows Server 2008 for 32-bit Systems, Windows Server 2008 for x64-based Systems, and Windows Server 2008 for Itanium-based Systems; Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, Microsoft Report Viewer 2008 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package Service Pack 1. This security update is rated Important for all supported editions of Microsoft .NET Framework 1.1 and Microsoft .NET Framework 2.0 on Microsoft Windows 2000; Microsoft Office XP; Microsoft Office 2003; all affected Office Viewer software for Microsoft Office 2003; 2007 Microsoft Office System; all affected Office Viewer software for 2007 Microsoft Office System; Microsoft Office Compatibility Pack, Microsoft Expression Web, Microsoft Expression Web 2, Microsoft Office Groove 2007 and Microsoft Office Groove 2007 Service Pack 1; Microsoft Office Project 2002; Microsoft Office Visio 2002; Microsoft Works 8.5; and Microsoft Forefront Client Security 1.0.

Included Updates:

Security Update for Microsoft Visio 2002 (KB975365)

Security Update for the 2007 Microsoft Office System (KB972581)

Security Update for Microsoft Office XP (KB974811)

Security Update for Microsoft Office 2003 (KB972580)

Security Update for Microsoft Visual Studio 2008 Service Pack 1 (KB972222)

Security Update for Microsoft Visual Studio 2008 (KB972221)

Security Update for Microsoft Visual Studio 2005 Service Pack 1 (KB971023)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows 2000 (KB971111)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000 (KB971110)

Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000 (KB971108)

Security Update for Report Viewer Redistributable 2008 Service Pack 1 (KB971119)

Security Update for Report Viewer Redistributable 2008 (KB971118)

Security Update for Report Viewer Redistributable 2005 Service Pack 1 (KB971117)

Security Update for Windows XP x64 Edition (KB958869)

Security Update for Windows XP (KB958869)

Security Update for Windows Vista for x64-based Systems (KB958869)

Security Update for Windows Vista (KB958869)

Security Update for Windows Server 2008 x64 Edition (KB958869)

Security Update for Windows Server 2008 for Itanium-based Systems (KB958869)

Security Update for Windows Server 2008 (KB958869)

Security Update for Windows Server 2003 x64 Edition (KB958869)

Security Update for Windows Server 2003 for Itanium-based Systems (KB958869)

Security Update for Windows Server 2003 (KB958869)

Security Update for Internet Explorer 6 for Windows 2000 (KB958869)

Update for Microsoft Forefront Client Security (KB975962)

Security Update for Microsoft Works 8 (KB973636)

Security Update for SQL Server 2005 Service Pack 2 Failover Clustering (KB970895)

Security Update for SQL Server 2005 Service Pack 2 (KB970895)

Security Update for SQL Server 2005 Service Pack 2 Failover Clustering (KB970896)

Security Update for SQL Server 2005 Service Pack 2 (KB970896)

Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB970892)

Security Update for SQL Server 2005 Service Pack 3 (KB970892)

Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB970894)

Security Update for SQL Server 2005 Service Pack 3 (KB970894)

Security Update for SQL Server Reporting Services 2000 Service Pack 2 (KB970899)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-062.mspx

MS09-061
Severity Rating: Critical
Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)

Description:

This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in persuading a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing it, as could be the case in a Web hosting scenario. Microsoft .NET applications, Silverlight applications, XBAPs and ASP.NET pages that are not malicious are not at risk of being compromised because of this vulnerability. This security update is rated Critical for all affected editions of the Microsoft .NET Framework on Microsoft Windows 2000, Windows XP, Windows Vista, and Windows 7; Microsoft Silverlight 2 when installed on Mac; and Microsoft Silverlight 2 when installed on all releases of Microsoft Windows clients. This security update is rated Important for all affected editions of the Microsoft .NET Framework on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2. This security update is rated Moderate for Microsoft Silverlight 2 when installed on all releases of Microsoft Windows servers.

Included Updates:

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Server 2003 and Windows XP for x64-based Systems (KB974417)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB953300)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Server 2003 for Itanium-based Systems (KB953300)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Server 2008 Service Pack 2 for Itanium-based Systems (KB974470)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Server 2008 for Itanium-based Systems (KB974469)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Server 2003 for Itanium-based Systems (KB974417)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Server 2008 for Itanium-based Systems (KB974291)

Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows Server 2003 and Windows Server 2003 R2 for x64-based and Itanium-based Systems (KB953297)

Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows Server 2003 x86 and Windows Server 2003 R2 x86 (KB953298)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Vista for x64-based Systems (KB974292)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB974470)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 for x64-based Systems (KB974470)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 for x64-based Systems (KB974469)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 (KB974469)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista (KB974467)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista for x64-based Systems (KB974467)

Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB974417)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 (KB974291)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 for x64-based Systems (KB974291)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Vista (KB974292)

Microsoft .NET Framework 2.0 Security Update for Windows Vista (KB974468)

Microsoft .NET Framework 2.0 Security Update for Windows Vista for x64-based Systems (KB974468)

Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows Server 2003 and Windows XP for x64-based Systems (KB953300)

Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297)

Microsoft .NET Framework 1.0 Service Pack 3 Security Update for Windows XP Tablet PC and Media Center (KB953295)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-061.mspx

MS09-060
Severity Rating: Critical
Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)

Description:

This security update resolves several privately reported vulnerabilities in ActiveX Controls for Microsoft that were compiled with a vulnerable version of Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Outlook 2002, Microsoft Office Outlook 2003, Microsoft Office Outlook 2007, Microsoft Visio 2002 Viewer, Microsoft Office Visio 2003 Viewer, and Microsoft Office Visio Viewer 2007.

Included Updates:

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Outlook 2007 (KB972363)

Security Update for Microsoft Office Outlook 2003 (KB973705)

Security Update for Microsoft Outlook 2002 (KB973702)

Security Update for the 2007 Microsoft Office System (KB974234)

Security Update for Microsoft Office 2003 (KB974554)

Security Update for Microsoft Office XP (KB974556)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-060.mspx

MS09-059
Severity Rating: Important
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sent a maliciously crafted packet during the NTLM authentication process. This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. Supported editions of Windows XP and Windows Server 2003 are only affected if they have previously installed the non-security update described in KB968389.

Included Updates:

Security Update for Windows XP x64 Edition (KB975467)

Security Update for Windows XP (KB975467)

Security Update for Windows Vista for x64-based Systems (KB975467)

Security Update for Windows Vista (KB975467)

Security Update for Windows Server 2008 x64 Edition (KB975467)

Security Update for Windows Server 2008 R2 x64 Edition (KB975467)

Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB975467)

Security Update for Windows Server 2008 for Itanium-based Systems (KB975467)

Security Update for Windows Server 2008 (KB975467)

Security Update for Windows Server 2003 x64 Edition (KB975467)

Security Update for Windows Server 2003 for Itanium-based Systems (KB975467)

Security Update for Windows Server 2003 (KB975467)

Security Update for Windows 7 for x64-based Systems (KB975467)

Security Update for Windows 7 (KB975467)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-059.mspx

MS09-058
Severity Rating: Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)

Description:

This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logged on to the system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. This security update is rated Important for supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; and Moderate for Service Pack 2 for all editions of Windows Vista and Windows Server 2008.

Included Updates:

Security Update for Windows Server 2008 (KB971486)

Security Update for Windows Vista for x64-based Systems (KB971486)

Security Update for Windows Server 2008 x64 Edition (KB971486)

Security Update for Windows Server 2008 for Itanium-based Systems (KB971486)

Security Update for Windows Vista (KB971486)

Security Update for Windows 2000 (KB971486)

Security Update for Windows XP x64 Edition (KB971486)

Security Update for Windows XP (KB971486)

Security Update for Windows Server 2003 x64 Edition (KB971486)

Security Update for Windows Server 2003 for Itanium-based Systems (KB971486)

Security Update for Windows Server 2003 (KB971486)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-058.mspx

MS09-057
Severity Rating: Important
Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker set up a malicious Web page that invokes the Indexing Service through a call to its ActiveX component. This call could include a malicious URL and exploit the vulnerability, granting the attacker access to the client system with the privileges of the user browsing the Web page. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

Included Updates:

Security Update for Windows 2000 (KB969059)

Security Update for Windows XP x64 Edition (KB969059)

Security Update for Windows XP (KB969059)

Security Update for Windows Server 2003 x64 Edition (KB969059)

Security Update for Windows Server 2003 for Itanium-based Systems (KB969059)

Security Update for Windows Server 2003 (KB969059)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-057.mspx

MS09-056
Severity Rating: Important
Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)

Description:

This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7.

Included Updates:

Security Update for Windows 2000 (KB974571)

Security Update for Windows XP x64 Edition (KB974571)

Security Update for Windows XP (KB974571)

Security Update for Windows Vista for x64-based Systems (KB974571)

Security Update for Windows Vista (KB974571)

Security Update for Windows Server 2008 x64 Edition (KB974571)

Security Update for Windows Server 2008 R2 x64 Edition (KB974571)

Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB974571)

Security Update for Windows Server 2008 for Itanium-based Systems (KB974571)

Security Update for Windows Server 2008 (KB974571)

Security Update for Windows Server 2003 x64 Edition (KB974571)

Security Update for Windows Server 2003 for Itanium-based Systems (KB974571)

Security Update for Windows Server 2003 (KB974571)

Security Update for Windows 7 for x64-based Systems (KB974571)

Security Update for Windows 7 (KB974571)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-056.mspx

MS09-055
Severity Rating: Critical
Cumulative Security Update of ActiveX Kill Bits (973525)

Description:

This security update addresses a privately reported vulnerability that is common to multiple ActiveX controls and is currently being exploited. The vulnerability that affects ActiveX controls that were compiled using the vulnerable version of the Microsoft Active Template Library (ATL) could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2.

Included Updates:

Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB973525)

Security Update for ActiveX Killbits for Windows Server 2008 R2 for Itanium-based Systems (KB973525)

Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB973525)

Security Update for ActiveX Killbits for Windows 7 (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows XP x64 Edition (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows XP (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Server 2008 for Itanium-based Systems (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Server 2008 (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Server 2003 x64 Edition (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Server 2003 for Itanium-based Systems (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows Server 2003 (KB973525)

Cumulative Security Update for ActiveX Killbits for Windows 2000 (KB973525)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-055.mspx

MS09-054
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (974455)

Description:

This security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported releases of Internet Explorer: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7, and Internet Explorer 8.

Included Updates:

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista for x64-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 (KB974455)

Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB974455)

Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB974455)

Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB974455)

Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB974455)

Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB974455)

Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB974455)

Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB974455)

Security Update for Internet Explorer 8 for Windows 7 (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows XP (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows XP (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB974455)

Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 6 for Windows XP (KB974455)

Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB974455)

Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB974455)

Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB974455)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-054.mspx

MS09-053
Severity Rating: Important
Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)

Description:

This security update resolves two publicly disclosed vulnerabilities in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, Microsoft Internet Information Services (IIS) 6.0, and Microsoft Internet Information Services (IIS) 7.0. On IIS 7.0, only FTP Service 6.0 is affected. The vulnerabilities could allow remote code execution (RCE) on systems running FTP Service on IIS 5.0, or denial of service (DoS) on systems running FTP Service on IIS 5.0, IIS 5.1, IIS 6.0 or IIS 7.0. This security update is rated Important for IIS 5.0; IIS 5.1; IIS 6.0; and FTP Service 6.0 on IIS 7.0.

Included Updates:

Security Update for Windows 2000 (KB975254)

Security Update for Windows XP x64 Edition (KB975254)

Security Update for Windows XP (KB975254)

Security Update for Windows Vista for x64-based Systems (KB975254)

Security Update for Windows Vista (KB975254)

Security Update for Windows Server 2008 x64 Edition (KB975254)

Security Update for Windows Server 2008 for Itanium-based Systems (KB975254)

Security Update for Windows Server 2008 (KB975254)

Security Update for Windows Server 2003 x64 Edition (KB975254)

Security Update for Windows Server 2003 for Itanium-based Systems (KB975254)

Security Update for Windows Server 2003 (KB975254)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-053.mspx

MS09-052
Severity Rating: Critical
Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)

Description:

This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if a specially crafted ASF file is played using Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Microsoft Windows Media Player 6.4 when installed on all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

Included Updates:

Security Update for Windows XP x64 Edition (KB974112)

Security Update for Windows XP (KB974112)

Security Update for Windows Server 2003 x64 Edition (KB974112)

Security Update for Windows Server 2003 (KB974112)

Security Update for Windows 2000 (KB974112)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-052.mspx

MS09-051
Severity Rating: Critical
Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)

Description:

This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager on supported editions of Microsoft Windows 2000; Windows XP; Windows Server 2003, except for Itanium-based editions; Windows Vista; and Windows Server 2008, except for Itanium-based editions.

Included Updates:

Security Update for Windows XP x64 Edition (KB975025)

Security Update for Windows XP (KB975025)

Security Update for Windows Server 2003 x64 Edition (KB975025)

Security Update for Windows Server 2003 (KB975025)

Security Update for Windows Media Player 9 for Windows 2000 (KB975025)

Security Update for Windows Media Format Runtime 9.5 for Windows Server 2003 (KB954155)

Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155)

Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 2 (KB954155)

Security Update for Windows Media Format Runtime 9 for Windows 2000 (KB954155)

Security Update for Windows Media Format Runtime 11 for Windows Vista for x64-based Systems (KB954155)

Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155)

Security Update for Windows Media Format Runtime 11 for Windows Server 2008 x64 Edition (KB954155)

Security Update for Windows Media Format Runtime 11 for Windows Server 2008 (KB954155)

Security Update for 64-bit Windows Media Format Runtime 9.5 for Windows XP x64 Edition and Windows Server 2003 x64 Edition (KB954155)

Security Update for 32-bit Windows Media Format Runtime 9.5 for Windows XP x64 Edition (KB954155)

Security Update for 32-bit Windows Media Format Runtime 9.5 for Windows Server 2003 x64 Edition (KB954155)

Security Update for 32-bit Windows Media Format Runtime 11 for Windows XP x64 Edition (KB954155)

Security Update for Windows XP x64 Edition and Windows 2003 x64 Edition (KB969878)

Security Update for Windows 2000, Windows XP and Windows 2003 (KB969878)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-051.mspx

MS09-050
Severity Rating: Critical
Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)

Description:

This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. This security update is rated Critical for supported editions of Windows Vista and Windows Server 2008.

Included Updates:

Security Update for Windows Server 2008 for Itanium-based Systems (KB975517)

Security Update for Windows Vista for x64-based Systems (KB975517)

Security Update for Windows Vista (KB975517)

Security Update for Windows Server 2008 x64 Edition (KB975517)

Security Update for Windows Server 2008 (KB975517)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS09-050.mspx

Note

The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
A list of bulletins supported by GFI LANguard can be found in the following page:
http://www.gfi.com/lannetscan/msfullreport.htm