• Home
  • Et Cetera

Infosecurity.US

Microsoft Releases Critical Internet Explorer Vulnerability Hotfix

By Marc Handelman on November 5th, 2009

Windows

News, of Microsoft Corporation’s (NasdaqGS: MSFT) update to the Redmond, WA based software leviathan’s Internet Explorer web browser. All versions (you name it…from IE5.01 to IE8!) are affected with this rather pernicious Remote Code Execution foible. More information, including appropriate linkage, appears after the jump.

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

********************************************************************

Title: Microsoft Security Bulletin Major Revisions
Issued: November 2, 2009
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS09-054 – Critical

Bulletin Information:
=====================

* MS09-054 – Critical

- http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx
- Reason for Revision: V2.0 (November 2, 2009): Revised to announce the availability of a hotfix to address application compatibility issues. Customers who have already applied this update may install the hotfix from Microsoft Knowledge Base Article 976749. Also corrected the log file names, spuninst folder names, and registry key values for Microsoft Windows 2000.
- Originally posted: October 13, 2009
- Updated: November 2, 2009
- Bulletin Severity Rating: Critical
- Version: 2.0

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

—–BEGIN PGP SIGNATURE—–
Version: PGP Desktop 9.9.0 (Build 397)
Charset: utf-8

wsFVAwUBSu9Wv2A17vDdGxdTAQgvqA/+I4xAoYTfj3p1CmmgfptyUd00xufpm3c2
iVkVpO5f69B92KyMFOyWVmWuiHn87iVLmD1krDJCBiUUqfIBLgQAhWnU2AdEZbGp
1kxpHwXkyE9+pNR/jaJJXhhn34rHw/L/+zxqcQOdC2vvLnchkDbEvBQn8s4CSs0R
95g5izmBDYD6Gvq6yQhwHK5aCs+ro+iZEqq/pozoWH8xWXU8gnjqae52zqDkGj3w
KfcnfxhorQN4eo22UwEZ8zVmSV0QiuGgRGNrCR+nC9QVXVEvtzZhLaS8y+OoG7ST
R8vhodVfhdDxeb0aT+XYqvI/8rDDfu4aldgywNThOd5X/PNAITgwqpryy1rWyRtV
J8mBpxJnb9u8t395mlyzytgaUkYpndYsKmMHZwV4wdKKH0go4BCgcPQT1xz+7yjf
0q6mVBGpuLQgCY87lRN6XQb2XjkhlwrM4eA5j6Yjyv+Yn2kMKh2Sb4pztc+1hPsb
D//06BHAvcZ/FS1bjG40W1Yw+tNV11yfUkYDEKKgcLMZNL57fY6Y0/2gU4zSh9dc
jUgAGeHkiZsfWsm52dH4ddTvQXG5MAXxSqqd+cvwfZdFtdzL8UuzxF8OHvN2w3D4
JedmY4Col2z3fqPeZd83DVwk/JSD2JDcj5LD+8Fm/CPiP1nz8OSowT4+HQ7D2Z4K
T6r7Ss0rg7w=
=zVWL
—–END PGP SIGNATURE—–

Categories: Infosecurity
Tags: Microsoft Hotfixes

Related Headlines

    Related posts:

    1. Out-of-Band Security Patch for Microsoft IE 7 Critical Vulnerability Announced
    2. Microsoft Releases Out-of-Band August 2010 Advance Security Bulletin Notification
    3. Microsoft Releases September Security Notification
    4. Microsoft PatchTuesday – Coming To A Computer Near You…
    5. US-CERT: Microsoft Critical Security Patches Released

Comments are closed.

« Ranum: Cloud Computing – The Moistness XKCD: Lego »
  • Latest
  • Random
  • Bookmarks
  • Archives
  • Steve Benson: Persian Lights…
  • New, Pernicious BotNet Emerges
  • VMWare Announces ESX Console Security Update
  • Nick Anderson: Egg
  • Doppelgänger Infinitus
  • Robert Ariall: Iran For Cover
  • Data Leakage Wednesdays: Old Printer Vector
  • XKCD: Exoplanets
  • Apple Releases Magic Footpad, Raises Ante On Bipedal Computer Controls
  • Science Tuesday: Asteroidal Discoveries Mapped, 01980 – 02010
  • ENISA Releases New Ad Hoc Working Group Report
  • Say it Ain’t So… DOJ Joins Class Action Lawsuit, Oracle Charged With Fraud
  • FBI: Businessman Sentenced to Prison for Illegal Technology Transfer to India Government
  • Hoff Waxes Poetic: DNS Flaw In Verse
  • You Are Not A Facebook Customer, You Are Facebook Inventory
  • XKCD: Ducklings
  • Robert Ariail: P-Tooey
  • Large Number of Mac OSX Bug Fixes Anticipated In Point Release
  • Dilbert: International Overnight Delivery
  • Adobe Flash Exploit In The Wild
  • Apple
  • BSD
  • Closson
  • Darknet
  • Debian
  • Finnigan
  • ha.ckers
  • Hoff
  • Insecure
  • Krebs
  • Layer8
  • MSRC
  • Network Security Blog
  • NSA SEL
  • openSUSE
  • RedHat
  • SANS
  • Schneier
  • Security Eunoia
  • Securosis
  • Shimel
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
Subscribe

Featured Blog - Blogs.com SANS Security Reading Room KnotOriginal: fine art to hang on your body and walls Member - Security Bloggers Network

Dilbert

KnotOriginal

Featured Video

QOTD

RSS Security Bloggers Network

  • Two Wheel EV Recumbant: Zerotracer 2010/09/02 Davi Ottenheimer
  • Ben Franklin’s Endpoint Security Advice 2010/09/02 Jeff Hughes
  • Configuring Conditional SSH Connections 2010/09/02 Xavier
  • Truecrypt and USB drives 2010/09/02 always peace
  • LogChat Podcast 1: Anton Chuvakin and Andrew Hay Talk Logs 2010/09/02 Andrew Hay
  • Safe Web Surfing Rule # 1: READ the URL 2010/09/02 Tom Kelchner
  • Heartland Set To Pay Discover $5M For 2008 Data Breach 2010/09/02 spinman
  • User’s Opinions on Malware Infections 2010/09/02 spinman
  • Acunetix Web Vulnerability Scanner 7 Released 2010/09/02 spinman
  • LogChat Podcast 1: Anton Chuvakin and Andrew Hay Talk Logs 2010/09/02 Anton Chuvakin

RSS Cryptography

  • Monitor: Schrodinger's cat and mouse 2010/09/02
  • How to configure a Junos security device 2010/09/02
  • Net Effect: Hay-what? 2010/09/02
  • The Art of Proof 2010/09/02
  • Quantum crypto cracked, researchers say 2010/09/01

RSS SANS ISC

  • Microsoft EMETv2 released, (Thu, Sep 2nd) 2010/09/02
  • SDF, please!, (Thu, Sep 2nd) 2010/09/02
  • Month of Undisclosed 0-day Bugs, (Wed, Sep 1st) 2010/09/01
  • Microsoft issues updates to sysinternals ProcDump and Process Monitor: http://blogs.technet.com/b/sysinternals/archive/2010/08/30/updates-procdump-process-monitor-and-a-new-mark-s-blog-post.aspx, (Wed, Sep 1st) 2010/09/01
  • VMWARE releases 2 security advisories for ESX Service Console: http://lists.vmware.com/pipermail/security-announce/2010/000103.html and http://lists.vmware.com/pipermail/security-announce/2010/000104.html, (Wed, Sep 1st) 2010/09/01

RSS Oracle

  • Going to Oracle OpenWorld 2010? 2010/09/02
  • Automatic Time Zone support in Application Express 4.0 2010/09/02
  • EBS, Collaborate, Security, BPEL, OWB, Blog of Note, Hyperion, EPM, Burnout, WiFi 2010/09/02
  • Details of Tuxedo sessions at OOW 2010/09/02
  • JavaOne Preview on TechCast Live! (Tues., Sept. 7, 10am PT) 2010/09/02
  • links for 2010-09-02 2010/09/02
  • Join us for a Bersin & Associates Webcast - "Evolution of ERPs: Driving Business Value through Integrated Talent Management" 2010/09/02

RSS MySQL

  • Join MySQL at OSCON 2010/07/02
  • TechCast Live: Jono Bacon and Luke Kowalski on MySQL Community 2010/05/21
  • What's New in the MySQL Enterprise Spring 2010 Release? - Interview with Mark Matthews and Andy Bang 2010/05/17
  • Introduction to MySQL 5.5 2010/04/13
  • Why Should I Check Out a MySQL-Based Column Database ? 2010/02/12
  • A deep look at MySQL 5.5 partitioning enhancements 2009/12/24
  • Sun "Tech Days" Conference World Tour Kicks Off in Brazil 2009/12/07

RSS Linux

  • A Guide to Today's Top 10 Linux Distributions - NetworkWorld.com 2010/09/02
  • Embedded Linux Conference videos available - LWN.net 2010/09/02
  • Net Applications' iOS vs Linux Report Confuses Me - Muktware (blog) 2010/09/02
  • Cloudlinux Named Editor's Choice By Web Host Magazine & Buyer's Guide - PR Urgent 2010/09/02
  • Samsung's 3D TV remote let's you take the screen with you - Geek.com 2010/09/02

RSS MAC OSX

  • Samsung Reveals Half-Pint iPad, The Galaxy Tab 2010/09/02 Eli Milchman
  • Daily Deals: New nano, touch and Apple TV 2010/09/02 Ed Sutherland
  • iPhone 4 Coffee Table Gets You Better Reception Than iPod Table? 2010/09/02 Nicole Martinelli
  • Walkman Outsells iPods in Japan, Can Wristwatch Nano Change That? 2010/09/02 Nicole Martinelli
  • Amazon: Buy – Don’t Rent – 99-Cent Fox, ABC TV Episodes 2010/09/02 Ed Sutherland
  • Analyst: New Apple TV Rival for Cable’s Video-on-Demand 2010/09/02 Ed Sutherland
  • iTunes Ping And Facebook: What’s Going On? 2010/09/02 Giles Turnbull

RSS Microsoft

  • Update on Security Advisory 2269637 2010/08/31 MSRCTEAM
  • Microsoft Security Advisory 2269637 Released 2010/08/22 MSRCTEAM
  • August 2010 Webcast and QA 2010/08/12 MSRCTEAM
  • Update on the publicly disclosed Win32k.sys EoP Vulnerability 2010/08/10 MSRCTEAM
  • August 2010 Security Bulletin Release 2010/08/10 MSRCTEAM
  • August 2010 Bulletin Release Advance Notification 2010/08/05 MSRCTEAM
  • August 2010 Out-of-Band Security Release Webcast Q&A 2010/08/03 MSRCTEAM

RSS Network

  • How to get started with a blade system 2010/09/02
  • Opsview Community Edition review 2010/09/02
  • Cacti review 2010/09/02
  • Brocade adds 100G Ethernet to switch and router line 2010/09/02
  • Is Cisco making a play for Skype? 2010/08/31
  • Skype launches Skype Connect enterprise voice calling 2010/08/31
  • Sonos ZonePlayer S5 review 2010/08/25

Daily Posts

September 2010
S M T W T F S
« Aug    
 1234
567891011
12131415161718
19202122232425
2627282930  
Creative Commons License
The Infosecurity.US Blog is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Find the best blogs at Blogs.com.

Creative Commons Attribution-Share Alike 3.0 U.S. License ©2010 Infosecurity.US

Subscribe