Microsoft Windows and Internet Explorer Vulnerabilities

Original release date: July 28, 2009
Last revised: --
Source: US-CERT

Systems Affected

• Microsoft Windows
• Microsoft Internet Explorer
• Microsoft Visual Studio and C++ Redistributable Package
• ActiveX controls from multiple vendors

Overview

Microsoft has released out-of-band updates to address critical vulnerabilities in Microsoft Windows, Internet Explorer, and Visual Studio.

Solution

Install updates

The updates to address these vulnerabilities are available on the Microsoft Update site (requires Internet Explorer). We recommend enabling Automatic Updates.

Description

Microsoft has released out-of-band updates to address critical vulnerabilities in Microsoft Windows and Internet Explorer. Microsoft has also released updates for Microsoft Visual Studio and other software development tools.

By convincing you to view a specially crafted HTML document (e.g., a Web page, HTML email message, or HTML attachment), an attacker could exploit these vulnerabilities to take control of your computer.

References

• Technical Cyber Security Alert TA09-209A - <http://www.us-cert.gov/cas/techalerts/TA09-209A.html>
• Protect Your Computer: Active Template Library, Security Updates - <http://www.microsoft.com/security/atl.aspx>
• Microsoft Update - <https://update.microsoft.com/>
• Microsoft Update overview - <http://www.microsoft.com/security/updates/mu.aspx>

---

Feedback can be directed to US-CERT.

---

Produced 2009 by US-CERT, a government organization. Terms of use

Revision History

July 28, 2009: Initial release