Security Patch Update fixes a large number of Windows and Office vulnerabilities

After last month's PatchTuesday frenzied to fix 22 vulnerabilities, Microsoft's footsteps began to slow down, and next week will be the second Tuesday of the month, Microsoft released its November security patch update, fixed Of the 15 vulnerabilities in Windows, Windows Server, Office and other software, only 3 were rated as “critical”, 3 are “important”, others are to fix a large number of vulnerabilities involving Windows and Office platforms. Mainly solve the hidden dangers of DLLs from Microsoft Groove programs. This problem was discovered by security company Rapid7 as early as last year. It is estimated that Microsoft has done too much, and it has only been fixed until now.

In these 15 security bulletins, the MS09-065 announcement is the most critical. A total of 3 vulnerabilities in the Windows kernel have been fixed. One of the vulnerabilities can affect the Windows kernel's parsing of embedded OpenType fonts. This is the most critical because the vulnerability has been made public before Microsoft issued the announcement.

Jason Miller, head of data and security at Shavlik Technologies, said that an attacker could exploit this vulnerability to remotely execute malicious code and use embedded fonts to create a malicious web page that would allow an attacker to control a user's computer.

In addition, the MS09-063 security bulletin fixes a vulnerability in Windows Vista and Windows Server 2008 that can affect Web services in the Devices API (WSDAPI).

Finally, there is an MS09-064 security bulletin for fixing Windows kernel vulnerabilities that addresses a privately reported vulnerability in Windows 2000 that could allow an attacker to remotely execute arbitrary code and successfully exploit this vulnerability. The attacker can fully control the victim's system.

The following is the details of the November security bulletin released by Microsoft:

#1, Announcement Number: MS09-063(KB973565)

Details: MS09-063 Security Bulletin Fixed a privately reported vulnerability in the Windows Services Web Services on Devices Application Programming Interface (WSDAPI). This vulnerability could lead an attacker to execute arbitrary code remotely if the affected Windows system receives a specially crafted packet. However, only an attacker on the local subnet can exploit this vulnerability.

Security Level: Critical

Software Affected: 32-bit and 64-bit Windows Vista SP2/Server 2008 SP2

#2, Announcement No.: MS09-064 (KB974783)

Details: The MS09-064 security bulletin addresses a privately reported vulnerability in Windows 2000. If an attacker sends a specially crafted network message to a computer running an authorized login server (License Logging Server), the vulnerability could allow an attacker to remotely execute arbitrary code, and an attacker who successfully exploited the vulnerability could take complete control of the victim's system.

Security Level: Critical

Affected Software: Windows 2000 SP4

#3, Announcement Number: MS09-065(KB969947)

Details: MS09 The -065 security bulletin is the most critical announcement this time, and it addresses many of the secretly reported vulnerabilities in the Windows kernel. These vulnerabilities can allow an attacker to remotely execute arbitrary code if the user views content rendered in a specially crafted Embedded OpenType (EOT) font. In a web-based attack scenario, an attacker would have to host a website that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability.

Security Level: Critical

Affected Software: From Windows 2000 SP4 to Windows Vista SP2/Server 2008 SP2

#4, Announcement No.: MS09-066 (KB973309)

Details: The MS09-066 security bulletin addresses a privately reported vulnerability in Active Directory (AD) services, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Services (AD LDS). The vulnerability could allow denial of service if the stack space is exhausted during certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems that are configured to run ADAM or AD LDS.

Security Level: Important

Affected Software: Windows 2000 Server SP4/XP SP3/Server 2003 SP2/Server 2008 SP2

#5, Announcement No.: MS09-067 (KB972652)

Details: The MS09-067 security bulletin addresses many of the privately reported vulnerabilities in Office Excel. These vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user.

Security Level: Important

Affected Software: Office XP SP3/2003 SP3/2007 SP2, Office 2004/2008 for Mac, Office Excel Viewer

#6, Announcement No.: MS09-068(KB976307)

Details: The MS09-068 security bulletin addresses a privately reported vulnerability in Office Word. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker can then install programs; view, change, or delete data; or create new accounts with full user rights.

Security Level: Important

Affected Software: Office XP SP3/2003 SP3, Office 2004/2008 for Mac, Office Word Viewer.

Finally, it is worth noting that this security bulletin will not fix the IE vulnerability exploited in this year's Pwn2Own hacking conference. Therefore, different win vulnerabilities should be used in different ways. >